urlscan.io logo urlscan.io
SecurityTrails logo

www.themarysue.com Open in urlscan Pro
104.18.21.177  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.themarysue.com/
Effective URL: https://www.themarysue.com/
Submission: On June 07 via manual from AU — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 140 IPs in 12 countries across 140 domains to perform 652 HTTP transactions. The main IP is 104.18.21.177, located in and belongs to CLOUDFLARENET, US. The main domain is www.themarysue.com. The Cisco Umbrella rank of the primary domain is 146667.
TLS certificate: Issued by E1 on May 2nd 2023. Valid for: 3 months.
This is the only time www.themarysue.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 33 104.18.21.177 13335 (CLOUDFLAR...)
2 13.226.121.109 16509 (AMAZON-02)
1 139.180.203.10 20473 (AS-CHOOPA)
14 108.177.97.154 15169 (GOOGLE)
3 74.125.204.97 15169 (GOOGLE)
5 104.18.20.206 13335 (CLOUDFLAR...)
2 192.0.76.3 2635 (AUTOMATTIC)
1 151.139.128.10 20446 (STACKPATH...)
1 2 104.16.123.175 13335 (CLOUDFLAR...)
4 35.244.133.240 15169 (GOOGLE)
2 4 13.226.120.66 16509 (AMAZON-02)
2 157.240.235.1 32934 (FACEBOOK)
1 1 151.101.0.134 54113 (FASTLY)
5 199.232.192.134 54113 (FASTLY)
1 13.224.167.17 16509 (AMAZON-02)
19 34.160.152.31 396982 (GOOGLE-CL...)
1 19 54.192.18.66 16509 (AMAZON-02)
1 35.190.59.101 15169 (GOOGLE)
2 35.201.67.47 396982 (GOOGLE-CL...)
2 35.190.91.160 15169 (GOOGLE)
2 34.120.157.206 396982 (GOOGLE-CL...)
5 64.233.187.156 15169 (GOOGLE)
3 64.233.189.101 15169 (GOOGLE)
3 3.222.109.236 14618 (AMAZON-AES)
13 151.101.129.44 54113 (FASTLY)
1 104.21.76.254 13335 (CLOUDFLAR...)
2 13.107.213.71 8075 (MICROSOFT...)
1 54.192.18.72 16509 (AMAZON-02)
15 32 13.224.167.7 16509 (AMAZON-02)
2 34.111.152.239 396982 (GOOGLE-CL...)
2 172.64.153.246 13335 (CLOUDFLAR...)
6 74.125.203.155 15169 (GOOGLE)
1 1 104.26.9.50 13335 (CLOUDFLAR...)
1 172.67.70.134 13335 (CLOUDFLAR...)
1 104.22.53.173 13335 (CLOUDFLAR...)
1 54.192.18.24 16509 (AMAZON-02)
1 216.239.34.181 15169 (GOOGLE)
2 64.233.188.157 15169 (GOOGLE)
4 64.233.188.94 15169 (GOOGLE)
10 104.22.4.69 13335 (CLOUDFLAR...)
11 142.251.8.157 15169 (GOOGLE)
4 142.251.12.103 15169 (GOOGLE)
2 104.26.3.70 13335 (CLOUDFLAR...)
1 142.250.157.148 15169 (GOOGLE)
7 20.114.189.135 8075 (MICROSOFT...)
4 64.233.188.154 15169 (GOOGLE)
4 74.125.23.155 15169 (GOOGLE)
5 182.161.73.136 55569 (CRITEO-AS...)
5 141.226.124.48 200478 (TABOOLA-AS)
2 130.211.23.194 15169 (GOOGLE)
2 2 124.146.215.43 2514 (INFOSPHER...)
2 12 141.226.229.48 200478 (TABOOLA-AS)
2 2 3.120.85.171 16509 (AMAZON-02)
1 23.106.127.53 59253 (LEASEWEB-...)
10 14 69.173.158.64 26667 (RUBICONPR...)
5 7 52.77.136.156 16509 (AMAZON-02)
1 1 35.208.249.213 19527 (GOOGLE-2)
16 38 173.194.174.154 15169 (GOOGLE)
23 67.199.150.86 62713 (AS-PUBMATIC)
13 15 15.197.193.217 16509 (AMAZON-02)
1 13 69.175.41.15 32475 (SINGLEHOP...)
1 74.214.196.131 19189 (PULSEPOINT)
1 23.106.127.38 59253 (LEASEWEB-...)
1 2 182.161.73.146 55569 (CRITEO-AS...)
19 20 35.213.12.39 15169 (GOOGLE)
1 1 146.0.227.110 29066 (VELIANET-...)
2 2 3.120.3.26 16509 (AMAZON-02)
5 26 34.98.64.218 396982 (GOOGLE-CL...)
6 15 52.223.2.229 16509 (AMAZON-02)
2 2 52.206.38.106 14618 (AMAZON-AES)
1 2 203.195.121.141 7979 (SERVERS-COM)
1 82.145.213.8 39832 (NO-OPERA)
4 4 98.98.134.242 21859 (ZEN-ECN)
4 34.160.128.112 396982 (GOOGLE-CL...)
5 13.224.153.155 ()
3 5 103.229.10.247 16509 (AMAZON-02)
1 34.102.146.192 ()
3 182.161.73.129 ()
2 104.22.52.86 ()
1 151.101.65.229 ()
1 34.96.70.87 ()
1 54.192.18.65 ()
10 34.107.140.113 396982 (GOOGLE-CL...)
1 13.226.120.104 16509 (AMAZON-02)
3 74.125.203.132 15169 (GOOGLE)
1 42.99.140.216 ()
4 52.198.69.30 16509 (AMAZON-02)
2 207.65.33.78 62713 (AS-PUBMATIC)
1 72.34.250.77 27630 (AS-XFERNET)
1 34.120.63.153 396982 (GOOGLE-CL...)
1 35.213.117.18 15169 (GOOGLE)
17 172.66.42.247 13335 (CLOUDFLAR...)
3 74.125.23.95 15169 (GOOGLE)
8 104.65.228.208 16625 (AKAMAI-AS)
11 54.192.18.43 16509 (AMAZON-02)
4 4 35.214.239.95 15169 (GOOGLE)
2 9 139.5.84.243 ()
4 5 13.228.126.19 16509 (AMAZON-02)
2 2 3.221.215.100 ()
2 2 184.51.96.11 ()
3 3 209.191.163.210 32475 (SINGLEHOP...)
1 1 96.17.72.26 ()
1 1 80.77.87.163 ()
1 2 23.106.127.39 ()
1 1 37.157.2.234 ()
1 1 54.251.167.151 ()
2 15 142.251.8.132 15169 (GOOGLE)
5 64.233.187.139 15169 (GOOGLE)
4 142.250.157.102 15169 (GOOGLE)
1 108.177.97.100 15169 (GOOGLE)
1 142.251.8.101 15169 (GOOGLE)
1 1 18.182.162.148 16509 (AMAZON-02)
1 1 107.23.98.28 14618 (AMAZON-AES)
1 1 103.3.63.48 63949 (AKAMAI-LI...)
1 1 18.176.234.133 16509 (AMAZON-02)
2 2 54.192.18.94 16509 (AMAZON-02)
1 2 23.73.13.34 16625 (AKAMAI-AS)
4 4 103.229.206.240 30419 (MEDIAMATH...)
1 1 18.177.128.84 16509 (AMAZON-02)
2 3 35.186.253.211 15169 (GOOGLE)
3 3 50.116.239.135 6336 (TURN-US-ASN)
2 2 54.192.18.68 16509 (AMAZON-02)
1 7 18.142.188.55 16509 (AMAZON-02)
1 34.249.124.14 16509 (AMAZON-02)
3 207.65.33.83 62713 (AS-PUBMATIC)
5 172.217.194.94 15169 (GOOGLE)
1 151.101.1.108 54113 (FASTLY)
1 104.18.11.47 13335 (CLOUDFLAR...)
4 23.39.5.30 16625 (AKAMAI-AS)
1 1 23.108.98.2 ()
8 9 104.254.148.252 29990 (ASN-APPNEX)
2 3.114.50.162 16509 (AMAZON-02)
2 220.150.223.50 4686 (BEKKOAME ...)
1 1 198.8.71.130 54312 (ROCKETFUEL)
2 3 151.101.194.49 54113 (FASTLY)
1 1 18.138.18.111 16509 (AMAZON-02)
1 2 35.186.193.173 15169 (GOOGLE)
1 1 52.220.229.2 16509 (AMAZON-02)
1 1 172.104.45.159 63949 (AKAMAI-LI...)
2 2 52.74.118.249 16509 (AMAZON-02)
1 2 104.18.25.173 13335 (CLOUDFLAR...)
1 195.5.165.20 44968 (IPROM-AS)
2 8.18.47.7 398989 (DEEPINTENT)
4 6 34.111.113.62 396982 (GOOGLE-CL...)
2 3 3.0.235.178 16509 (AMAZON-02)
3 3 35.247.47.28 396982 (GOOGLE-CL...)
1 1 51.68.39.188 16276 (OVH)
1 4 67.199.150.85 62713 (AS-PUBMATIC)
2 3 185.84.60.20 198622 (ADFORM)
6 6 89.207.22.76 399104 (CNVR-APAC)
1 1 34.102.253.54 396982 (GOOGLE-CL...)
1 1 104.254.151.68 29990 (ASN-APPNEX)
1 3 13.107.42.14 8068 (MICROSOFT...)
2 2 35.213.93.179 15169 (GOOGLE)
1 13.107.21.200 8068 (MICROSOFT...)
3 3 50.31.142.159 23352 (SERVERCEN...)
1 1 104.69.166.9 16625 (AKAMAI-AS)
16 16 74.118.186.107 6336 (TURN-US-ASN)
2 3 52.95.126.160 16509 (AMAZON-02)
2 21 52.46.128.147 16509 (AMAZON-02)
3 162.19.138.118 16276 (OVH)
1 34.120.155.137 396982 (GOOGLE-CL...)
1 13.251.138.231 16509 (AMAZON-02)
2 162.19.138.120 16276 (OVH)
3 3 13.213.158.5 16509 (AMAZON-02)
2 3 35.190.60.146 15169 (GOOGLE)
2 2 107.178.254.65 15169 (GOOGLE)
1 1 34.98.67.3 396982 (GOOGLE-CL...)
3 3 18.177.86.134 16509 (AMAZON-02)
2 2 8.43.72.97 26667 (RUBICONPR...)
1 2 69.173.144.139 26667 (RUBICONPR...)
1 1 18.143.30.9 16509 (AMAZON-02)
1 34.96.105.8 396982 (GOOGLE-CL...)
1 1 18.177.11.95 16509 (AMAZON-02)
1 151.101.193.44 54113 (FASTLY)
1 141.226.224.32 ()
1 13.224.167.49 ()
1 34.120.107.143 ()
2 35.190.39.111 ()
2 2 35.74.46.191 ()
2 54.230.87.112 ()
2 52.206.96.191 ()
1 23.202.140.104 ()
2 54.169.214.108 ()
1 2 52.59.86.212 ()
1 2 67.202.105.32 ()
1 3 51.89.9.253 ()
1 1 72.34.250.75 ()
1 2 67.199.150.82 ()
652 140
33    104.18.21.177 (None, )

ASN13335 (CLOUDFLARENET, US)
www.themarysue.com
2    13.226.121.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-121-109.hkg62.r.cloudfront.net
static.chartbeat.com
1    139.180.203.10 (Japan)

ASN20473 (AS-CHOOPA, US)
PTR: haproxyfe1.production.nrt.vultr.georiot.com
geniuslinkcdn.com
14    108.177.97.154 (United States)

ASN15169 (GOOGLE, US)
PTR: tm-in-f154.1e100.net
pagead2.googlesyndication.com
partner.googleadservices.com
3    74.125.204.97 (United States)

ASN15169 (GOOGLE, US)
PTR: ti-in-f97.1e100.net
www.googletagmanager.com
5    104.18.20.206 (None, )

ASN13335 (CLOUDFLARENET, US)
a.pub.network
2    192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
1    151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net
s.skimresources.com
2    104.16.123.175 (None, )

ASN13335 (CLOUDFLARENET, US)
unpkg.com
4    35.244.133.240 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 240.133.244.35.bc.googleusercontent.com
skisofa.com
4    13.226.120.66 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-120-66.hkg62.r.cloudfront.net
sb.scorecardresearch.com
2    157.240.235.1 (Singapore)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-04-sin6.fbcdn.net
connect.facebook.net
1    151.101.0.134 (United States)

ASN54113 (FASTLY, US)
disqus.com
5    199.232.192.134 (United States)

ASN54113 (FASTLY, US)
themarysue.disqus.com
1    13.224.167.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-167-17.hkg54.r.cloudfront.net
static.hotjar.com
19    34.160.152.31 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 31.152.160.34.bc.googleusercontent.com
d.pub.network
c.pub.network
19    54.192.18.66 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-18-66.hkg62.r.cloudfront.net
cmp.quantcast.com
sync.intentiq.com
sync1.intentiq.com
1    35.190.59.101 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 101.59.190.35.bc.googleusercontent.com
r.skimresources.com
2    35.201.67.47 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 47.67.201.35.bc.googleusercontent.com
t.skimresources.com
2    35.190.91.160 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 160.91.190.35.bc.googleusercontent.com
p.skimresources.com
2    34.120.157.206 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 206.157.120.34.bc.googleusercontent.com
spc.themarysue.com
5    64.233.187.156 (United States)

ASN15169 (GOOGLE, US)
PTR: tj-in-f156.1e100.net
googleads.g.doubleclick.net
3    64.233.189.101 (United States)

ASN15169 (GOOGLE, US)
PTR: tl-in-f101.1e100.net
www.google-analytics.com
3    3.222.109.236 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-222-109-236.compute-1.amazonaws.com
ping.chartbeat.net
13    151.101.129.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
match.taboola.com
1    104.21.76.254 (None, )

ASN13335 (CLOUDFLARENET, US)
geoip.gamurs.workers.dev
2    13.107.213.71 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
1    54.192.18.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-18-72.hkg62.r.cloudfront.net
static.adsafeprotected.com
32    13.224.167.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-167-7.hkg54.r.cloudfront.net
live.primis.tech
2    34.111.152.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.152.111.34.bc.googleusercontent.com
optimise.net
2    172.64.153.246 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.confiant-integrations.net
6    74.125.203.155 (United States)

ASN15169 (GOOGLE, US)
PTR: th-in-f155.1e100.net
www.googletagservices.com
1    104.26.9.50 (None, )

ASN13335 (CLOUDFLARENET, US)
freestar-io.videoplayerhub.com
1    172.67.70.134 (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
1    104.22.53.173 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.hadronid.net
1    54.192.18.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-18-24.hkg62.r.cloudfront.net
script.hotjar.com
1    216.239.34.181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
2    64.233.188.157 (United States)

ASN15169 (GOOGLE, US)
PTR: tk-in-f157.1e100.net
stats.g.doubleclick.net
4    64.233.188.94 (United States)

ASN15169 (GOOGLE, US)
PTR: tk-in-f94.1e100.net
www.google.com.au
www.gstatic.com
10    104.22.4.69 (None, )

ASN13335 (CLOUDFLARENET, US)
id.hadron.ad.gt
11    142.251.8.157 (United States)

ASN15169 (GOOGLE, US)
PTR: tb-in-f157.1e100.net
securepubads.g.doubleclick.net
4    142.251.12.103 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f103.1e100.net
www.google.com
2    104.26.3.70 (None, )

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
1    142.250.157.148 (United States)

ASN15169 (GOOGLE, US)
PTR: ta-in-f148.1e100.net
ad.doubleclick.net
7    20.114.189.135 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
v.clarity.ms
4    64.233.188.154 (United States)

ASN15169 (GOOGLE, US)
PTR: tk-in-f154.1e100.net
adservice.google.com.au
4    74.125.23.155 (United States)

ASN15169 (GOOGLE, US)
PTR: tg-in-f155.1e100.net
adservice.google.com
5    182.161.73.136 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
gum.criteo.com
5    141.226.124.48 (Chicago, United States)

ASN200478 (TABOOLA-AS, IL)
ch-trc-events.taboola.com
2    130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
2    124.146.215.43 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
12    141.226.229.48 (Singapore)

ASN200478 (TABOOLA-AS, IL)
sync.taboola.com
sync-t1.taboola.com
2    3.120.85.171 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-85-171.eu-central-1.compute.amazonaws.com
ih.adscale.de
1    23.106.127.53 (Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ssbsync.smartadserver.com
14    69.173.158.64 (Singapore)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
7    52.77.136.156 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-77-136-156.ap-southeast-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
1    35.208.249.213 (Council Bluffs, United States)

ASN19527 (GOOGLE-2, US)
PTR: 213.249.208.35.bc.googleusercontent.com
trace.mediago.io
38    173.194.174.154 (United States)

ASN15169 (GOOGLE, US)
PTR: td-in-f154.1e100.net
cm.g.doubleclick.net
23    67.199.150.86 (Singapore)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
image2.pubmatic.com
15    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
data.adsrvr.org
13    69.175.41.15 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: sovrn-193627-chi03-placeholder
ce.lijit.com
1    74.214.196.131 (Sunnyvale, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    23.106.127.38 (Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
rtb-csync.smartadserver.com
2    182.161.73.146 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
dis.criteo.com
20    35.213.12.39 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com
x.bidswitch.net
1    146.0.227.110 (Ascension Island)

ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE)
inv-nets.admixer.net
2    3.120.3.26 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-3-26.eu-central-1.compute.amazonaws.com
rtb.mfadsrvr.com
26    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
u.openx.net
us-u.openx.net
jp-u.openx.net
google-bidout-d.openx.net
eu-u.openx.net
15    52.223.2.229 (United States)

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com
eb2.3lift.com
2    52.206.38.106 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-206-38-106.compute-1.amazonaws.com
sync.srv.stackadapt.com
2    203.195.121.141 (Singapore)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
1    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
4    98.98.134.242 (United States)

ASN21859 (ZEN-ECN, US)
pixel-sync.sitescout.com
4    34.160.128.112 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 112.128.160.34.bc.googleusercontent.com
api.floors.dev
5    13.224.153.155 (None, )

ASN- ()
c.amazon-adsystem.com
5    103.229.10.247 (Singapore)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
1    34.102.146.192 (None, )

ASN- ()
oa.openxcdn.net
3    182.161.73.129 (None, )

ASN- ()
static.criteo.net
2    104.22.52.86 (None, )

ASN- ()
cdn.id5-sync.com
1    151.101.65.229 (None, )

ASN- ()
cdn.jsdelivr.net
1    34.96.70.87 (None, )

ASN- ()
invstatic101.creativecdn.com
1    54.192.18.65 (None, )

ASN- ()
tags.crwdcntrl.net
10    34.107.140.113 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 113.140.107.34.bc.googleusercontent.com
s2s.t13.io
1    13.226.120.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-120-104.hkg62.r.cloudfront.net
api.intentiq.com
3    74.125.203.132 (United States)

ASN15169 (GOOGLE, US)
PTR: th-in-f132.1e100.net
f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com
1    42.99.140.216 (None, )

ASN- ()
qsearch-a.akamaihd.net
4    52.198.69.30 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-198-69-30.ap-northeast-1.compute.amazonaws.com
g2.gumgum.com
2    207.65.33.78 (United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    72.34.250.77 (Beaumont, United States)

ASN27630 (AS-XFERNET, US)
apex.go.sonobi.com
1    34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com
prebid.media.net
1    35.213.117.18 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 18.117.213.35.bc.googleusercontent.com
grid.bidswitch.net
17    172.66.42.247 (United States)

ASN13335 (CLOUDFLARENET, US)
resources.infolinks.com
router.infolinks.com
rt3006.infolinks.com
3    74.125.23.95 (United States)

ASN15169 (GOOGLE, US)
PTR: tg-in-f95.1e100.net
fonts.googleapis.com
8    104.65.228.208 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a104-65-228-208.deploy.static.akamaitechnologies.com
ads.pubmatic.com
11    54.192.18.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-18-43.hkg62.r.cloudfront.net
video.primis.tech
4    35.214.239.95 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 95.239.214.35.bc.googleusercontent.com
csync.loopme.me
9    139.5.84.243 (None, )

ASN- ()
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
5    13.228.126.19 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-228-126-19.ap-southeast-1.compute.amazonaws.com
ups.analytics.yahoo.com
pixel.advertising.com
2    3.221.215.100 (None, )

ASN- ()
mb9eo.publishers.tremorhub.com
2    184.51.96.11 (None, )

ASN- ()
cs.media.net
3    209.191.163.210 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
1    96.17.72.26 (None, )

ASN- ()
ads.stickyadstv.com
1    80.77.87.163 (None, )

ASN- ()
cs.admanmedia.com
2    23.106.127.39 (None, )

ASN- ()
ssbsync-global.smartadserver.com
1    37.157.2.234 (None, )

ASN- ()
cm.adform.net
1    54.251.167.151 (None, )

ASN- ()
match.sharethrough.com
15    142.251.8.132 (United States)

ASN15169 (GOOGLE, US)
PTR: tb-in-f132.1e100.net
tpc.googlesyndication.com
5    64.233.187.139 (United States)

ASN15169 (GOOGLE, US)
PTR: tj-in-f139.1e100.net
encrypted-tbn3.gstatic.com
4    142.250.157.102 (United States)

ASN15169 (GOOGLE, US)
PTR: ta-in-f102.1e100.net
encrypted-tbn0.gstatic.com
1    108.177.97.100 (United States)

ASN15169 (GOOGLE, US)
PTR: tm-in-f100.1e100.net
encrypted-tbn2.gstatic.com
1    142.251.8.101 (United States)

ASN15169 (GOOGLE, US)
PTR: tb-in-f101.1e100.net
encrypted-tbn1.gstatic.com
1    18.182.162.148 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-182-162-148.ap-northeast-1.compute.amazonaws.com
v9999.adv.admeme.net
1    107.23.98.28 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-23-98-28.compute-1.amazonaws.com
fksnk.com
1    103.3.63.48 (Singapore)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li819-48.members.linode.com
a.c.appier.net
1    18.176.234.133 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-176-234-133.ap-northeast-1.compute.amazonaws.com
cs.r-ad.ne.jp
2    54.192.18.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-18-94.hkg62.r.cloudfront.net
s.ad.smaato.net
2    23.73.13.34 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-73-13-34.deploy.static.akamaitechnologies.com
sync.teads.tv
4    103.229.206.240 (Singapore)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    18.177.128.84 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-177-128-84.ap-northeast-1.compute.amazonaws.com
dynalyst-sync.adtdp.com
3    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
3    50.116.239.135 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
2    54.192.18.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-18-68.hkg62.r.cloudfront.net
cr-p3.ladsp.com
7    18.142.188.55 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-142-188-55.ap-southeast-1.compute.amazonaws.com
ads.yieldmo.com
1    34.249.124.14 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-124-14.eu-west-1.compute.amazonaws.com
hb.minutemedia-prebid.com
3    207.65.33.83 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
5    172.217.194.94 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f94.1e100.net
fonts.gstatic.com
1    151.101.1.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
1    104.18.11.47 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
4    23.39.5.30 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-39-5-30.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    23.108.98.2 (None, )

ASN- ()
sync.aralego.com
9    104.254.148.252 (Los Angeles, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
ib.adnxs.com
2    3.114.50.162 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-114-50-162.ap-northeast-1.compute.amazonaws.com
dps.jp.cinarra.com
2    220.150.223.50 (Japan)

ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP)
PTR: 50.223.150.220.in-addr.arpa
sync-dsp.ad-m.asia
1    198.8.71.130 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
3    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    18.138.18.111 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-138-18-111.ap-southeast-1.compute.amazonaws.com
cm.ambientdsp.com
2    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
1    52.220.229.2 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-220-229-2.ap-southeast-1.compute.amazonaws.com
cm-supply-web.gammaplatform.com
1    172.104.45.159 (Singapore)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1625-159.members.linode.com
gocm.c.appier.net
2    52.74.118.249 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-118-249.ap-southeast-1.compute.amazonaws.com
cm.adgrx.com
2    104.18.25.173 (None, )

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
2    8.18.47.7 (Miami, United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
apsoutheast-match.deepintent.com
6    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
3    3.0.235.178 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-0-235-178.ap-southeast-1.compute.amazonaws.com
sync.crwdcntrl.net
3    35.247.47.28 (The Dalles, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 28.47.247.35.bc.googleusercontent.com
um.simpli.fi
1    51.68.39.188 (France)

ASN16276 (OVH, FR)
PTR: ns3129809.ip-51-68-39.eu
dsp.nrich.ai
4    67.199.150.85 (Singapore)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
3    185.84.60.20 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
6    89.207.22.76 (Singapore)

ASN399104 (CNVR-APAC, US)
PTR: sin01-nessy-float2.dotomi.com
pubmatic-match.dotomi.com
openx2-match.dotomi.com
yieldmo-match.dotomi.com
1    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
1    104.254.151.68 (Los Angeles, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
secure.adnxs.com
3    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
2    35.213.93.179 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 179.93.213.35.bc.googleusercontent.com
a.sportradarserving.com
1    13.107.21.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
3    50.31.142.159 (Itasca, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
1    104.69.166.9 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a104-69-166-9.deploy.static.akamaitechnologies.com
stags.bluekai.com
16    74.118.186.107 (Singapore)

ASN6336 (TURN-US-ASN, US)
sync.1rx.io
sync.targeting.unrulymedia.com
usermatch.targeting.unrulymedia.com
3    52.95.126.160 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
21    52.46.128.147 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
3    162.19.138.118 (France)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu
id5-sync.com
1    34.120.155.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.155.120.34.bc.googleusercontent.com
api.rlcdn.com
1    13.251.138.231 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-251-138-231.ap-southeast-1.compute.amazonaws.com
id.crwdcntrl.net
2    162.19.138.120 (France)

ASN16276 (OVH, FR)
PTR: ns31533571.ip-162-19-138.eu
lb.eu-1-id5-sync.com
3    13.213.158.5 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-213-158-5.ap-southeast-1.compute.amazonaws.com
pm.w55c.net
3    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
idsync.rlcdn.com
2    107.178.254.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
1    34.98.67.3 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 3.67.98.34.bc.googleusercontent.com
tags.rd.linksynergy.com
3    18.177.86.134 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-177-86-134.ap-northeast-1.compute.amazonaws.com
match.prod.bidr.io
2    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
2    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
1    18.143.30.9 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-143-30-9.ap-southeast-1.compute.amazonaws.com
i.w55c.net
1    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
1    18.177.11.95 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-177-11-95.ap-northeast-1.compute.amazonaws.com
bk.r-ad.ne.jp
1    151.101.193.44 (United States)

ASN54113 (FASTLY, US)
pips.taboola.com
1    141.226.224.32 (None, )

ASN- ()
cds.taboola.com
1    13.224.167.49 (None, )

ASN- ()
rules.quantcount.com
1    34.120.107.143 (None, )

ASN- ()
oajs.openx.net
2    35.190.39.111 (None, )

ASN- ()
esp.rtbhouse.com
2    35.74.46.191 (None, )

ASN- ()
pool.admedo.com
2    54.230.87.112 (None, )

ASN- ()
aax.amazon-adsystem.com
2    52.206.96.191 (None, )

ASN- ()
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
1    23.202.140.104 (None, )

ASN- ()
secure.cdn.fastclick.net
2    54.169.214.108 (None, )

ASN- ()
sync-amz.ads.yieldmo.com
sync-pm.ads.yieldmo.com
2    52.59.86.212 (None, )

ASN- ()
j.mrpdata.net
2    67.202.105.32 (None, )

ASN- ()
de.tynt.com
hde.tynt.com
3    51.89.9.253 (None, )

ASN- ()
onetag-sys.com
1    72.34.250.75 (None, )

ASN- ()
sync.go.sonobi.com
2    67.199.150.82 (None, )

ASN- ()
image8.pubmatic.com
Apex Domain
Subdomains		 Transfer
57 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 54
stats.g.doubleclick.net — Cisco Umbrella Rank: 121
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218
ad.doubleclick.net — Cisco Umbrella Rank: 182
cm.g.doubleclick.net — Cisco Umbrella Rank: 248
221 KB
43 primis.tech
live.primis.tech — Cisco Umbrella Rank: 2776
video.primis.tech — Cisco Umbrella Rank: 6335
6 MB
42 pubmatic.com
simage2.pubmatic.com — Cisco Umbrella Rank: 730
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 545 Failed
ads.pubmatic.com — Cisco Umbrella Rank: 541
image6.pubmatic.com — Cisco Umbrella Rank: 786
image2.pubmatic.com — Cisco Umbrella Rank: 971
image4.pubmatic.com — Cisco Umbrella Rank: 1167
simage4.pubmatic.com — Cisco Umbrella Rank: 1325
image8.pubmatic.com
62 KB
35 themarysue.com
www.themarysue.com — Cisco Umbrella Rank: 146667
spc.themarysue.com — Cisco Umbrella Rank: 470935
582 KB
32 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 959
trc.taboola.com — Cisco Umbrella Rank: 632
ch-trc-events.taboola.com — Cisco Umbrella Rank: 5147
sync.taboola.com — Cisco Umbrella Rank: 1077
sync-t1.taboola.com — Cisco Umbrella Rank: 1310
match.taboola.com — Cisco Umbrella Rank: 5348
pips.taboola.com — Cisco Umbrella Rank: 1625
cds.taboola.com
220 KB
31 amazon-adsystem.com
c.amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1023
s.amazon-adsystem.com — Cisco Umbrella Rank: 335
aax.amazon-adsystem.com
138 KB
30 openx.net
u.openx.net — Cisco Umbrella Rank: 723
rtb.openx.net — Cisco Umbrella Rank: 1149
us-u.openx.net — Cisco Umbrella Rank: 491
jp-u.openx.net — Cisco Umbrella Rank: 9817
oajs.openx.net
google-bidout-d.openx.net
eu-u.openx.net
6 KB
30 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 127
f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 154
588 KB
24 pub.network
a.pub.network — Cisco Umbrella Rank: 5554
d.pub.network — Cisco Umbrella Rank: 5880
c.pub.network — Cisco Umbrella Rank: 5678
374 KB
22 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 375
eus.rubiconproject.com — Cisco Umbrella Rank: 627
token.rubiconproject.com — Cisco Umbrella Rank: 636
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1154
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2358
pixel-us-apac.rubiconproject.com Failed
secure-assets.rubiconproject.com Failed
34 KB
21 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 356
grid.bidswitch.net — Cisco Umbrella Rank: 1067 Failed
11 KB
18 gstatic.com
www.gstatic.com
encrypted-tbn3.gstatic.com
encrypted-tbn0.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn1.gstatic.com
fonts.gstatic.com
396 KB
18 intentiq.com
api.intentiq.com — Cisco Umbrella Rank: 1616
sync.intentiq.com — Cisco Umbrella Rank: 1246
sync1.intentiq.com — Cisco Umbrella Rank: 3132
17 KB
17 infolinks.com
resources.infolinks.com — Cisco Umbrella Rank: 7327
router.infolinks.com
rt3006.infolinks.com
68 KB
16 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 1019
ap.lijit.com — Cisco Umbrella Rank: 724 Failed
21 KB
15 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 406
tlx.3lift.com Failed
6 KB
15 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 385
data.adsrvr.org — Cisco Umbrella Rank: 5200
8 KB
11 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 244 Failed
acdn.adnxs.com — Cisco Umbrella Rank: 600
secure.adnxs.com — Cisco Umbrella Rank: 472
27 KB
11 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 454
ups.analytics.yahoo.com — Cisco Umbrella Rank: 334
pn.ybp.yahoo.com Failed
6 KB
10 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 630
5 KB
10 t13.io
s2s.t13.io — Cisco Umbrella Rank: 5352
2 KB
10 ad.gt
id.hadron.ad.gt — Cisco Umbrella Rank: 2356
678 B
9 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 686
sync-amz.ads.yieldmo.com
sync-pm.ads.yieldmo.com
6 KB
9 casalemedia.com
htlb.casalemedia.com Failed
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com Failed
9 KB
9 google.com
analytics.google.com — Cisco Umbrella Rank: 272
www.google.com — Cisco Umbrella Rank: 3
adservice.google.com — Cisco Umbrella Rank: 106
2 KB
9 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 1005
v.clarity.ms — Cisco Umbrella Rank: 8246
23 KB
7 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 413
dis.criteo.com — Cisco Umbrella Rank: 602
bidder.criteo.com Failed
8 KB
6 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1292
usermatch.targeting.unrulymedia.com
3 KB
6 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 4235
openx2-match.dotomi.com
yieldmo-match.dotomi.com
2 KB
6 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 511
1 KB
6 google.com.au
www.google.com.au — Cisco Umbrella Rank: 21532
adservice.google.com.au — Cisco Umbrella Rank: 103132
2 KB
6 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 206
296 KB
6 disqus.com
disqus.com — Cisco Umbrella Rank: 1249
themarysue.disqus.com — Cisco Umbrella Rank: 510243
ssp.disqus.com Failed
7 KB
6 skimresources.com
s.skimresources.com — Cisco Umbrella Rank: 3595
r.skimresources.com — Cisco Umbrella Rank: 3401
t.skimresources.com — Cisco Umbrella Rank: 3549
p.skimresources.com — Cisco Umbrella Rank: 4783
21 KB
5 crwdcntrl.net
tags.crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 937
id.crwdcntrl.net — Cisco Umbrella Rank: 3341
14 KB
5 id5-sync.com
cdn.id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 427
36 KB
5 quantserve.com
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 817
11 KB
4 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 991
i.w55c.net — Cisco Umbrella Rank: 2541
3 KB
4 rlcdn.com
api.rlcdn.com — Cisco Umbrella Rank: 1078
idsync.rlcdn.com — Cisco Umbrella Rank: 433
1 KB
4 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 548
2 KB
4 adform.net
cm.adform.net
c1.adform.net — Cisco Umbrella Rank: 626
2 KB
4 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 999
925 B
4 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1810 Failed
4 KB
4 floors.dev
api.floors.dev — Cisco Umbrella Rank: 9079
2 KB
4 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 729
2 KB
4 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 861
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 614
ssbsync-global.smartadserver.com
697 B
4 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 157
3 KB
4 skisofa.com
skisofa.com — Cisco Umbrella Rank: 390360
27 KB
3 onetag-sys.com
onetag-sys.com
2 KB
3 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 588
1 KB
3 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 569
2 KB
3 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 390
994 B
3 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 953
2 KB
3 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 748
917 B
3 turn.com
ad.turn.com — Cisco Umbrella Rank: 1017
1 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 67
imasdk.googleapis.com Failed
2 KB
3 media.net
prebid.media.net — Cisco Umbrella Rank: 1537 Failed
cs.media.net
3 KB
3 criteo.net
static.criteo.net
73 KB
3 btloader.com
btloader.com — Cisco Umbrella Rank: 1063
api.btloader.com — Cisco Umbrella Rank: 1168
82 KB
3 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1295
601 B
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 57
21 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 75
205 KB
2 tynt.com
de.tynt.com
hde.tynt.com
3 KB
2 mrpdata.net
j.mrpdata.net
536 B
2 amazon.dev
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
459 B
2 admedo.com
pool.admedo.com
1 KB
2 rtbhouse.com
esp.rtbhouse.com
315 B
2 pippio.com
pippio.com — Cisco Umbrella Rank: 840
883 B
2 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1101
810 B
2 sportradarserving.com
a.sportradarserving.com — Cisco Umbrella Rank: 2693
973 B
2 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1156
apsoutheast-match.deepintent.com
83 B
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 851
s.tribalfusion.com — Cisco Umbrella Rank: 1995
1 KB
2 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1598
1 KB
2 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 6059
673 B
2 ad-m.asia
sync-dsp.ad-m.asia — Cisco Umbrella Rank: 3144
486 B
2 cinarra.com
dps.jp.cinarra.com — Cisco Umbrella Rank: 17197
440 B
2 ladsp.com
cr-p3.ladsp.com — Cisco Umbrella Rank: 21445
1 KB
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1394
603 B
2 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 808
1 KB
2 r-ad.ne.jp
cs.r-ad.ne.jp — Cisco Umbrella Rank: 71186
bk.r-ad.ne.jp — Cisco Umbrella Rank: 27052
1 KB
2 appier.net
a.c.appier.net — Cisco Umbrella Rank: 17567
gocm.c.appier.net — Cisco Umbrella Rank: 2499
938 B
2 tremorhub.com
mb9eo.publishers.tremorhub.com
720 B
2 sonobi.com
apex.go.sonobi.com — Cisco Umbrella Rank: 2141 Failed
sync.go.sonobi.com
2 KB
2 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1813
1 KB
2 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 758
1 KB
2 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 1152
1 KB
2 adscale.de
ih.adscale.de — Cisco Umbrella Rank: 3009
635 B
2 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1076
2 KB
2 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1086
434 B
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 1143
1 KB
2 confiant-integrations.net
cdn.confiant-integrations.net — Cisco Umbrella Rank: 1528
95 KB
2 optimise.net
optimise.net — Cisco Umbrella Rank: 7209
559 B
2 quantcast.com
cmp.quantcast.com — Cisco Umbrella Rank: 3242
50 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 733
script.hotjar.com — Cisco Umbrella Rank: 1102
73 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 170
89 KB
2 unpkg.com
unpkg.com — Cisco Umbrella Rank: 1018
3 KB
2 wp.com
stats.wp.com — Cisco Umbrella Rank: 2949
pixel.wp.com — Cisco Umbrella Rank: 2679
5 KB
2 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1660
mab.chartbeat.com Failed
25 KB
1 advertising.com
pixel.advertising.com
273 B
1 fastclick.net
secure.cdn.fastclick.net
17 KB
1 quantcount.com
rules.quantcount.com
1 KB
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 2157
173 B
1 linksynergy.com
tags.rd.linksynergy.com — Cisco Umbrella Rank: 4646
392 B
1 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 578
823 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 252
669 B
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 4422
465 B
1 nrich.ai
dsp.nrich.ai — Cisco Umbrella Rank: 3453
566 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 6427
277 B
1 gammaplatform.com
cm-supply-web.gammaplatform.com — Cisco Umbrella Rank: 3439
644 B
1 ambientdsp.com
cm.ambientdsp.com — Cisco Umbrella Rank: 21794
652 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 940
793 B
1 aralego.com
sync.aralego.com
597 B
1 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 692
2 KB
1 minutemedia-prebid.com
hb.minutemedia-prebid.com — Cisco Umbrella Rank: 3974
455 B
1 adtdp.com
dynalyst-sync.adtdp.com — Cisco Umbrella Rank: 29987
585 B
1 fksnk.com
fksnk.com — Cisco Umbrella Rank: 5126
610 B
1 admeme.net
v9999.adv.admeme.net — Cisco Umbrella Rank: 19514
302 B
1 admanmedia.com
cs.admanmedia.com
691 B
1 stickyadstv.com
ads.stickyadstv.com
691 B
1 akamaihd.net
qsearch-a.akamaihd.net
381 B
1 sharethrough.com
btlr.sharethrough.com Failed
match.sharethrough.com
589 B
1 creativecdn.com
invstatic101.creativecdn.com
2 KB
1 jsdelivr.net
cdn.jsdelivr.net
901 B
1 openxcdn.net
oa.openxcdn.net
8 KB
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 3258
466 B
1 admixer.net
inv-nets.admixer.net — Cisco Umbrella Rank: 2616
394 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 625
882 B
1 mediago.io
trace.mediago.io — Cisco Umbrella Rank: 1119
188 B
1 hadronid.net
cdn.hadronid.net — Cisco Umbrella Rank: 2540
10 KB
1 videoplayerhub.com
freestar-io.videoplayerhub.com — Cisco Umbrella Rank: 6892
451 B
1 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 634
481 B
1 workers.dev
geoip.gamurs.workers.dev — Cisco Umbrella Rank: 90600
576 B
1 geniuslinkcdn.com
geniuslinkcdn.com — Cisco Umbrella Rank: 58664
2 KB
0 adotmob.com Failed
sync.adotmob.com Failed
0 360yield.com Failed
ad.360yield.com Failed
0 cmcd1.com Failed
e-jp.cmcd1.com Failed
0 rundsp.com Failed
match.rundsp.com Failed
0 33across.com Failed
lexicon.33across.com Failed
ssc-cms.33across.com Failed
cdn-ima.33across.com Failed
0 nex8.net Failed
cs.nex8.net Failed
0 semasio.net Failed
uipglob.semasio.net Failed
652 140
Domain Requested by
38 cm.g.doubleclick.net 16 redirects www.themarysue.com
f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com
u.openx.net
eb2.3lift.com
sync-amz.ads.yieldmo.com
ssum-sec.casalemedia.com
onetag-sys.com
33 www.themarysue.com 1 redirects www.themarysue.com
32 live.primis.tech 15 redirects www.themarysue.com
live.primis.tech
21 s.amazon-adsystem.com 2 redirects www.themarysue.com
ce.lijit.com
us-u.openx.net
c.amazon-adsystem.com
s.amazon-adsystem.com
u.openx.net
ads.pubmatic.com
eus.rubiconproject.com
ssum-sec.casalemedia.com
sync-amz.ads.yieldmo.com
onetag-sys.com
20 x.bidswitch.net 19 redirects www.themarysue.com
onetag-sys.com
18 c.pub.network a.pub.network
16 sync.intentiq.com 1 redirects live.primis.tech
www.themarysue.com
ads.pubmatic.com
16 simage2.pubmatic.com www.themarysue.com
ads.pubmatic.com
15 tpc.googlesyndication.com 2 redirects f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
15 eb2.3lift.com 6 redirects www.themarysue.com
a.pub.network
eb2.3lift.com
14 match.adsrvr.org 12 redirects a.pub.network
live.primis.tech
onetag-sys.com
13 ce.lijit.com 1 redirects www.themarysue.com
a.pub.network
ads.pubmatic.com
ce.lijit.com
us-u.openx.net
12 pagead2.googlesyndication.com www.themarysue.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com
www.googletagservices.com
11 router.infolinks.com resources.infolinks.com
router.infolinks.com
ssum-sec.casalemedia.com
onetag-sys.com
11 us-u.openx.net u.openx.net
ce.lijit.com
us-u.openx.net
google-bidout-d.openx.net
11 video.primis.tech live.primis.tech
www.themarysue.com
11 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
www.themarysue.com
10 sync.1rx.io 10 redirects router.infolinks.com
10 s2s.t13.io a.pub.network
www.themarysue.com
u.openx.net
ce.lijit.com
ads.pubmatic.com
10 pixel.rubiconproject.com 6 redirects www.themarysue.com
onetag-sys.com
10 id.hadron.ad.gt cdn.hadronid.net
a.pub.network
9 ib.adnxs.com a.pub.network
acdn.adnxs.com
onetag-sys.com
9 u.openx.net 5 redirects www.themarysue.com
a.pub.network
s.amazon-adsystem.com
9 sync.taboola.com 2 redirects www.themarysue.com
8 ads.pubmatic.com live.primis.tech
a.pub.network
www.themarysue.com
ce.lijit.com
s.amazon-adsystem.com
8 cdn.taboola.com s.skimresources.com
cdn.taboola.com
www.themarysue.com
7 image2.pubmatic.com ads.pubmatic.com
www.themarysue.com
7 ads.yieldmo.com 1 redirects a.pub.network
ads.yieldmo.com
sync-amz.ads.yieldmo.com
7 pr-bh.ybp.yahoo.com 5 redirects u.openx.net
www.themarysue.com
7 v.clarity.ms www.clarity.ms
6 pixel.tapad.com 4 redirects www.themarysue.com
ads.yieldmo.com
router.infolinks.com
6 ssum-sec.casalemedia.com 2 redirects s.amazon-adsystem.com
router.infolinks.com
ssum-sec.casalemedia.com
6 www.googletagservices.com a.pub.network
securepubads.g.doubleclick.net
f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com
googleads.g.doubleclick.net
5 sync.targeting.unrulymedia.com 5 redirects
5 fonts.gstatic.com fonts.googleapis.com
5 encrypted-tbn3.gstatic.com f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com
5 resources.infolinks.com securepubads.g.doubleclick.net
www.themarysue.com
resources.infolinks.com
router.infolinks.com
5 c.amazon-adsystem.com a.pub.network
live.primis.tech
c.amazon-adsystem.com
5 ch-trc-events.taboola.com www.themarysue.com
cdn.taboola.com
5 gum.criteo.com cdn.taboola.com
a.pub.network
static.criteo.net
gum.criteo.com
5 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
5 themarysue.disqus.com www.themarysue.com
themarysue.disqus.com
5 a.pub.network www.themarysue.com
a.pub.network
4 token.rubiconproject.com 4 redirects
4 eus.rubiconproject.com a.pub.network
eus.rubiconproject.com
s.amazon-adsystem.com
4 jp-u.openx.net u.openx.net
us-u.openx.net
4 sync.mathtag.com 4 redirects
4 encrypted-tbn0.gstatic.com f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com
4 ups.analytics.yahoo.com 3 redirects google-bidout-d.openx.net
onetag-sys.com
4 csync.loopme.me 4 redirects
4 g2.gumgum.com a.pub.network
4 api.floors.dev a.pub.network
4 pixel-sync.sitescout.com 4 redirects
4 trc.taboola.com cdn.taboola.com
www.themarysue.com
4 adservice.google.com pagead2.googlesyndication.com
securepubads.g.doubleclick.net
4 adservice.google.com.au pagead2.googlesyndication.com
securepubads.g.doubleclick.net
4 www.google.com www.themarysue.com
f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
4 sb.scorecardresearch.com 2 redirects www.themarysue.com
4 skisofa.com www.themarysue.com
skisofa.com
3 dsum-sec.casalemedia.com ssum-sec.casalemedia.com
3 onetag-sys.com 1 redirects router.infolinks.com
onetag-sys.com
3 match.prod.bidr.io 3 redirects
3 idsync.rlcdn.com 2 redirects www.themarysue.com
3 pm.w55c.net 3 redirects
3 id5-sync.com live.primis.tech
cdn.id5-sync.com
3 aax-eu.amazon-adsystem.com 2 redirects www.themarysue.com
3 b1sync.zemanta.com 3 redirects router.infolinks.com
ssum-sec.casalemedia.com
3 px.ads.linkedin.com 1 redirects eb2.3lift.com
www.themarysue.com
3 c1.adform.net 2 redirects ads.pubmatic.com
3 um.simpli.fi 3 redirects
3 sync.crwdcntrl.net 2 redirects www.themarysue.com
3 cms.quantserve.com 3 redirects router.infolinks.com
3 sync-tm.everesttech.net 2 redirects ads.pubmatic.com
3 image6.pubmatic.com ads.pubmatic.com
3 ad.turn.com 3 redirects
3 rtb.openx.net 2 redirects u.openx.net
3 fonts.googleapis.com live.primis.tech
f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com
3 f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 ap.lijit.com a.pub.network
3 static.criteo.net securepubads.g.doubleclick.net
a.pub.network
static.criteo.net
3 sync-t1.taboola.com www.themarysue.com
3 ping.chartbeat.net www.themarysue.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
www.themarysue.com
3 www.googletagmanager.com www.themarysue.com
www.googletagmanager.com
2 yieldmo-match.dotomi.com 2 redirects
2 image8.pubmatic.com 1 redirects onetag-sys.com
2 j.mrpdata.net 1 redirects u.openx.net
2 prod.us-east-1.cxm-bcn.publisher-services.amazon.dev c.amazon-adsystem.com
2 aax.amazon-adsystem.com c.amazon-adsystem.com
2 openx2-match.dotomi.com 2 redirects
2 pool.admedo.com 2 redirects
2 esp.rtbhouse.com invstatic101.creativecdn.com
2 pixel-eu.rubiconproject.com 1 redirects onetag-sys.com
2 pixel-us-east.rubiconproject.com 2 redirects
2 pippio.com 2 redirects
2 lb.eu-1-id5-sync.com live.primis.tech
cdn.id5-sync.com
2 simage4.pubmatic.com ads.pubmatic.com
2 a.sportradarserving.com 2 redirects
2 pubmatic-match.dotomi.com 2 redirects
2 image4.pubmatic.com 1 redirects www.themarysue.com
router.infolinks.com
2 cm.adgrx.com 2 redirects
2 ipac.ctnsnet.com 1 redirects ads.pubmatic.com
2 sync-dsp.ad-m.asia u.openx.net
ads.pubmatic.com
2 dps.jp.cinarra.com u.openx.net
ads.pubmatic.com
2 cr-p3.ladsp.com 2 redirects
2 sync.teads.tv 1 redirects f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com
2 s.ad.smaato.net 2 redirects
2 www.gstatic.com f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com
2 ssbsync-global.smartadserver.com 1 redirects onetag-sys.com
2 cs.media.net 2 redirects router.infolinks.com
2 mb9eo.publishers.tremorhub.com 2 redirects
2 hbopenbid.pubmatic.com a.pub.network
live.primis.tech
2 cdn.id5-sync.com securepubads.g.doubleclick.net
www.themarysue.com
2 ads.betweendigital.com 1 redirects www.themarysue.com
2 sync.srv.stackadapt.com 2 redirects
2 rtb.mfadsrvr.com 2 redirects
2 dis.criteo.com 1 redirects ads.pubmatic.com
2 ih.adscale.de 2 redirects
2 tg.socdm.com 2 redirects
2 api.btloader.com freestar-io.videoplayerhub.com
2 partner.googleadservices.com pagead2.googlesyndication.com
2 ad-delivery.net www.themarysue.com
2 www.google.com.au www.themarysue.com
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 cdn.confiant-integrations.net a.pub.network
cdn.confiant-integrations.net
2 optimise.net a.pub.network
2 www.clarity.ms www.googletagmanager.com
www.clarity.ms
2 spc.themarysue.com www.themarysue.com
2 p.skimresources.com www.themarysue.com
2 t.skimresources.com www.themarysue.com
s.skimresources.com
2 cmp.quantcast.com a.pub.network
cmp.quantcast.com
2 connect.facebook.net www.themarysue.com
connect.facebook.net
2 unpkg.com 1 redirects www.themarysue.com
2 static.chartbeat.com www.themarysue.com
1 rt3006.infolinks.com resources.infolinks.com
1 sync-pm.ads.yieldmo.com sync-amz.ads.yieldmo.com
1 pixel.advertising.com 1 redirects
1 sync.go.sonobi.com 1 redirects
1 usermatch.targeting.unrulymedia.com 1 redirects
1 hde.tynt.com router.infolinks.com
1 de.tynt.com 1 redirects
1 eu-u.openx.net u.openx.net
1 sync-amz.ads.yieldmo.com s.amazon-adsystem.com
1 secure.cdn.fastclick.net www.themarysue.com
1 apsoutheast-match.deepintent.com google-bidout-d.openx.net
1 google-bidout-d.openx.net oa.openxcdn.net
1 oajs.openx.net oa.openxcdn.net
1 rules.quantcount.com secure.quantserve.com
1 cds.taboola.com cdn.taboola.com
1 pips.taboola.com cdn.taboola.com
1 bk.r-ad.ne.jp 1 redirects
1 tr.blismedia.com us-u.openx.net
1 i.w55c.net 1 redirects
1 data.adsrvr.org 1 redirects
1 tags.rd.linksynergy.com 1 redirects
1 id.crwdcntrl.net live.primis.tech
1 api.rlcdn.com live.primis.tech
1 stags.bluekai.com 1 redirects
1 c.bing.com eb2.3lift.com
1 secure.adnxs.com 1 redirects router.infolinks.com
1 ads.playground.xyz 1 redirects
1 dsp.nrich.ai 1 redirects
1 match.deepintent.com ads.pubmatic.com
1 core.iprom.net ads.pubmatic.com
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 gocm.c.appier.net 1 redirects
1 cm-supply-web.gammaplatform.com 1 redirects
1 cm.ambientdsp.com 1 redirects
1 p.rfihub.com 1 redirects router.infolinks.com
1 sync.aralego.com 1 redirects
1 js-sec.indexww.com a.pub.network
1 acdn.adnxs.com a.pub.network
1 hb.minutemedia-prebid.com live.primis.tech
1 dynalyst-sync.adtdp.com 1 redirects
1 cs.r-ad.ne.jp 1 redirects
1 a.c.appier.net 1 redirects
1 fksnk.com 1 redirects
1 v9999.adv.admeme.net 1 redirects
1 encrypted-tbn1.gstatic.com f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com
1 encrypted-tbn2.gstatic.com f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com
1 match.sharethrough.com 1 redirects
1 cm.adform.net 1 redirects
1 cs.admanmedia.com 1 redirects
1 ads.stickyadstv.com 1 redirects
1 pixel.quantserve.com www.themarysue.com
1 qsearch-a.akamaihd.net www.themarysue.com
1 sync1.intentiq.com www.themarysue.com
1 api.intentiq.com live.primis.tech
1 apex.go.sonobi.com a.pub.network
1 prebid.media.net a.pub.network
1 grid.bidswitch.net a.pub.network
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 cdn.jsdelivr.net securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 secure.quantserve.com a.pub.network
1 t.adx.opera.com www.themarysue.com
1 match.taboola.com www.themarysue.com
1 inv-nets.admixer.net 1 redirects
1 rtb-csync.smartadserver.com www.themarysue.com
1 bh.contextweb.com www.themarysue.com
1 trace.mediago.io 1 redirects
1 ssbsync.smartadserver.com www.themarysue.com
1 ad.doubleclick.net www.themarysue.com
1 analytics.google.com www.googletagmanager.com
1 script.hotjar.com static.hotjar.com
1 cdn.hadronid.net www.themarysue.com
1 btloader.com www.themarysue.com
1 freestar-io.videoplayerhub.com 1 redirects
1 static.adsafeprotected.com www.themarysue.com
1 geoip.gamurs.workers.dev www.themarysue.com
1 pixel.wp.com www.themarysue.com
1 r.skimresources.com s.skimresources.com
1 d.pub.network a.pub.network
1 static.hotjar.com www.themarysue.com
1 disqus.com 1 redirects
1 s.skimresources.com www.themarysue.com
1 stats.wp.com www.themarysue.com
1 geniuslinkcdn.com www.themarysue.com
0 imasdk.googleapis.com Failed resources.infolinks.com
0 cdn-ima.33across.com Failed resources.infolinks.com
0 secure-assets.rubiconproject.com Failed hde.tynt.com
0 pn.ybp.yahoo.com Failed googleads.g.doubleclick.net
0 sync.adotmob.com Failed ssum-sec.casalemedia.com
0 pixel-us-apac.rubiconproject.com Failed sync-amz.ads.yieldmo.com
0 dsum.casalemedia.com Failed ssum-sec.casalemedia.com
0 ssc-cms.33across.com Failed router.infolinks.com
hde.tynt.com
0 ssp.disqus.com Failed router.infolinks.com
0 ad.360yield.com Failed router.infolinks.com
0 e-jp.cmcd1.com Failed u.openx.net
0 match.rundsp.com Failed us-u.openx.net
0 lexicon.33across.com Failed live.primis.tech
0 cs.nex8.net Failed u.openx.net
0 bidder.criteo.com Failed a.pub.network
0 htlb.casalemedia.com Failed a.pub.network
0 tlx.3lift.com Failed a.pub.network
0 btlr.sharethrough.com Failed a.pub.network
0 uipglob.semasio.net Failed www.themarysue.com
0 mab.chartbeat.com Failed static.chartbeat.com
652 240
Subject Issuer Validity Valid
themarysue.com
E1		 2023-05-02 -
2023-07-31		 3 months crt.sh
*.chartbeat.com
Thawte TLS RSA CA G1		 2023-05-16 -
2024-06-06		 a year crt.sh
geniuslinkcdn.com
R3		 2023-05-12 -
2023-08-10		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-02-26 -
2024-02-25		 a year crt.sh
*.wp.com
Sectigo ECC Domain Validation Secure Server CA		 2022-11-14 -
2023-12-15		 a year crt.sh
*.skimresources.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-25 -
2023-11-08		 a year crt.sh
skisofa.com
R3		 2023-05-29 -
2023-08-27		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-03-17 -
2023-06-15		 3 months crt.sh
*.hotjar.com
Amazon ECDSA 256 M01		 2023-03-09 -
2024-04-06		 a year crt.sh
*.disqus.com
Sectigo RSA Domain Validation Secure Server CA		 2023-04-13 -
2024-04-20		 a year crt.sh
d.pub.network
GTS CA 1D4		 2023-04-20 -
2023-07-19		 3 months crt.sh
cmp.quantcast.com
R3		 2023-04-14 -
2023-07-13		 3 months crt.sh
spc.gamepur.com
GTS CA 1D4		 2023-05-14 -
2023-08-12		 3 months crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2022-12-19 -
2023-12-30		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-01 -
2023-12-01		 a year crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M01		 2023-02-24 -
2023-09-04		 6 months crt.sh
*.primis.tech
Amazon RSA 2048 M01		 2022-10-24 -
2023-11-22		 a year crt.sh
optimise.net
GTS CA 1D4		 2023-05-26 -
2023-08-24		 3 months crt.sh
confiant-integrations.net
GTS CA 1P5		 2023-05-25 -
2023-08-23		 3 months crt.sh
*.hadronid.net
GTS CA 1P5		 2023-04-11 -
2023-07-10		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
*.google.com.au
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
c.pub.network
GTS CA 1D4		 2023-04-20 -
2023-07-19		 3 months crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 06		 2023-02-13 -
2024-02-08		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-12 -
2023-08-10		 3 months crt.sh
api.btloader.com
GTS CA 1D4		 2023-04-14 -
2023-07-13		 3 months crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.contextweb.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-10 -
2024-05-09		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
*.adx.opera.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-22 -
2024-06-20		 a year crt.sh
api.floors.dev
GTS CA 1D4		 2023-05-22 -
2023-08-20		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-05-28 -
2023-08-26		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-27 -
2023-08-27		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-23 -
2024-01-24		 a year crt.sh
invstatic101.creativecdn.com
GTS CA 1D4		 2023-04-28 -
2023-07-28		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2022-11-07 -
2023-12-06		 a year crt.sh
s2s.t13.io
GTS CA 1D4		 2023-05-17 -
2023-08-15		 3 months crt.sh
*.intentiq.com
Amazon RSA 2048 M02		 2023-04-11 -
2024-05-08		 a year crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-05-16 -
2024-05-15		 a year crt.sh
gumgum.com
Amazon RSA 2048 M01		 2023-02-14 -
2023-10-05		 8 months crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2022-12-06 -
2024-01-07		 a year crt.sh
prebid.media.net
GTS CA 1D4		 2023-05-09 -
2023-08-07		 3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
*.minutemedia-prebid.com
Amazon ECDSA 256 M01		 2023-04-18 -
2024-05-16		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2023-03-27 -
2024-04-26		 a year crt.sh
*.yieldmo.com
Amazon RSA 2048 M02		 2023-02-03 -
2023-10-12		 8 months crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-07 -
2024-04-03		 a year crt.sh
*.jp.cinarra.com
Sectigo RSA Domain Validation Secure Server CA		 2023-05-17 -
2024-06-16		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-04-04 -
2023-09-27		 6 months crt.sh
sync-dsp.ad-m.asia
GlobalSign GCC R3 DV TLS CA 2020		 2022-07-21 -
2023-08-22		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-11-07 -
2023-12-09		 a year crt.sh
*.ctnsnet.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-04 -
2023-11-06		 10 months crt.sh
*.iprom.net
R3		 2023-05-23 -
2023-08-21		 3 months crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-11-30 -
2024-01-01		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2023-02-16 -
2023-08-16		 6 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.id5-sync.com
R3		 2023-04-18 -
2023-07-17		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2023-04-18 -
2023-07-17		 3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
tr.blismedia.com
GTS CA 1D4		 2023-04-12 -
2023-07-11		 3 months crt.sh
quantserve.com
R3		 2023-04-14 -
2023-07-13		 3 months crt.sh
esp.rtbhouse.com
GTS CA 1D4		 2023-05-17 -
2023-08-15		 3 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-02-21 -
2023-08-16		 6 months crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
Amazon RSA 2048 M02		 2022-12-27 -
2024-01-25		 a year crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-02 -
2023-12-02		 a year crt.sh
casalemedia.com
Go Daddy Secure Certificate Authority - G2		 2022-12-13 -
2024-01-13		 a year crt.sh
*.ads.yieldmo.com
Amazon RSA 2048 M01		 2023-03-26 -
2024-04-23		 a year crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-07 -
2023-09-30		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh

This page contains 83 frames:

Primary Page: https://www.themarysue.com/
Frame ID: 39E5EE28282F1303425BB90255D37ADB
Requests: 261 HTTP requests in this frame

Frame: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.8478063450306106
Frame ID: FF45ED7DE0D4F1446D0D02CB5B13CBF0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230601/r20190131/zrt_lookup.html
Frame ID: 7D3AEFF3FC1FCFEB988C4127D3511571
Requests: 1 HTTP requests in this frame

Frame: https://live.primis.tech/live/liveView.php?s=110295&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer&x=690&y=390&cbuster=1686180951&pubUrlAuto=https%3A%2F%2Fwww.themarysue.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Frame ID: 525D9EE17CBD850A74D4719D43052072
Requests: 39 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-9356934496955375&output=html&adk=522671305&adf=1178619241&lmt=1686180954&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x945_l%7C236x945_r&format=0x0&url=https%3A%2F%2Fwww.themarysue.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686180947023&bpp=3&bdt=2732&idt=4988&shv=r20230601&mjsv=m202305310101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7112081316901&frm=20&pv=2&ga_vid=2003950130.1686180950&ga_sid=1686180954&ga_hid=552143194&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788441%2C44793497%2C44789819&oid=2&pvsid=798598736179353&tmod=1060662944&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=7032
Frame ID: D35A561AE1FF05DB35887E5C5390F851
Requests: 1 HTTP requests in this frame

Frame: https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZIEUXsCo8X4AACKnetcAAAAA
Frame ID: 9D7DBA156EDEB53183CD416881B50F5F
Requests: 24 HTTP requests in this frame

Frame: https://f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 540D9869C195E4DFC2481E7066BA0A7A
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssvt8CAFLHl_OO2LQiVD_OkLFY41Rf1UUBqATYkoLQ0sIpytdhnRdbZ2duSNg27WLuxuFpNNXrUyFtJRYzsPHJR4MAe2AzSrhKNzn-_6pdwzgetJZDlm2oA1ktcsWBbKdO12tgCrEZ7jkt1nwTYFqNF18QMojFDkrnvIEW0W-_-99BshkLilDjrnpvDwNPKvA_djw5Zmt_w3_UOpISLCFGyUeFf6YSZJvRO-QWmRNPGMJsYqLzgi6ghh3NXcZNNyyiL4_urAIS1_Q3KqJomTR8G_8s0vWC9KkbFO4_wGelMg4gL710880JoPJGe_KNe1HMVPcv_mV6CYTd-Bbv6H3RPQapPi9AVU5jDaI6M2XZm52-KQdsUOg&sai=AMfl-YQOWHJG3CMIwXInfE_vLWFyfKs7K68ISnBkKnElWuI_d_qHjSX7fw-0kqjZ8lb11ivVUpH_GN1eX6bevkvffPVbp4iUx7wBPCdA2YWfiW01WK0mJh7d6F63P557Gfs&sig=Cg0ArKJSzNyKInF_Bb-FEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 162353984A9AAA578B522BDE999124D8
Requests: 8 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Frame ID: A7F69BB76252782A0414DDA0A6E95D2B
Requests: 8 HTTP requests in this frame

Frame: https://f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0153A849F598CBE614E00101C77053F1
Requests: 18 HTTP requests in this frame

Frame: https://f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: CAA0057BB8F9149FB9DD2746AEBF6613
Requests: 22 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssi33D64S14sveGbKucNfeD0UPRvgPPbHCG8skM6DFmV2Oy61LL13NpGdt5OAca4Z2PI3nlVmu-iOMv-NlGnKqJ_3FCLObDXIMqoqj9R3A1_FPHww6811-gfJxzClAtFCBxuQSkQbkrvmcd8Wjs0bizQ38mgy-HUd-megCNKPqqfnaE7HPx5lunuVBCJWQqFDGNNlMwGQOFWJl2VI5uDaZ-iS5eaDmLjOABLRaV1KrAc52uEXcwut7BWMKVi0Q39qP2amSx_3XuLLWuQIrth6i7MCzpBt7yYG1w-90Ka5H5oF-QzZz5kHdEsd3nNfYoQCmSxB4DND6CNziJlePHl_IXFhKqn0DbPIKc1oDwXtPwfyjA&sai=AMfl-YRVQeD2RbmFtFAFAWI0lV30MoKR_Mbronvqn0ypgWx0zd0QyHkGyr2rUVfaoAxhgwKjfels3L_O-BkJ322Qqge8-PSA3OY3zR-Z1zp0GivfWp3zlAUFVHgUYVXW-CU&sig=Cg0ArKJSzJoE4s22nobVEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 952469890AFC8B148BC559D497460779
Requests: 12 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Frame ID: C2C5A659089677C5ACF0162D9C47358E
Requests: 18 HTTP requests in this frame

Frame: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1486637409&pcid=c7f087b7-6918-4e83-b578-a443672461e3
Frame ID: B1DDFB0092DA4437A4ED31DC6AED5BFE
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 89272E4A9DD204DE13E321F28DC3FD5C
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8DFA2CBF80F7758EAF69537166530E6B
Requests: 9 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 06EED2D56DC7A790E7C76D59BAF7E25E
Requests: 2 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?us_privacy=1---&&ld=1
Frame ID: 91B82ECDEEF7D06F5AA205440DA8F059
Requests: 11 HTTP requests in this frame

Frame: https://ads.yieldmo.com/pbcas?us_privacy=1---&gdpr=0&gdpr_consent=&type=iframe
Frame ID: B1A900E9035A6027D92EE123898052D8
Requests: 6 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696&us_privacy=1---
Frame ID: 6547AFC1361501861AA6BBCE6EF063EE
Requests: 4 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: E30835D9F99106608094ACBC9241A9DD
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd?us_privacy=1---&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba
Frame ID: 421A266327E9F59EB2586C6E47F3B275
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Frame ID: 7AACFB98A8324CFFE9FAD157607DACC1
Requests: 10 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:8aa96481-1462-4400-8d93-3f57fee2e878&gdpr=0&gdpr_consent=
Frame ID: 67F305F367DA9B678A2E1E13076A5DE7
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1976306192160214603
Frame ID: BE3B13BD78A7787D0B91F81D434AF3C2
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZIEUZAAQCTiUGABL
Frame ID: 1D18909724636A1801D7D5E3AAC8E083
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1731213324646008949&gdpr=0&gdpr_consent=
Frame ID: 93DDEB063DA68A93E433B06E5C230BF7
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=dXFIYnJxRmduc0U3IiNdanQnFTduJxUxdyd-efm_
Frame ID: AFAA5171757E2C2BD50FFFE91756B6BC
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: C04FC87638B84D253CB9E619FEBD179A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=10cwc1q2awmq
Frame ID: D93BBCCFBC8968494C3E4FDA8076DF5C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=KvtX7RgxWNRFeu4KcKUQBkLLcKI&gdpr=0&gdpr_consent=
Frame ID: 7CD73678AC361D2C1E1A1FD85778B8F8
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=2bebe3db9cfd47a8ac2b8aa57dfbc642
Frame ID: 507B4FF0C84239E4EB6C2EAD3E4E18D5
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 4E5CD083D17000D018E0639CB8E67F2B
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1btffw02l5x9
Frame ID: 1489DCFB0D874FD4F5159D987AC09FD8
Requests: 1 HTTP requests in this frame

Frame: https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Frame ID: 0348E2D860E46F17D34EB422B3AC48FE
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=cocU6rIfDxKupdjaYhSBZA
Frame ID: C2748C59B2E3E5F6277316F6317C5489
Requests: 1 HTTP requests in this frame

Frame: https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=65B55241-7913-40F1-9841-6178CE8D0BA2
Frame ID: 05E3398BE19E7CD377A8D7307057231F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=11bd5a78-058c-11ee-88ea-707b7631d09d
Frame ID: 0DAEC6116A29B6C6059002AF4FE7FF0E
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: C782B0F244C69A14B7FC043B1EC156BC
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 1DA2AB1A99517D3ADD5EEBCE5B9B825D
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 16F0E4024FF56AEED8A2DBE1F96A7F7F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: B60079BD962A31D18319136BFFB29862
Requests: 1 HTTP requests in this frame

Frame: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1402230080&pcid=65B55241-7913-40F1-9841-6178CE8D0BA2
Frame ID: 36FDAADE6A067FDEFF586D12D28C2960
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=1---&predirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Frame ID: 6ECD5261536E78C59FD922950095A85A
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&us_privacy=1---
Frame ID: E5C68512590F5F1FCBB7053B189F5F1C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/021tMgbmWdpib38qUft40v3Y3wOFK7xcDKTuj95SMW0.js
Frame ID: 512111D7553D8C22D7882ABCE9FD0902
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/021tMgbmWdpib38qUft40v3Y3wOFK7xcDKTuj95SMW0.js
Frame ID: 85FEDDADD9C3576B1E729D4BA400AB31
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=1---&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Frame ID: 318ED5AC65F7E4B6F647C065F4E68B19
Requests: 9 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=65B55241-7913-40F1-9841-6178CE8D0BA2&gdpr=0&gdpr_consent=
Frame ID: 8874880D4D8A76D7B2C28711D413FF20
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:DrvZez1X1Q72Hd5&gdpr=0&gdpr_consent=
Frame ID: 86A63172AD90CC836F5E58412BBE33CB
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=97&3pid=RX-af6c42ef-39ec-431c-b6ee-8b3073063fee-004
Frame ID: 3FBE3C955BAA9EC78CD8CBB862EF9C1F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:6D58E35949B24D2789C3A33390EAEA17&gdpr=0&gdpr_consent=
Frame ID: 3153F75AFD3DDD0ACB175E7CC3239EA4
Requests: 1 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Frame ID: 49DC3BB0D50219B4363B4A5C5C949D42
Requests: 8 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Frame ID: 5E414884D59FA0A1A914955550C43ABC
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Frame ID: C3B32C1AC7DDC3B49FED4D03BB349325
Requests: 1 HTTP requests in this frame

Frame: https://s2s.t13.io/setuid?bidder=pubmatic&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&f=b&uid=65B55241-7913-40F1-9841-6178CE8D0BA2
Frame ID: B5399688670AF84558F423D6E541AFB4
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=58&3pid=65B55241-7913-40F1-9841-6178CE8D0BA2
Frame ID: C1358206459A6F015CDD1AE10277A4CF
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=71&3pid=65B55241-7913-40F1-9841-6178CE8D0BA2
Frame ID: D40A4F2B0925DF8C8AEB0B5577B6D5D8
Requests: 1 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 2902B2EF43411C44710138D5BDB0F823
Requests: 6 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.themarysue.com&gdpr=0&gdpr_consent=&us_privacy=1---
Frame ID: 4C1E66A7DBCD5A766BD2F42135B35602
Requests: 2 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-mediagrid_n-index_n-LoopMe_n-MediaNet_n-Beeswax_ox-db5_n-inmobi_pm-db5_ym_rbd_an-db5_3lift_n-Outbrain
Frame ID: 9CBEA1B4C1CC6653DE0C55764D5C6012
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_n-MediaNet_n-Beeswax_ox-db5_n-inmobi_pm-db5_ym_rbd_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Frame ID: 502BC9359703384FB334B19920E7A9B8
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0
Frame ID: 4BA00FB08E93652883D8ECA73E460333
Requests: 10 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Frame ID: 400CDA59E17BB5A00C8857AA73387060
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=inmobi.com&id=ID5-7aebbdsga1nctBFnyOEudPyYGURARFSJurc0GDAI2Q
Frame ID: 0962AD6960265DD3949D84FF3544C0D2
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Frame ID: B3A7F9D6D2912A0ABBC6BF392464CDFE
Requests: 1 HTTP requests in this frame

Frame: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Frame ID: E6D5868255A626CB554B00C8B240C790
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Frame ID: 419381AA135A4E7EBE3AC2AB07119720
Requests: 3 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=1731213324646008949&ex=appnexus.com&gdpr=0
Frame ID: 8B1D90EAC7F01CC58EA5B41778F6734F
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=3981345439935967684362
Frame ID: 159816E838BBD2611EA0A44A76944C1F
Requests: 1 HTTP requests in this frame

Frame: https://router.infolinks.com/usync/manage?pid=3197718&wsid=0&pdom=www.themarysue.com&purl=https%3A%2F%2Fwww.themarysue.com%2F&usprivacy=1---
Frame ID: 73276110FE40CD1DAE08992CC26568B9
Requests: 20 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID65B55241-7913-40F1-9841-6178CE8D0BA2
Frame ID: BCC00158C5C0EB9EF95EEB9AAEBEC85D
Requests: 1 HTTP requests in this frame

Frame: https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
Frame ID: 3307C92562FDEC2D91DEFE52B65A42D6
Requests: 4 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D
Frame ID: 68C6D7AD570DCBAAE10764E3560D16EC
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=598ce3ddaee8c90
Frame ID: EA405583D8667E555BEE37C4AD175792
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-9356934496955375&output=html&adk=1812271804&adf=2751417937&lmt=1686180980&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x945_l%7C236x945_r&format=0x0&url=https%3A%2F%2Fwww.themarysue.com%2F&ea=0&pra=5&wgl=1&easpi=1&easai=1&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=1000&asna=5&asnd=5&asnp=5&asns=5&asro=0&easct=1&easppi=1&asbu=1&aseb=1&aslmt=0.4&asamt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686180976662&bpp=2&bdt=15524&idt=3553&shv=r20230601&mjsv=m202305310101&ptt=9&saldr=aa&cookie=ID%3D9372269f8aff243a-22b402b1d6e10025%3AT%3D1686180955%3ART%3D1686180955%3AS%3DALNI_MZEC4oGgdvfpuZbQtiJ291Z7Cd_1A&gpic=UID%3D00000c454dcfe687%3AT%3D1686180955%3ART%3D1686180955%3AS%3DALNI_MYF8Gt8GeVMjgxLKZo4mtkGhzLZqA&nras=1&correlator=7112081316901&frm=23&ife=4&pv=1&ga_vid=2003950130.1686180950&ga_sid=1686180980&ga_hid=2007351435&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=300&ish=250&ifk=3434346959&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071258%2C31071755%2C44788442%2C44794375&oid=2&pvsid=995294395710725&tmod=2071209052&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&ifi=1&uci=1.nf5jn5knfrvd&btvi=1&fsb=1&dtd=3596
Frame ID: 4619270E6E9BABDC6B57EEB537D1CB68
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-9356934496955375&output=html&h=250&slotname=1390583964&adk=19767928&adf=776186317&pi=t.ma~as.1390583964&w=300&lmt=1686180980&format=300x250&url=https%3A%2F%2Fwww.themarysue.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686180976662&bpp=2&bdt=15523&idt=3562&shv=r20230601&mjsv=m202305310101&ptt=9&saldr=aa&cookie=ID%3D9372269f8aff243a-22b402b1d6e10025%3AT%3D1686180955%3ART%3D1686180955%3AS%3DALNI_MZEC4oGgdvfpuZbQtiJ291Z7Cd_1A&gpic=UID%3D00000c454dcfe687%3AT%3D1686180955%3ART%3D1686180955%3AS%3DALNI_MYF8Gt8GeVMjgxLKZo4mtkGhzLZqA&prev_fmts=0x0&nras=1&correlator=7112081316901&frm=23&ife=4&pv=1&ga_vid=2003950130.1686180950&ga_sid=1686180980&ga_hid=2007351435&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=4943&biw=1600&bih=1200&isw=300&ish=250&ifk=3434346959&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071258%2C31071755%2C44788442%2C44794375&oid=2&pvsid=995294395710725&tmod=2071209052&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.3hueh2c2rnx2&btvi=2&fsb=1&dtd=3609
Frame ID: 178425CBA339E48A096C20C6F3CDEA8B
Requests: 7 HTTP requests in this frame

Frame: https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=
Frame ID: CAF0DD15724558719A1AC11437ACBE9E
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?us_privacy=&ts=1686180981146.4&ri=25&ru=https%3A%2F%2Fads.pubmatic.com%2FAdServer%2Fjs%2Fuser_sync.html%3F%26p%3D156423%26us_privacy%3D%24%7BUS_PRIVACY%7D%26predirect%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D25%2526external_user_id%253D
Frame ID: 71642613D8919126DEBCFA1B666A14CC
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?us_privacy=&ts=1686180981146.6&ri=70&ru=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fcm%3Fid%3Dc6a5ba0d-ce02-41bd-a1ea-842c68bd5108%26ph%3D8f5ed5d4-642c-4222-968a-d709c87ac3c8%26us_privacy%3D%24%7BUS_PRIVACY%7D%26r%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D70%2526external_user_id%253D
Frame ID: 119DBDDD01E12B7AEA48807ECA4B326C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 93F093311D8CC3E868EA23D59E0C3ABC
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E773DAB752B546A7F4D196F279A4C616
Requests: 1 HTTP requests in this frame

Frame: https://resources.infolinks.com/static/container-2.0.html
Frame ID: 4662492043FD8AD5C40AC15C5D3059EE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

The Mary Sue - The Nexus of Pop Culture and the Uncharted Universe

Page URL History Show full URLs

  1. http://www.themarysue.com/ HTTP 301
    https://www.themarysue.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • chartbeat\.js
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

652
Requests

64 %
HTTPS

0 %
IPv6

140
Domains

240
Subdomains

140
IPs

12
Countries

10392 kB
Transfer

19186 kB
Size

229
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.themarysue.com/ HTTP 301
    https://www.themarysue.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25
  • https://unpkg.com/web-vitals/dist/web-vitals.iife.js HTTP 302
  • https://unpkg.com/web-vitals@3.3.2/dist/web-vitals.iife.js
Request Chain 29
  • https://sb.scorecardresearch.com/cs/36750692/beacon.js HTTP 302
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Request Chain 31
  • https://disqus.com/forums/themarysue/count.js HTTP 302
  • https://themarysue.disqus.com/count.js
Request Chain 75
  • https://freestar-io.videoplayerhub.com/gallery.js HTTP 301
  • https://btloader.com/tag?h=freestar-io&upapi=true
Request Chain 85
  • https://sb.scorecardresearch.com/b?c1=2&c2=36750692&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1686180949890&ns_c=UTF-8&cs_cmp_nc=1&cs_fpcd=1&c7=https%3A%2F%2Fwww.themarysue.com%2F&c8=The%20Mary%20Sue%20-%20The%20Nexus%20of%20Pop%20Culture%20and%20the%20Uncharted%20Universe&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=36750692&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1686180949890&ns_c=UTF-8&cs_cmp_nc=1&cs_fpcd=1&c7=https%3A%2F%2Fwww.themarysue.com%2F&c8=The%20Mary%20Sue%20-%20The%20Nexus%20of%20Pop%20Culture%20and%20the%20Uncharted%20Universe&c9=
Request Chain 130
  • https://tg.socdm.com/aux/idsync?proto=taboola HTTP 302
  • https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZIEUXsCo8X4AACKnetcAAAAA
Request Chain 131
  • https://ih.adscale.de/su?gdpr=0&gdpr_consent=&tpid=22688&cburl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fstroerrtbeur-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D__STROEER_USER_ID__ HTTP 302
  • https://ih.adscale.de/su?gdpr=0&gdpr_consent=&tpid=22688&cburl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fstroerrtbeur-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D__STROEER_USER_ID__&nut&uu=6fe3c5d1fb4f4e9ab8d0dd230f4d14f9 HTTP 302
  • https://sync.taboola.com/sg/stroerrtbeur-network/1/rtb-h/?taboola_hm=6fe3c5d1fb4f4e9ab8d0dd230f4d14f9
Request Chain 133
  • https://pixel.rubiconproject.com/exchange/sync.php?p=16698 HTTP 302
  • https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LIMCLUXN-28-LG0C
Request Chain 134
  • https://pr-bh.ybp.yahoo.com/sync/taboola/19fd43c0-aab5-47d2-9549-7e0050dccabe-tuctb7a99da?gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-NYmn8T1E2oRRXlLMTi9KTEWzgIcqseKw0IumIg--~A
Request Chain 135
  • https://trace.mediago.io/ju/cs/taboola HTTP 302
  • https://sync.taboola.com/sg/baidurtb-network/1/rtb-h/?taboola_hm=9ed1380a50f25922e34f2a3ec8be8ae6
Request Chain 136
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEGX1g0Hl42p2SgeFBKI0YCs&google_cver=1
Request Chain 138
  • https://sync.taboola.com/sg/google-network/1/rtb/?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=19fd43c0-aab5-47d2-9549-7e0050dccabe-tuctb7a99da
Request Chain 139
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=58f19e0b-0c54-4c75-92e1-bfa769476430
Request Chain 140
  • https://ce.lijit.com/merge?pid=42&3pid=19fd43c0-aab5-47d2-9549-7e0050dccabe-tuctb7a99da&us_privacy=1---&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=42&3pid=19fd43c0-aab5-47d2-9549-7e0050dccabe-tuctb7a99da&us_privacy=1---&gdpr=0&gdpr_consent=&dnr=1
Request Chain 143
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=daaff8da-6b31-46f1-b8e1-bec0601bf249
Request Chain 144
  • https://id5-sync.com/s/464/9.gif?puid=19fd43c0-aab5-47d2-9549-7e0050dccabe-tuctb7a99da&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/c/464/464/7/1.gif?puid=19fd43c0-aab5-47d2-9549-7e0050dccabe-tuctb7a99da&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-7aebbdsga1nctBFnyOEudPyYGURARFSJurc0GDAI2Q&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F3%2F6%2F2.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/3/6/2.gif?puid=8aa96481-1462-4400-8d93-3f57fee2e878&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=58f19e0b-0c54-4c75-92e1-bfa769476430&ttl=%%TTL%% HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F10%2F4%2F4.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://id5-sync.com/c/464/10/4/4.gif?puid=7694876445673813675&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F3%2F5.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/108/3/5.gif?puid=09e8f016-6ae2-4e9a-8e19-e40c6bba65b9&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/464/2/2/6.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/2/2/6.gif?puid=1731213324646008949&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F112%2F1%2F7.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
Request Chain 145
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=0&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dtaboola%26bsw_param%3D4f0664f5-7787-47d1-8469-677d4e269b7e%26gdpr%3D0%26consent%3D%26gdpr_pd%3D%26expires%3D7 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=dbb997b9a0094362bdaac6a8db9530b9&ssp=taboola&bsw_param=4f0664f5-7787-47d1-8469-677d4e269b7e&gdpr=0&consent=&gdpr_pd=&expires=7 HTTP 302
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=4f0664f5-7787-47d1-8469-677d4e269b7e&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Request Chain 146
  • https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola HTTP 302
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=e96e9413-9031-4b8e-879c-7f81656eaa36 HTTP 302
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=e96e9413-9031-4b8e-879c-7f81656eaa36&tbid=19fd43c0-aab5-47d2-9549-7e0050dccabe-tuctb7a99da&query=taboola_hm%3De96e9413-9031-4b8e-879c-7f81656eaa36&isDirect=0
Request Chain 149
  • https://sync.srv.stackadapt.com/sync?nid=140 HTTP 302
  • https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=KvtX7RgxWNRFeu4KcKUQBkLLcKI
Request Chain 150
  • https://x.bidswitch.net/sync?dsp_id=453&user_id=19fd43c0-aab5-47d2-9549-7e0050dccabe-tuctb7a99da&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=4f0664f5-7787-47d1-8469-677d4e269b7e HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=4f0664f5-7787-47d1-8469-677d4e269b7e&crf=1
Request Chain 152
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&ph=295bf259-a378-4089-aae8-a2a995ba8627&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26us_privacy%3D1---%26orig%3Dvideo%26taboola_hm%3D HTTP 302
  • https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=b76f8224-cf5f-4727-83b3-33e62a118642
Request Chain 153
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=121&0&&us_privacy=1---&redir= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=121&0&&us_privacy=1---&redir= HTTP 302
  • https://sync.taboola.com/sg/centrortb-network/1/rtb-h/?taboola_hm=2c43c52b-8016-462a-a7c8-b819e09b1d64-6481146d-5553
Request Chain 193
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=793790479&rnd=732806&iiqidtype=2&iiqpcid=41f40a14-3997-4d29-8f22-0819d7a37eca&iiqpciddate=1686180959626&tsrnd=604_1686180959628&fbp=1120628898&vrref=https%3A%2F%2Fwww.themarysue.com%2F&jsver=5.09 HTTP 302
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=793790479&rnd=732806&iiqidtype=2&iiqpcid=41f40a14-3997-4d29-8f22-0819d7a37eca&iiqpciddate=1686180959626&tsrnd=604_1686180959628&fbp=1120628898&vrref=https%3A%2F%2Fwww.themarysue.com%2F&jsver=5.09&ckls=true&ci=NGqRdLD0mE&nc=false&trid=1235055317
Request Chain 231
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-triple13&gdpr=&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://s2s.t13.io/setuid?bidder=rubicon&uid=LIMCLUXN-28-LG0C&us_privacy=1---
Request Chain 237
  • https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Request Chain 247
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26gdpr%3D0%26gdpr_consent%3D%26advId%3D98%26advUuid%3D HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&gdpr=0&gdpr_consent=&id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26gdpr%3D0%26gdpr_consent%3D%26advId%3D98%26advUuid%3D HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&gdpr=0&gdpr_consent=&advId=98&advUuid=c7f087b7-6918-4e83-b578-a443672461e3 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1486637409&pcid=c7f087b7-6918-4e83-b578-a443672461e3
Request Chain 257
  • https://x.bidswitch.net/sync?ssp=sekindo&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sekindo&bsw_param=4f0664f5-7787-47d1-8469-677d4e269b7e&google_hm=NGYwNjY0ZjUtNzc4Ny00N2QxLTg0NjktNjc3ZDRlMjY5Yjdl HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESECurSsq2pFCJWSUIVReJuUQ&google_cver=1&ssp=sekindo&bsw_param=4f0664f5-7787-47d1-8469-677d4e269b7e HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=92&advUuid=4f0664f5-7787-47d1-8469-677d4e269b7e HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1267919208&pcid=4f0664f5-7787-47d1-8469-677d4e269b7e
Request Chain 258
  • https://csync.loopme.me/?pubid=11280&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D93%26advUuid%3D%7Bviewer_token%7D HTTP 307
  • https://live.primis.tech/live/liveCS.php?source=external&advId=93&advUuid=3aabb0b3-b5e1-493d-8e7d-d4ae08ad6ab3&gdpr_consent=null&gdpr=0 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=417208643&pcid=3aabb0b3-b5e1-493d-8e7d-d4ae08ad6ab3
Request Chain 259
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191923&gdpr=0&gdpr_consent=&cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D99%26advUuid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D99%26advUuid%3D&gdpr=0&gdpr_consent=&s=191923&C=1 HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=99&advUuid=ZIEUcXZ2pldwTJa-8DxXoQAA%264922 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=2120880633&pcid=ZIEUcXZ2pldwTJa-8DxXoQAA%264922
Request Chain 260
  • https://eb2.3lift.com/getuid?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D121%26advUuid%3D%24UID HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=121&advUuid=3981345439935967684362 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=259151345&pcid=3981345439935967684362
Request Chain 261
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis&gdpr=0&gdpr_consent= HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LIMCLUXN-28-LG0C&gdpr=0 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1725065545&pcid=LIMCLUXN-28-LG0C
Request Chain 262
  • https://ups.analytics.yahoo.com/ups/58627/occ?gdpr=0&gdpr_consent= HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=128&advUuid=y-QB7.BcBE2uEX7am3rJuP6ETyfNj_J3H8W218RC4-~A&gdpr=0 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1028935272&pcid=y-QB7.BcBE2uEX7am3rJuP6ETyfNj_J3H8W218RC4-~A
Request Chain 263
  • https://mb9eo.publishers.tremorhub.com/pubsync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D126%26advUuid%3D%5Btvid%5D HTTP 302
  • https://mb9eo.publishers.tremorhub.com/pubsync/verify?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D126%26advUuid%3D%5Btvid%5D HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=126&advUuid=f152f299ccb14118baf23f4547add36b HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=584182936&pcid=f152f299ccb14118baf23f4547add36b
Request Chain 264
  • https://cs.media.net/cksync?gdpr=0&gdpr_consent=&cs=34&type=pri&ovsid=648114579bd51&redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D127%26advUuid%3D%3Cvsid%3E HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=127&advUuid=3291825772889834000V10 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1723987475&pcid=3291825772889834000V10
Request Chain 265
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D130%26advUuid%3D%24UID HTTP 307
  • https://live.primis.tech/live/liveCS.php?source=external&advId=130&advUuid=Gx0oSQZHp0TGjVC4TkWPbU8_ HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=396218182&pcid=Gx0oSQZHp0TGjVC4TkWPbU8_
Request Chain 266
  • https://ads.stickyadstv.com/user-matching?id=3586&gdpr=0&gdpr_consent= HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=134&advUuid=b65d11787bb3afeb3ca4e718893b75e2&gdpr_consent=&gdpr=0 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=484859127&pcid=b65d11787bb3afeb3ca4e718893b75e2
Request Chain 267
  • https://cs.admanmedia.com/3613a31b6329d1c17d5663d05b080db1.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D138%26advUuid%3D%5BUID%5D HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=138&advUuid=4c5a15c8-a747-4af0-8260-31dd96845137 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=2136778551&pcid=4c5a15c8-a747-4af0-8260-31dd96845137
Request Chain 268
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=21&redirectUri=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D140%26advUuid%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=140&advUuid=4686802647549585227 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1881119486&pcid=4686802647549585227
Request Chain 269
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D143%26advUuid%3D%24UID HTTP 303
  • https://live.primis.tech/live/liveCS.php?source=external&advId=143&advUuid=7694876445673813675 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1697769766&pcid=7694876445673813675
Request Chain 270
  • https://match.sharethrough.com/universal/v1?supply_id=Wog2sp89&gdpr=0&gdpr_consent= HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=%5B144%5D&advUuid=b7c7b499-4295-485e-b3a8-0341b95072ae&gdpr=0
Request Chain 290
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODq2JicpwEQsAkYsAkyCOmWWTk7j0iF HTTP 301
  • https://tpc.googlesyndication.com/simgad/13807221044435258780
Request Chain 309
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODq2JicpwEQsAkYsAkyCOmWWTk7j0iF HTTP 301
  • https://tpc.googlesyndication.com/simgad/13807221044435258780
Request Chain 316
  • https://v9999.adv.admeme.net/drtb/n?google_gid=CAESELAlUJ45waiNuS9-Ix_UReY&google_cver=1&google_push=ATf1kGNN0WIiOmlB94CjPQaQHrZWXWlK9sscsK53KbhOTkNJmfrrnLJtkwz2KvZQZoBnpVKrx8eEkd-kSdQGzrSl8EbzYDsZQcs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=ATf1kGNN0WIiOmlB94CjPQaQHrZWXWlK9sscsK53KbhOTkNJmfrrnLJtkwz2KvZQZoBnpVKrx8eEkd-kSdQGzrSl8EbzYDsZQcs
Request Chain 317
  • https://fksnk.com/cs/google?google_gid=CAESEB272XXutDrvSs0C6FO3cvM&google_cver=1&google_push=ATf1kGP_wKunNtQbQKZgnnjrp1Ii9SD9L-COZLWCK-anChv3CoIBiwrhca0ogpfGFJ3FYnadVMmQxY2JR0TXWmUCzqrwfMA6cP0i HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=NDFFMzczNjA5NDE4RjIwQw==
Request Chain 318
  • https://a.c.appier.net/gcm?google_gid=CAESEPr1Fm_LKwtbPYSo0jrBCkc&google_cver=1&google_push=ATf1kGNZgWH74ZIpioupU6XpgS-AXk9UIyOCpL_YKg3qwww5RdZL1fGBle9hR9dWzF9lHZd2XXa1sjktX2mOg4SFauLAr4r_OM95 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=Y29jVTZySWZEeEt1cGRqYVloU0JaQQ%3D%3D&google_push=ATf1kGNZgWH74ZIpioupU6XpgS-AXk9UIyOCpL_YKg3qwww5RdZL1fGBle9hR9dWzF9lHZd2XXa1sjktX2mOg4SFauLAr4r_OM95
Request Chain 319
  • https://cs.r-ad.ne.jp/2/cs?google_gid=CAESEO3yzFF3n02ZjWSo2idFeI4&google_cver=1&google_push=ATf1kGMD2s7Ci3_zLCOA-8LDg0V7bhoT23coIjUH61g44WUHtkl7JLQ2VOtbl_yXRPbmtOXfFkZpeXPcdP8-Bj9XUz7ldYwoAS6g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=ATf1kGMD2s7Ci3_zLCOA-8LDg0V7bhoT23coIjUH61g44WUHtkl7JLQ2VOtbl_yXRPbmtOXfFkZpeXPcdP8-Bj9XUz7ldYwoAS6g&google_hm=NTRsTmEyMDE4QkREYTAwN0xLRTk
Request Chain 320
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEBHIINvHO9AnzZeU0crr7Ig&google_cver=1&google_push=ATf1kGObytt7kYVCgJ_ZKOqZdrq6BMez8Q_bQyvOa5W6LHhll5uqv0ygVDrXmXm14Rjfmud21N0pRhnF0RUbICb1uM8Kkbn1GeL5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=a07f2109&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=ATf1kGObytt7kYVCgJ_ZKOqZdrq6BMez8Q_bQyvOa5W6LHhll5uqv0ygVDrXmXm14Rjfmud21N0pRhnF0RUbICb1uM8Kkbn1GeL5
Request Chain 321
  • https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESENXdxPzCxEmnRscx6iN342A&google_cver=1&google_push=ATf1kGPJ9-HBDsMi5-vBQ-m01zsW497N4P9tEoI8-d20vQ6iD4wMKsQXTKRngh5LnofjMMFGl7BoowLS8HH9bgJN_-B6ezK1LCiB4A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=NjRkY2ZmOWMtZDE2MS00YzdiLWExMTctZjI1ZjU5ZDlkOWY0&google_push=ATf1kGPJ9-HBDsMi5-vBQ-m01zsW497N4P9tEoI8-d20vQ6iD4wMKsQXTKRngh5LnofjMMFGl7BoowLS8HH9bgJN_-B6ezK1LCiB4A HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 322
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEMNbr_ECRFQe57mE9Gt1H5c&google_cver=1&google_push=ATf1kGP3lr_14O9l-pfpqE9g2WR_XPytJ4MNP-MPUUfFzs8FJEiD35MNi8UXGqMnLhsWC0jZBJUp8dJ_K0G87thT1MHHWiypHtn8Hw HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEMNbr_ECRFQe57mE9Gt1H5c&google_cver=1&google_push=ATf1kGP3lr_14O9l-pfpqE9g2WR_XPytJ4MNP-MPUUfFzs8FJEiD35MNi8UXGqMnLhsWC0jZBJUp8dJ_K0G87thT1MHHWiypHtn8Hw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=4f0664f5-7787-47d1-8469-677d4e269b7e&%%GOOGLE_PUSH_PAIR%%
Request Chain 324
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEGTGXpJ8yOUfUbjFIJOz5Sk&google_cver=1&google_push=ATf1kGNoGJlCnNOr967a7uB78IIfm8I7AXHhAYk9Oxp8CpFoGBTFSOq8g8sqsmRxEZurf6121gTyfXfFPgOqAKwSUTn-U1gwrXg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGNoGJlCnNOr967a7uB78IIfm8I7AXHhAYk9Oxp8CpFoGBTFSOq8g8sqsmRxEZurf6121gTyfXfFPgOqAKwSUTn-U1gwrXg
Request Chain 325
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEGRkhBStl8fYlirpNbr9efw&google_cver=1&google_push=ATf1kGNI98QuXyehU3qW5bWCzzmKRKU-8ldYCThN7rkDznvUvozAccAbN6yezJHR4kkSdGDugfxGx1ddvIOFXcVfrZcAMLU5xqCY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGNI98QuXyehU3qW5bWCzzmKRKU-8ldYCThN7rkDznvUvozAccAbN6yezJHR4kkSdGDugfxGx1ddvIOFXcVfrZcAMLU5xqCY&google_hm=eS1VbUtVam10RTJwR21zd1RtcGtsaVRkWlRSb015cEJoan5B
Request Chain 326
  • https://dynalyst-sync.adtdp.com/pixel?pid=10&google_gid=CAESEMo1s1RUvZsa-7sqVyedQ9g&google_cver=1&google_push=ATf1kGNMbYL7nX5HeuAKmz9cGPDg3ImROaiIHgTxMxs6QXY_Y2ind0NWxGx-CzSiXdlbzjdeRObRuWWY6ZZNmfDT-g_DttcSLEAI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=cyberagent_dynalyst&google_hm=MTM4NzE2ODg2NTE&google_push=ATf1kGNMbYL7nX5HeuAKmz9cGPDg3ImROaiIHgTxMxs6QXY_Y2ind0NWxGx-CzSiXdlbzjdeRObRuWWY6ZZNmfDT-g_DttcSLEAI
Request Chain 327
  • https://x.bidswitch.net/sync?ssp=google_jp&google_gid=CAESEA62_OG8TPskrXxCRRgJ5PM&google_cver=1&google_push=ATf1kGOtR-KPQcAmxAXAj1zOUGS54oiShoBwhiYipePhCAF9hiCJvAsOIswfmP_tOdmsK-h-WYJPduXuzV3ofG7ZWvgiwMuNnn6e HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google_jp&google_gid=CAESEA62_OG8TPskrXxCRRgJ5PM&google_cver=1&google_push=ATf1kGOtR-KPQcAmxAXAj1zOUGS54oiShoBwhiYipePhCAF9hiCJvAsOIswfmP_tOdmsK-h-WYJPduXuzV3ofG7ZWvgiwMuNnn6e HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=iponweb_japan&google_push=ATf1kGOtR-KPQcAmxAXAj1zOUGS54oiShoBwhiYipePhCAF9hiCJvAsOIswfmP_tOdmsK-h-WYJPduXuzV3ofG7ZWvgiwMuNnn6e&google_hm=TwZk9XeHR9GEaWd9Tiabfg==
Request Chain 328
  • https://rtb.openx.net/sync/dds?google_gid=CAESEHVwE7bQCHb5xLY2elWrmMY&google_cver=1&google_push=ATf1kGOjdsacsC_hydKtX2q-iJBue2MaC8YQMZWxk1lShu3oa4bJz1oxCEQ2L2pGOYLtNCTznFTHGl4mKTtlwp2i0VmEn8e4PURv HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=ATf1kGOjdsacsC_hydKtX2q-iJBue2MaC8YQMZWxk1lShu3oa4bJz1oxCEQ2L2pGOYLtNCTznFTHGl4mKTtlwp2i0VmEn8e4PURv&google_hm=7wPrO4zYz14XaX7XWHUYTA==
Request Chain 329
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEBHIINvHO9AnzZeU0crr7Ig&google_cver=1&google_push=ATf1kGNpNbvDfId0ZKZguH0GX8CddD32BiEusgc8VuuhaZgg7_tT8qoFFZAGFrriHd9KO2Y544wfX_CKyseK52b8BXLnoLF4ScMz HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=221b0855&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=ATf1kGNpNbvDfId0ZKZguH0GX8CddD32BiEusgc8VuuhaZgg7_tT8qoFFZAGFrriHd9KO2Y544wfX_CKyseK52b8BXLnoLF4ScMz
Request Chain 330
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEMNbr_ECRFQe57mE9Gt1H5c&google_cver=1&google_push=ATf1kGPjxXqcvrI1UxdiySuHy3JCFg98OfjeEh4D2CMYR9GBO4ScSG-jtyf9HqBvSRFpDqtWF21e9jbAvGkYkSiZZLGJHPpPYdeldw HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEMNbr_ECRFQe57mE9Gt1H5c&google_cver=1&google_push=ATf1kGPjxXqcvrI1UxdiySuHy3JCFg98OfjeEh4D2CMYR9GBO4ScSG-jtyf9HqBvSRFpDqtWF21e9jbAvGkYkSiZZLGJHPpPYdeldw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=4f0664f5-7787-47d1-8469-677d4e269b7e&%%GOOGLE_PUSH_PAIR%%
Request Chain 333
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=7398971242702350507&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 334
  • https://match.adsrvr.org/track/cmf/openx?oxid=30556107-255e-7670-f11d-32608b6c22f6&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=58f19e0b-0c54-4c75-92e1-bfa769476430&ttd_puid=30556107-255e-7670-f11d-32608b6c22f6&gdpr=0&gdpr_consent=
Request Chain 335
  • https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZIEUXsCo8X4AACKnetcAAAAA
Request Chain 336
  • https://cr-p3.ladsp.com/cookiesender/3 HTTP 302
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AeftSTT4Xl5Pks8AD7MOn2lKHM8AAAGImDekKA
Request Chain 338
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJCwEWvCZmM-XcBLTPNiT6M&google_cver=1
Request Chain 341
  • https://ads.yieldmo.com/pbsync?gdpr=&gdpr_consent=&us_privacy=1---&redirectUri=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dyieldmo%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://s2s.t13.io/setuid?bidder=yieldmo&gpp=&gpp_sid=&f=i&uid=3haKaqqnn7qBvSfBmBEa&gdpr=&gdpr_consent=&us_privacy=1---
Request Chain 359
  • https://eb2.3lift.com/sync?us_privacy=1---& HTTP 302
  • https://eb2.3lift.com/sync?us_privacy=1---&&ld=1
Request Chain 365
  • https://x.bidswitch.net/sync?ssp=themediagrid&us_privacy=1--- HTTP 302
  • https://sync.aralego.com/bsw_sync?ucf_nid=par-E2B44D84BBBDED8A0B297323E4B4A68&dsp_id=445&bidswitch_ssp_id=themediagrid&bsw_custom_parameter=4f0664f5-7787-47d1-8469-677d4e269b7e&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=1--- HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=445&user_id=3f87d1aa-e052-3f98-a62a-0e995c0a4a83&ssp=themediagrid&bsw_param=4f0664f5-7787-47d1-8469-677d4e269b7e
Request Chain 366
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://s2s.t13.io/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&f=i&uid=1731213324646008949
Request Chain 370
  • https://rtb.openx.net/sync/dds HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=7wPrO4zYz14XaX7XWHUYTA==&ox_sc=1&ox_init=1 HTTP 302
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Request Chain 372
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Fjp-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=536872786&val=8aa96481-1462-4400-8d93-3f57fee2e878
Request Chain 373
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:8aa96481-1462-4400-8d93-3f57fee2e878&gdpr=0&gdpr_consent=
Request Chain 374
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1976306192160214603
Request Chain 375
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZIEUZAAQCTiUGABL
Request Chain 376
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1731213324646008949&gdpr=0&gdpr_consent=
Request Chain 377
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=dXFIYnJxRmduc0U3IiNdanQnFTduJxUxdyd-efm_
Request Chain 379
  • https://cm.ambientdsp.com/cm/send?vc=pmj HTTP 301
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=10cwc1q2awmq
Request Chain 380
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=KvtX7RgxWNRFeu4KcKUQBkLLcKI&gdpr=0&gdpr_consent=
Request Chain 381
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=2bebe3db9cfd47a8ac2b8aa57dfbc642
Request Chain 383
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1btffw02l5x9
Request Chain 385
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=cocU6rIfDxKupdjaYhSBZA
Request Chain 387
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=11bd5a78-058c-11ee-88ea-707b7631d09d
Request Chain 388
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 391
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 392
  • https://live.primis.tech/live/liveCS.php?source=external&advId=91&advUuid=65B55241-7913-40F1-9841-6178CE8D0BA2 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1402230080&pcid=65B55241-7913-40F1-9841-6178CE8D0BA2
Request Chain 393
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ZbVSQXkTQPGYQWF4zo0Log%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 394
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=65B55241-7913-40F1-9841-6178CE8D0BA2 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=65B55241-7913-40F1-9841-6178CE8D0BA2 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=09e8f016-6ae2-4e9a-8e19-e40c6bba65b9%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=58f19e0b-0c54-4c75-92e1-bfa769476430&ttd_puid=09e8f016-6ae2-4e9a-8e19-e40c6bba65b9%2C%2C
Request Chain 395
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=65B55241-7913-40F1-9841-6178CE8D0BA2&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=65B55241-7913-40F1-9841-6178CE8D0BA2&gdpr=0&gdpr_consent=&ct=y
Request Chain 397
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NjVCNTUyNDEtNzkxMy00MEYxLTk4NDEtNjE3OENFOEQwQkEy&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 398
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJR5m0TcmJTjhhmbbbWS22M&google_cver=1
Request Chain 399
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:6D58E35949B24D2789C3A33390EAEA17
Request Chain 400
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=58f19e0b-0c54-4c75-92e1-bfa769476430&gdpr=0&gdpr_consent=
Request Chain 402
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=4f0664f5-7787-47d1-8469-677d4e269b7e&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=712bd63c-cb28-4d7d-ad31-63c1faf80437&expires=1&user_group=5&ssp=pubmatic&bsw_param=4f0664f5-7787-47d1-8469-677d4e269b7e&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=4f0664f5-7787-47d1-8469-677d4e269b7e&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 403
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=65B55241-7913-40F1-9841-6178CE8D0BA2&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-hBsZ5apE2uW6QcMG1SrokfRXfEDGq7E-~A&gdpr=0
Request Chain 404
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7694876445673813675
Request Chain 405
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7398971242702350507&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 406
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=65B55241-7913-40F1-9841-6178CE8D0BA2&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=1ec747a0fe53209c&is_secure=true&networkId=17100&version=1&nuid=65B55241-7913-40F1-9841-6178CE8D0BA2&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMRmaAg88z8gNT5AVIAAAAAAA&expiration=1686267367&nuid=65B55241-7913-40F1-9841-6178CE8D0BA2&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 407
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1731213324646008949
Request Chain 410
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=58f19e0b-0c54-4c75-92e1-bfa769476430&dongle=0cfd&gdpr=0&gdpr_consent=
Request Chain 411
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Mzk4MTM0NTQzOTkzNTk2NzY4NDM2Mg%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 412
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEMpRYQgpbe52BHSlDJuOtIw&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 413
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Mzk4MTM0NTQzOTkzNTk2NzY4NDM2Mg%3D%3D
Request Chain 414
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3981345439935967684362&dbredirect=true&gdpr=0&consent= HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3981345439935967684362&dbredirect=true&gdpr=0&consent=&cookiesTest=true
Request Chain 415
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=3981345439935967684362&gdpr=0&gdpr_consent= HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=a31de76f-be4b-49d5-bbc9-fdbcaeb58eb3&ssp=triplelift HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=4f0664f5-7787-47d1-8469-677d4e269b7e&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 417
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/3981345439935967684362?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-ynSJ6WRE2oRs2s_FLrqKUzo4_KV94raYwHIAJtr6mw--~A&dongle=0883
Request Chain 418
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=TEgykCnCr3EAGYbxX1zk&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5KRCWO6LLINXEG4RTIVAUOWLCPBMDC6TL&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5KRCWO6LLINXEG4RTIVAUOWLCPBMDC6TL HTTP 302
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=TEgykCnCr3EAGYbxX1zk
Request Chain 419
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=1731213324646008949&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 425
  • https://ib.adnxs.com/getuid?https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an HTTP 302
  • https://ads.yieldmo.com/v000/sync?userid=1731213324646008949&pn_id=an
Request Chain 426
  • https://sync.1rx.io/usersync2/rmpssp?sub=yieldmo&redir%3Dhttps%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=yieldmo&zcc=1&cb=1686180964980 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=2329209091 HTTP 302
  • https://sync.1rx.io/usersync/turn/7398971242702350507?dspret=1&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-af6c42ef-39ec-431c-b6ee-8b3073063fee-004?redir=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3DRX-af6c42ef-39ec-431c-b6ee-8b3073063fee-004 HTTP 302
  • https://ads.yieldmo.com/v000/sync?pn_id=unl&id=RX-af6c42ef-39ec-431c-b6ee-8b3073063fee-004
Request Chain 427
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3107&partner_device_id=3haKaqqnn7qBvSfBmBEa HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=09e8f016-6ae2-4e9a-8e19-e40c6bba65b9%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=58f19e0b-0c54-4c75-92e1-bfa769476430&ttd_puid=09e8f016-6ae2-4e9a-8e19-e40c6bba65b9%2C%2C
Request Chain 428
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=yieldmo&ttd_tpi=1&ttd_puid=3haKaqqnn7qBvSfBmBEa HTTP 302
  • https://ads.yieldmo.com/v000/sync?tdid=58f19e0b-0c54-4c75-92e1-bfa769476430
Request Chain 429
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_cm&pn_id=c HTTP 302
  • https://ads.yieldmo.com/v000/sync?pn_id=c&google_gid=CAESEDvLVLenCEaIvygX6csP0s4&google_cver=1
Request Chain 430
  • https://sync.1rx.io/usersync2/rmphb?gdpr=&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-af6c42ef-39ec-431c-b6ee-8b3073063fee-004?redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3DRX-af6c42ef-39ec-431c-b6ee-8b3073063fee-004 HTTP 302
  • https://s2s.t13.io/setuid?bidder=unruly&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&f=i&uid=RX-af6c42ef-39ec-431c-b6ee-8b3073063fee-004
Request Chain 431
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0&us_privacy=1--- HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LIMCLUXN-28-LG0C&gdpr=0&us_privacy=1---
Request Chain 432
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0&us_privacy=1--- HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/J5EJkw7dBIOOrOKRDbx5ZMn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-ScVtcJ1E2oLl8wUuFX0YYU2onaWweZoqu9KGaw--~A
Request Chain 433
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=58f19e0b-0c54-4c75-92e1-bfa769476430&gdpr=0&gdpr_consent=&expires=30
Request Chain 434
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&us_privacy=1--- HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&us_privacy=1---&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=MCb9UQY_RaSw9bm4gumMEg&rk=usync-other&gdpr=0 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=MCb9UQY_RaSw9bm4gumMEg&gdpr=0
Request Chain 435
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjMyY2IxYmZlY2VlNjIwOTZiZWFmOGMyZWUwMzkwZGJjNjZkZTE0OQ&gdpr=0&us_privacy=1---
Request Chain 436
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&us_privacy=1--- HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&us_privacy=1---&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=VRVIi6jURSWIiue_tLpH6w&rk=usync-na&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=VRVIi6jURSWIiue_tLpH6w&gdpr=0
Request Chain 437
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEFs4VAJzlo2Y4PTm4_Ee64w&google_cver=1
Request Chain 438
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TElNQ0xVWE4tMjgtTEcwQw==&gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=0&google_gid=CAESEAd03RJwXWR48iqMJIrg0eM&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TElNQ0xVWE4tMjgtTEcwQw==&google_push=&gdpr=0
Request Chain 449
  • https://ap.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=1---&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID HTTP 301
  • https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=1---&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Request Chain 456
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=99&gdpr=&gdpr_consent=&redir= HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=2c43c52b-8016-462a-a7c8-b819e09b1d64-6481146d-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D2c43c52b-8016-462a-a7c8-b819e09b1d64-6481146d-5553%26partner_url%3Dhttps%253A%252F%252Fs2s.t13.io%252Fsetuid%253Fbidder%253Dbasis%2526gdpr%253D0%2526gdpr_consent%253D%2526us_privacy%253D%2526uid%253D2c43c52b-8016-462a-a7c8-b819e09b1d64-6481146d-5553 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=2c43c52b-8016-462a-a7c8-b819e09b1d64-6481146d-5553&partner_url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dbasis%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uid%3D2c43c52b-8016-462a-a7c8-b819e09b1d64-6481146d-5553 HTTP 302
  • https://s2s.t13.io/setuid?bidder=basis&gdpr=0&gdpr_consent=&us_privacy=&uid=2c43c52b-8016-462a-a7c8-b819e09b1d64-6481146d-5553
Request Chain 458
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:DrvZez1X1Q72Hd5&gdpr=0&gdpr_consent=
Request Chain 459
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8594266546 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/58f19e0b-0c54-4c75-92e1-bfa769476430 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-af6c42ef-39ec-431c-b6ee-8b3073063fee-004?redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D97%263pid%3DRX-af6c42ef-39ec-431c-b6ee-8b3073063fee-004 HTTP 302
  • https://ce.lijit.com/merge?pid=97&3pid=RX-af6c42ef-39ec-431c-b6ee-8b3073063fee-004
Request Chain 460
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:6D58E35949B24D2789C3A33390EAEA17&gdpr=0&gdpr_consent=
Request Chain 461
  • https://idsync.rlcdn.com/420486.gif?partner_uid=65B55241-7913-40F1-9841-6178CE8D0BA2 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJDY1QjU1MjQxLTc5MTMtNDBGMS05ODQxLTYxNzhDRThEMEJBMhAAGg0I56iEpAYSBQjoBxAAQgBKAA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=cb3ae32dc2a6e45de8e9fc37c347abc8b938b8ee11d012b070e3bfbf8576429b791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlBjYjNhZTMyZGMyYTZlNDVkZThlOWZjMzdjMzQ3YWJjOGI5MzhiOGVlMTFkMDEyYjA3MGUzYmZiZjg1NzY0MjliNzkxNDI2YjU0MTdkY2UyMRAAGgwI6KiEpAYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlBjYjNhZTMyZGMyYTZlNDVkZThlOWZjMzdjMzQ3YWJjOGI5MzhiOGVlMTFkMDEyYjA3MGUzYmZiZjg1NzY0MjliNzkxNDI2YjU0MTdkY2UyMRAAGgwI6KiEpAYSBAgCEABCAEoA&google_gid=CAESELGwV9Q3H8A4LnxFV70Mt68&google_cver=1 HTTP 307
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
  • https://idsync.rlcdn.com/458249.gif?partner_uid=eaf3497a-e89b-4704-bcd2-9e1feb432b91
Request Chain 464
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://ce.lijit.com/merge?pid=85&3pid=AANsPk7JAikAACFAbFObtA&gdpr=0
Request Chain 465
  • https://sync.1rx.io/usersync2/rmpssp?sub=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1506031410 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/58f19e0b-0c54-4c75-92e1-bfa769476430 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-af6c42ef-39ec-431c-b6ee-8b3073063fee-004?redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D97%263pid%3DRX-af6c42ef-39ec-431c-b6ee-8b3073063fee-004 HTTP 302
  • https://ce.lijit.com/merge?pid=97&3pid=RX-af6c42ef-39ec-431c-b6ee-8b3073063fee-004
Request Chain 466
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LIMCLUXN-28-LG0C&gdpr=0
Request Chain 467
  • https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=27&3pid=58f19e0b-0c54-4c75-92e1-bfa769476430&gdpr=0&gdpr_consent=
Request Chain 468
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=83&3pid=LIMCLUXN-28-LG0C&gdpr=0
Request Chain 469
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D92%263pid%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=92&3pid=1731213324646008949&gdpr=0&gdpr_consent=
Request Chain 476
  • https://i.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072979&val=uPD9hfEq1Q72He5
Request Chain 477
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZIEUZAAQCTiUGABL
Request Chain 479
  • https://bk.r-ad.ne.jp/3/cs HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537097918&val=54lNa2018BDDa007LKE9
Request Chain 507
  • https://x.bidswitch.net/sync?ssp=openx HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_custom_parameter=4f0664f5-7787-47d1-8469-677d4e269b7e HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_custom_parameter=4f0664f5-7787-47d1-8469-677d4e269b7e HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=9eef2c2f-4801-45e2-8444-5fa52f09b984&user_group=1&ssp=openx&bsw_param=4f0664f5-7787-47d1-8469-677d4e269b7e HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=4f0664f5-7787-47d1-8469-677d4e269b7e&gdpr=&gdpr_consent=&us_privacy=
Request Chain 509
  • https://openx2-match.dotomi.com/match/bounce/current?networkId=15900&version=1&nuid={OX_USER_ID} HTTP 302
  • https://openx2-match.dotomi.com/match/bounce/current?DotomiTest=2c879f5fa215228d&is_secure=true&networkId=15900&version=1&nuid=%7BOX_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAALenmBkdIgyQM2WdfIAAAAAAA&expiration=1686267376&nuid={OX_USER_ID}&is_secure=true
Request Chain 511
  • https://um.simpli.fi/ox_match HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=6D58E35949B24D2789C3A33390EAEA17
Request Chain 530
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D?gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=4f0664f5-7787-47d1-8469-677d4e269b7e
Request Chain 531
  • https://csync.loopme.me/?pubid=11405&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dloopme.com%26id%3D%7Bviewer_token%7D&gdpr=0 HTTP 307
  • https://s.amazon-adsystem.com/ecm3?ex=loopme.com&id=3aabb0b3-b5e1-493d-8e7d-d4ae08ad6ab3&gdpr=0
Request Chain 532
  • https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3291825772889834000V10
Request Chain 533
  • https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID&gdpr=0 HTTP 303
  • https://s.amazon-adsystem.com/ecm3?id=AANsPk7JAikAACFAbFObtA&ex=beeswax.com
Request Chain 534
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=TEgykCnCr3EAGYbxX1zk&gdpr=0
Request Chain 537
  • https://sync.inmobi.com/TAM?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D&gdpr=0 HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=inmobi.com&id=ID5-7aebbdsga1nctBFnyOEudPyYGURARFSJurc0GDAI2Q
Request Chain 541
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid=%24UID&ex=appnexus.com&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=1731213324646008949&ex=appnexus.com&gdpr=0
Request Chain 542
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=3981345439935967684362
Request Chain 551
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=qdljka7ZbZSy227E_ot2maiPPsSyjz7Cq496QeCt
Request Chain 552
  • https://j.mrpdata.net/c.html?ex=OpenX HTTP 302
  • https://j.mrpdata.net/c.html?ac=1&test=1&pd=IiJDEhk64oNJNGE8hhJnLaIH&ex=OpenX
Request Chain 553
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=2c43c52b-8016-462a-a7c8-b819e09b1d64-6481146d-5553&gdpr=0&gdpr_consent=
Request Chain 554
  • https://csync.loopme.me/?redirect=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D539270434%26val%3D%7Bdevice_id%7D HTTP 307
  • https://eu-u.openx.net/w/1.0/sd?id=539270434&val=3aabb0b3-b5e1-493d-8e7d-d4ae08ad6ab3
Request Chain 557
  • https://de.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV HTTP 307
  • https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
Request Chain 560
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fpbm-usync%253Fuid%253D%2523PMUID HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=156872&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fpbm-usync%3Fuid%3D65B55241-7913-40F1-9841-6178CE8D0BA2 HTTP 302
  • https://router.infolinks.com/dyn/pbm-usync?uid=65B55241-7913-40F1-9841-6178CE8D0BA2 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3356&partner_device_id=65B55241-7913-40F1-9841-6178CE8D0BA2 HTTP 302
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D09e8f016-6ae2-4e9a-8e19-e40c6bba65b9%252C%252C
Request Chain 561
  • https://ib.adnxs.com/getuid?https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fapn-usync%3Fuser_id%3D%24UID HTTP 302
  • https://router.infolinks.com/dyn/apn-usync?user_id=1731213324646008949
Request Chain 562
  • https://u.openx.net/w/1.0/cm?id=9b5994f2-035d-46de-8c12-bc0e9a4e66c2&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fox-usync%3Fuid%3D HTTP 302
  • https://router.infolinks.com/dyn/ox-usync?uid=1bc24396-368a-41fc-b0d2-059273cb8763
Request Chain 563
  • https://ups.analytics.yahoo.com/ups/58786/sync?redir=true HTTP 302
  • https://router.infolinks.com/dyn/VR-usync?uid=y-5E6Z5QFE2uJ8fgp3lT3BVNBO7X22uRcV~A HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3399&partner_device_id=y-5E6Z5QFE2uJ8fgp3lT3BVNBO7X22uRcV~A HTTP 302
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D09e8f016-6ae2-4e9a-8e19-e40c6bba65b9%252C%252C HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=1731213324646008949&pt=09e8f016-6ae2-4e9a-8e19-e40c6bba65b9%2C%2C
Request Chain 564
  • https://sync.1rx.io/usersync2/infolinks HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/unruly?rndcb=4616120629 HTTP 302
  • https://usermatch.targeting.unrulymedia.com/usermatch/oath/y-fS.HTM9E2oUz8kQGXx6D3zgGDEuHaJ0JOGAr~A HTTP 302
  • https://sync.1rx.io/usersync/verizon/y-fS.HTM9E2oUz8kQGXx6D3zgGDEuHaJ0JOGAr~A HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-af6c42ef-39ec-431c-b6ee-8b3073063fee-004?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fr1-usync%3Fuid%3DRX-af6c42ef-39ec-431c-b6ee-8b3073063fee-004 HTTP 302
  • https://router.infolinks.com/dyn/r1-usync?uid=RX-af6c42ef-39ec-431c-b6ee-8b3073063fee-004
Request Chain 565
  • https://b1sync.zemanta.com/usersync/infolinks/?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fzmn-usync%3Fuid%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=TEgykCnCr3EAGYbxX1zk&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TPOV2GK4RONFXGM33MNFXGW4ZOMNXW2L3EPFXC66TNNYWXK43ZNZRT6ZLYMNUGC3THMU6WS3TGN5WGS3TLOMTHK2LEHVKEKZ3ZNNBW4Q3SGNCUCR2ZMJ4FQML2NM HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TPOV2GK4RONFXGM33MNFXGW4ZOMNXW2L3EPFXC66TNNYWXK43ZNZRT6ZLYMNUGC3THMU6WS3TGN5WGS3TLOMTHK2LEHVKEKZ3ZNNBW4Q3SGNCUCR2ZMJ4FQML2NM
Request Chain 566
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Ftplift%3Fuid%3D%24UID HTTP 302
  • https://router.infolinks.com/dyn/tplift?uid=3981345439935967684362
Request Chain 567
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsonobi-usync%3Fuid%3D%5BUID%5D HTTP 302
  • https://router.infolinks.com/dyn/sonobi-usync?uid=5529cc7d-5ff6-4d00-a899-0335194408dd
Request Chain 568
  • https://ad.360yield.com/server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531 HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531
Request Chain 569
  • https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true HTTP 301
  • https://ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://router.infolinks.com/dyn/outh-usync?uid=y-Bxua.GpE2uHPtv00oSAIEz4YrFVnGH6k~A
Request Chain 570
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID HTTP 307
  • https://router.infolinks.com/dyn/sovrn-usync?uid=Gx0oSQZHp0TGjVC4TkWPbU8_
Request Chain 571
  • https://image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fusersync%253Fpmuservalue%253D%2523PMUID HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=60809&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fusersync%3Fpmuservalue%3D65B55241-7913-40F1-9841-6178CE8D0BA2
Request Chain 579
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&gdpr=0&gdpr=0&us_privacy=1---&khaos=LIMCLUXN-28-LG0C HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LIMCLUXN-28-LG0C&ex=d-rubiconproject.com&status=ok&gdpr=0&us_privacy=1---
Request Chain 589
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZIEUcXZ2pldwTJa_8DxXoQAAEzoAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELlKjCT5s5f270wFplWqQ5I&google_cver=1
Request Chain 590
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=58f19e0b-0c54-4c75-92e1-bfa769476430&expiration=1688772980&gdpr=0&gdpr_consent=
Request Chain 591
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZIEUcXZ2pldwTJa-8DxXoQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBnvFWKZpg_cyJK7qCgZn1o&google_cver=1
Request Chain 593
  • https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=4686802647549585227&gdpr=0&gdpr_consent=
Request Chain 594
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=1731213324646008949
Request Chain 595
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://stags.bluekai.com/site/23178?id=TEgykCnCr3EAGYbxX1zk&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2VCFM54WWQ3OINZDGRKBI5MWE6CYGF5GW HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2VCFM54WWQ3OINZDGRKBI5MWE6CYGF5GW
Request Chain 596
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=R1GtikBRo49cU6DfEAO4gkYH8N9cB_DZRQfLtdr2
Request Chain 602
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160648&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.yieldmo.com%252Fsync%253Fpn_id%253Dpub%2526id%253D%2523PMUID%2526gdpr%253DPM_GDPR%2526gdpr_consent%253DPM_CONSENT HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=160648&pmc=1&pr=https%3A%2F%2Fsync-pm.ads.yieldmo.com%2Fsync%3Fpn_id%3Dpub%26id%3D65B55241-7913-40F1-9841-6178CE8D0BA2%26gdpr%3D-1%26gdpr_consent%3D HTTP 302
  • https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=65B55241-7913-40F1-9841-6178CE8D0BA2&gdpr=-1&gdpr_consent=
Request Chain 604
  • https://yieldmo-match.dotomi.com/match/bounce/current?networkId=42851&version=1 HTTP 302
  • https://yieldmo-match.dotomi.com/match/bounce/current?DotomiTest=5e60c907cdf22075&is_secure=true&networkId=42851&version=1 HTTP 302
  • https://ads.yieldmo.com/sync?pn_id=eps&id=AAALh_mWA5xfjwNDlfnHAAAAAAA&expiration=1686267381&is_secure=true
Request Chain 605
  • https://sync.srv.stackadapt.com/sync?nid=21 HTTP 302
  • https://ads.yieldmo.com/sync?pn_id=stk&userid=KvtX7RgxWNRFeu4KcKUQBkLLcKI&gdpr=&gdpr_consent=
Request Chain 607
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=58f19e0b-0c54-4c75-92e1-bfa769476430&expiration=1688772981&gdpr=0&gdpr_consent=
Request Chain 608
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZIEUcXZ2pldwTJa_8DxXoQAAEzoAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELlKjCT5s5f270wFplWqQ5I&google_cver=1
Request Chain 610
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZIEUcXZ2pldwTJa-8DxXoQAA
Request Chain 611
  • https://dynalyst-sync.adtdp.com/cookie/sync?pid=43 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=216&external_user_id=AYiYN6KtCF9aiN1fMnU
Request Chain 613
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=81b19d05-6cb8-7530-6a394c70
Request Chain 614
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7398971242702350507
Request Chain 618
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=1&uid=8aa96481-1462-4400-8d93-3f57fee2e878&gdpr=1&gdpr_consent=
Request Chain 622
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABiJg36vRMXvavdLfMJKKaaiz6DS72ii9cNw
Request Chain 624
  • https://id.rlcdn.com/711916.gif?ct=4&cv= HTTP 307
  • https://onetag-sys.com/match/?int_id=110&uid=
Request Chain 625
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=vXKx5dNkIMXrl9paM3JdxbfpkUXaUoz_MilNevHi1G8
Request Chain 627
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEIc_fLkkBieaHAbGKCfWla0&google_cver=1
Request Chain 642
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=the33across&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=93&user_id=58f19e0b-0c54-4c75-92e1-bfa769476430&expires=30&ssp=the33across&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_21} HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=4f0664f5-7787-47d1-8469-677d4e269b7e
Request Chain 644
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=104&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D45%26xu%3D%7BuserId%7D HTTP 302
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=45&xu=2c43c52b-8016-462a-a7c8-b819e09b1d64-6481146d-5553

652 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.themarysue.com/
Redirect Chain
  • http://www.themarysue.com/
  • https://www.themarysue.com/
121 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.21.177 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / WordPress VIP <https://wpvip.com>
Resource Hash
4db089451cb586a8152e12c08d577bd6c96f8b96332aafe0f2416099ad584147

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
0
alt-svc
h3=":443"; ma=86400
cf-apo-via
origin,no-cache
cf-cache-status
BYPASS
cf-edge-cache
cache,platform=wordpress
cf-ray
7d3cb691caa2dfb5-SYD
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 07 Jun 2023 23:35:44 GMT
host-header
a9130478a60e5f9135f765b23f26593b
link
<https://www.themarysue.com/wp-json/>; rel="https://api.w.org/"
server
cloudflare
vary
Accept-Encoding
x-cache
miss
x-hacker
If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by
WordPress VIP <https://wpvip.com>
x-rq
syd4 123 243 443

Redirect headers

CF-RAY
7d3cb68c9b97a7f5-SYD
Cache-Control
max-age=3600
Connection
keep-alive
Date
Wed, 07 Jun 2023 23:35:42 GMT
Expires
Thu, 08 Jun 2023 00:35:42 GMT
Location
https://www.themarysue.com/
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400
crit-main.min.css
www.themarysue.com/wp-content/themes/m2019-tms/css/min/ 		47 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.themarysue.com/wp-content/themes/m2019-tms/css/min/crit-main.min.css?2304060456
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.21.177 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2ac5b7c82a6dcbc2a4f0865a3040cf46ae6140ebbdcce9f803276f371e3fd6e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:35:44 GMT
x-rq
yyz2 123 243 443
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 06 Apr 2023 04:56:22 GMT
server
cloudflare
age
1320237
etag
W/"642e50f6-ba53"
vary
Accept-Encoding
x-cache
MISS
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
7d3cb6967fdfdfb5-SYD
alt-svc
h3=":443"; ma=86400
expires
Thu, 06 Jun 2024 23:35:44 GMT
def-main.min.css
www.themarysue.com/wp-content/themes/m2019-tms/css/min/ 		290 B
371 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.themarysue.com/wp-content/themes/m2019-tms/css/min/def-main.min.css?2303092327
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.21.177 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b5d174c28eccba36ede43046f94c1fcb1a2d9ec19757ff25f43fa9ca51fb5a7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:35:44 GMT
x-rq
yyz2 123 243 443
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 21 Feb 2023 22:32:08 GMT
server
cloudflare
age
1346106
etag
W/"63f54668-122"
vary
Accept-Encoding
x-cache
MISS
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
7d3cb6967fe0dfb5-SYD
alt-svc
h3=":443"; ma=86400
expires
Thu, 06 Jun 2024 23:35:44 GMT
style-index.css
www.themarysue.com/wp-content/plugins/gamurs-gutenberg-blocks/build/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.themarysue.com/wp-content/plugins/gamurs-gutenberg-blocks/build/style-index.css?m=1680756982g
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.21.177 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25422741643745e24765c242019a1c262b5ec3835a9b38b58e9168f013127c60

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:35:44 GMT
content-encoding
br
cf-cache-status
HIT
age
94505
cf-polished
origSize=5733
x-cache
MISS
alt-svc
h3=":443"; ma=86400
x-rq
yyz2 123 243 443
cf-bgj
minify
last-modified
Thu, 06 Apr 2023 04:56:22 GMT
server
cloudflare
etag
W/"642e50f6-1665"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
7d3cb6967fe1dfb5-SYD
expires
Thu, 06 Jun 2024 23:35:44 GMT
/
www.themarysue.com/_static/ 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.themarysue.com/_static/??-eJzTLy/QzcxLzilNSS3WzyrWz01NyUxMzUnNTc0rQeEU5CRWphbp5qSmJyZX6uVm5uklFxfr6OPTDpRD5sM02efaGppZmJibmVgYGwEARP0u7A==
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.21.177 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d2c10cf69410c10177fc6e56937d05151b182841fa6aee36f651d587d91fbb8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:35:44 GMT
content-encoding
br
cf-cache-status
HIT
age
1313533
x-cache
MISS
alt-svc
h3=":443"; ma=86400
x-rq
yyz2 123 243 443
last-modified
Mon, 22 May 2023 14:13:52 GMT
cf-bgj
minify
server
cloudflare
vary
Accept-Encoding
content-type
text/css;charset=utf-8
cache-control
public, max-age=31536000
cf-apo-via
tcache
cf-ray
7d3cb6967fe2dfb5-SYD
expires
Thu, 06 Jun 2024 23:35:44 GMT
/
www.themarysue.com/_static/ 		435 B
359 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.themarysue.com/_static/??/wp-content/mu-plugins/search/elasticpress-next/dist/css/related-posts-block-styles.min.css,/wp-includes/css/classic-themes.min.css?m=1685979298
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.21.177 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e52f66a7aa63b5c67524ffb9825091c5393756d74f0dda85f9f3005e07d22b40

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:35:44 GMT
content-encoding
br
cf-cache-status
HIT
age
19567
cf-polished
origSize=438
x-cache
MISS
alt-svc
h3=":443"; ma=86400
x-rq
yyz2 123 243 443
last-modified
Fri, 02 Jun 2023 16:18:22 GMT
cf-bgj
minify
server
cloudflare
vary
Accept-Encoding
content-type
text/css;charset=utf-8
cache-control
public, max-age=31536000
cf-apo-via
tcache
cf-ray
7d3cb6967fe3dfb5-SYD
expires
Thu, 06 Jun 2024 23:35:44 GMT
/
www.themarysue.com/_static/ 		98 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.themarysue.com/_static/??/wp-content/plugins/pmpro-mailchimp/css/pmpromc.css,/wp-content/mu-plugins/jetpack-12.0/css/jetpack.css?m=1686170054
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.21.177 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48f0269de5946fa220a87399a38d303442780c041af4edde7d87185a8b6cb630

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:35:44 GMT
content-encoding
br
cf-cache-status
HIT
age
9325
x-cache
MISS
alt-svc
h3=":443"; ma=86400
x-rq
yyz2 123 242 443
last-modified
Wed, 07 Jun 2023 20:34:14 GMT
cf-bgj
minify
server
cloudflare
vary
Accept-Encoding
content-type
text/css;charset=utf-8
cache-control
public, max-age=31536000
cf-apo-via
tcache
cf-ray
7d3cb6967fe7dfb5-SYD
expires
Thu, 06 Jun 2024 23:35:44 GMT
/
www.themarysue.com/_static/ 		99 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.themarysue.com/_static/??-eJzTLy/QzcxLzilNSS3WzwKiwtLUokoopZebmaeXVayjj0+Rbm5melFiSSpUsX2uraGZhYm5mYmFsWEWAK+8Iig=
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.21.177 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7374a169b675ad5c3ac6167edda9c8fe05fe5315b6728815db2f091cc7712af6

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:35:44 GMT
content-encoding
br
cf-cache-status
HIT
age
1389697
cf-polished
origSize=100912
x-cache
MISS
alt-svc
h3=":443"; ma=86400
x-rq
yyz2 123 243 443
last-modified
Mon, 22 May 2023 14:13:47 GMT
cf-bgj
minify
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-apo-via
tcache
cf-ray
7d3cb6967fe9dfb5-SYD
expires
Thu, 06 Jun 2024 23:35:44 GMT
chartbeat_mab.js
static.chartbeat.com/js/ 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_mab.js
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.121.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-121-109.hkg62.r.cloudfront.net
Software
nginx /
Resource Hash
5da042d5812f163384470df8b5fbca46e8364922c47407a8dbdcf114066fc6ab

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 01:32:03 GMT
content-encoding
gzip
via
1.1 5e691cfa2d6a5d86455e38cf854d7efa.cloudfront.net (CloudFront)
last-modified
Wed, 20 Jul 2022 00:57:56 GMT
server
nginx
x-amz-cf-pop
HKG62-C1
age
79423
etag
W/"62d75314-5d6b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
ViTyQWuLvYycQRLGkB_iXwVNMk_aM5UfNIUI4jmpOOdJSITPlayvOA==
expires
Thu, 08 Jun 2023 01:32:03 GMT
snippet.min.js
geniuslinkcdn.com/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://geniuslinkcdn.com/snippet.min.js
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
139.180.203.10 , Japan, ASN20473 (AS-CHOOPA, US),
Reverse DNS
haproxyfe1.production.nrt.vultr.georiot.com
Software
nginx /
Resource Hash
52a81cc44904eac8d8d3d8aa4d66fa18c2ed0c537a2a170547d94534476cd188

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:35:46 GMT
content-encoding
gzip
ratelimit-reset
1686181006
transfer-encoding
chunked
ratelimit-limit
15
last-modified
Tue, 29 Nov 2022 19:24:18 GMT
server
nginx
ratelimit-observed
0
etag
W/"63865c62-1614"
ratelimit-resettime
Wed, 07 Jun 2023 23:36:46 GMT
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
access-control-max-age
1728000
ratelimit-remaining
15
expires
Thu, 08 Jun 2023 23:35:46 GMT
min.js
www.themarysue.com/wp-content/themes/m2019-tms/js/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.themarysue.com/wp-content/themes/m2019-tms/js/min.js?2303092327
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.21.177 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa6b6012a0bc9848f75e7f545274818becd4fde757c305fad3bcef9e1e11ba56

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:35:44 GMT
content-encoding
br
cf-cache-status
HIT
age
94505
cf-polished
origSize=13019
x-cache
MISS
alt-svc
h3=":443"; ma=86400
x-rq
yyz2 123 242 443
cf-bgj
minify
last-modified
Tue, 21 Feb 2023 22:32:08 GMT
server
cloudflare
etag
W/"63f54668-32db"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7d3cb6967febdfb5-SYD
expires
Thu, 06 Jun 2024 23:35:44 GMT
flying-focus.js
www.themarysue.com/wp-content/themes/m2019-tms/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.themarysue.com/wp-content/themes/m2019-tms/js/flying-focus.js?2303092327
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.21.177 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc3cafe80a8bd22ca37fc3b020a2f7d25b6ef6d016526026aba3393f131b8cf1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:35:45 GMT
content-encoding
br
cf-cache-status
HIT
age
94506
cf-polished
origSize=3787
x-cache
MISS
alt-svc
h3=":443"; ma=86400
x-rq
yyz2 123 243 443
cf-bgj
minify
last-modified
Tue, 21 Feb 2023 22:32:08 GMT
server
cloudflare
etag
W/"63f54668-ecb"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7d3cb69d2fa2dfb5-SYD
expires
Thu, 06 Jun 2024 23:35:45 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		136 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9356934496955375
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.177.97.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tm-in-f154.1e100.net
Software
cafe /
Resource Hash
eadd2bf84cd263e2da1a3f5bd9fa49476a3c2ddeb44f33efed99b9a1ec637e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themarysue.com/
Origin
https://www.themarysue.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:35:46 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47329
x-xss-protection
0
server
cafe
etag
17928115916119603603
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 07 Jun 2023 23:35:46 GMT
js
www.googletagmanager.com/gtag/ 		123 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-21433528-1
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.204.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ti-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
82f7144c37ea35a887898f157dcbde8856402ff29f7aa9046e1bc0065dfdf9c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:35:46 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
48480
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 07 Jun 2023 23:35:46 GMT
ads-prebid-banner-proper-outbrain.js
www.themarysue.com/wp-content/themes/m2019-tms/js/ 		25 B
125 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.themarysue.com/wp-content/themes/m2019-tms/js/ads-prebid-banner-proper-outbrain.js?2303092327
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.21.177 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de0b6a85183e77b27669137f81e9807c2f1c35fd0c1b3012055e3cf0da2f16fa

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:35:44 GMT
cf-cache-status
HIT
age
1346105
cf-polished
origSize=27
x-cache
MISS
alt-svc
h3=":443"; ma=86400
content-length
25
x-rq
yyz2 123 243 443
cf-bgj
minify
last-modified
Tue, 21 Feb 2023 22:32:08 GMT
server
cloudflare
etag
"63f54668-1b"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7d3cb6968ff3dfb5-SYD
expires
Thu, 06 Jun 2024 23:35:44 GMT
cls.css
a.pub.network/themarysue-com/ 		513 B
725 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/themarysue-com/cls.css
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.20.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f59e88800776de514430fd9e95b369fff9497bf6d2bcb9382e4f6604ecbc66da

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:35:45 GMT
content-encoding
gzip
cf-cache-status
HIT
x-guploader-uploadid
ADPycdtMNQ4-K2TwoD018vwOB4qj9DrxF4axkHvejSkgL9WnToPwZnIWlKKj5ykTnMJ2iembgG10zZfrZcKkXoqn6bA14nafVx9H
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
last-modified
Mon, 05 Jun 2023 14:43:49 GMT
server
cloudflare
etag
W/"7bd50d69f2e14564556e26af3b00755e"
vary
Accept-Encoding
x-goog-hash
crc32c=7GwvEA==, md5=e9UNafLhRWRVbiavOwB1Xg==
x-goog-generation
1684352124797596
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=1800
x-goog-stored-content-length
513
cf-ray
7d3cb69a9c84a819-SYD
expires
Thu, 08 Jun 2023 00:05:45 GMT
pubfig.min.js
a.pub.network/themarysue-com/ 		103 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/themarysue-com/pubfig.min.js
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.20.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e29b67c2fda447efc481e7301f92f8a98281d599453b5ece43081d2dbef0586a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:35:45 GMT
content-encoding
gzip
cf-cache-status
HIT
age
104982
x-guploader-uploadid
ADPycdt3fxL7H7GHM9cGwvcn6dTZJqIGi4RuHuW3QbA3120WRVF0cX-eLdAeILbO27BvPS9D6lubhObSOBxbkfmbDzP5nadNRUkg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
last-modified
Mon, 05 Jun 2023 14:43:48 GMT
server
cloudflare
etag
W/"66336858203cb0d0fef1634eda734e73"
vary
Accept-Encoding
x-goog-hash
crc32c=S8c9og==, md5=ZjNoWCA8sND+8WNO2nNOcw==
x-goog-generation
1685976228682464
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=1800
x-goog-stored-content-length
105868
cf-ray
7d3cb69d2f1fa819-SYD
expires
Thu, 08 Jun 2023 00:05:45 GMT
Angourie-Rice-Rachel-Groggins-Black-Mirror.jpg
www.themarysue.com/wp-content/uploads/2023/06/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.themarysue.com/wp-content/uploads/2023/06/Angourie-Rice-Rachel-Groggins-Black-Mirror.jpg?resize=768%2C432
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.21.177 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b471af61c17904e86fb5b9441dd07dc8b8e52b506347b1ac8ead354f00d7880c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:35:45 GMT
cf-cache-status
HIT
age
5051
x-cache
MISS
alt-svc
h3=":443"; ma=86400
content-length
47626
x-rq
yyz2 80 130 443
last-modified
Wed, 07 Jun 2023 22:06:35 GMT
server
cloudflare
etag
"f5742bac95c71a22"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7d3cb69d2fa3dfb5-SYD
expires
Thu, 06 Jun 2024 23:35:45 GMT
2022-Midterm-Elections-voters.jpg
www.themarysue.com/wp-content/uploads/2023/06/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.themarysue.com/wp-content/uploads/2023/06/2022-Midterm-Elections-voters.jpg?resize=432%2C243
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.21.177 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
660513d2ed759c4f8784d2199701aaf66bf46c0a21771d9b568494914d9a11c1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:35:45 GMT
cf-cache-status
HIT
age
20243
cf-polished
degrade=85, origSize=42193, status=vary_header_present
x-cache
MISS
alt-svc
h3=":443"; ma=86400
content-length
26725
x-rq
yyz2 80 130 443
cf-bgj
imgq:85,h2pri
last-modified
Wed, 07 Jun 2023 16:27:04 GMT
server
cloudflare
etag
"c190c36bda109238"
vary
Accept, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7d3cb69d6fe4dfb5-SYD
expires
Thu, 06 Jun 2024 23:35:45 GMT
promo-gossip.jpg
www.themarysue.com/wp-content/themes/m2019-tms/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.themarysue.com/wp-content/themes/m2019-tms/images/promo-gossip.jpg?v=1
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.21.177 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae4a6284cb069a61bfb009aa344c25cfe17c0bcbfc1d393e73423ec4f9d93186

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:35:45 GMT
cf-cache-status
HIT
age
1784984
cf-polished
qual=85, origFmt=jpeg, origSize=3659
x-cache
HIT
content-disposition
inline; filename="promo-gossip.webp"
alt-svc
h3=":443"; ma=86400
content-length
2298
x-rq
yyz2 123 243 443
cf-bgj
imgq:85,h2pri
last-modified
Fri, 28 Apr 2023 06:49:44 GMT
server
cloudflare
etag
"644b6c88-e4b"
vary
Accept
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7d3cb69d6fe6dfb5-SYD
expires
Thu, 06 Jun 2024 23:35:45 GMT
email-decode.min.js
www.themarysue.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
835 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.themarysue.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.21.177 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:35:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 30 May 2023 15:21:01 GMT
server
cloudflare
etag
W/"6476145d-4d7"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
7d3cb698daa3dfb5-SYD
expires
Fri, 09 Jun 2023 23:35:44 GMT
/
www.themarysue.com/_static/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.themarysue.com/_static/??-eJx1j1sKwkAMRTdkmlZ8/YhLEZ1GTZ3MxEkGcfdWqSCCX+Hewz0QvCuEnJySo1TQWM+cDAdyPYQrdPOmxT2ngMfKsUe9ZM9pOo1wagab4ZfjIxDykhM5aMknjgTKwWshHEamCqfyHvT/9j3brdpYi4w12MOcBLUeI4eXYwL7kGvyfxK/kBDIA2IeMx7MyA0tFFb/pdMzO9l2q82qW7ftcjE8AVWjapM=
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.21.177 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
468cddaa841356f65c872dd19b5c49491a45dcf1298d35e0c44bd44df6309ec7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:35:44 GMT
content-encoding
br
cf-cache-status
HIT
age
9325
cf-polished
origSize=3652
x-cache
MISS
alt-svc
h3=":443"; ma=86400
x-rq
yyz2 123 242 443
last-modified
Wed, 07 Jun 2023 20:19:48 GMT
cf-bgj
minify
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-apo-via
tcache
cf-ray
7d3cb699ebeadfb5-SYD
expires
Thu, 06 Jun 2024 23:35:44 GMT
e-202323.js
stats.wp.com/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202323.js
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ab8517f3d5171dd42a8b9c22af6a2f944b41d00e7ea54ba02b4ed71a6c59e543

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-nc
HIT syd
date
Wed, 07 Jun 2023 23:35:46 GMT
content-encoding
br
last-modified
Fri, 19 May 2023 01:52:23 GMT
server
nginx
etag
W/"6466d657-3508"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Sun, 02 Jun 2024 15:20:36 GMT
114526X1684681.skimlinks.js
s.skimresources.com/js/ 		51 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.skimresources.com/js/114526X1684681.skimlinks.js
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
AmazonS3 /
Resource Hash
ac2bb961b3dcba3db82d4e2415b4c4dfe64b01377199544001cb422e6701fbd0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:35:46 GMT
content-encoding
gzip
last-modified
Mon, 12 Dec 2022 13:43:01 GMT
server
AmazonS3
x-amz-request-id
9GZT20ZS1RZK385B
etag
"e0140ad64bb3222eff3ce16c3305ba11"
x-hw
1686180946.cds215.se2.hn,1686180946.cds053.se2.c
content-type
application/octet-stream
cache-control
max-age=3600
accept-ranges
bytes
content-length
19498
x-amz-id-2
RbuwB+gyHjdqmWUuCtiHhGTkm6FNHO8ihPVYL9+dGJmgwYSjCWPYJlPnBC5Dt2mHtMoWwicqWok=
chartbeat.js
static.chartbeat.com/js/ 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.121.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-121-109.hkg62.r.cloudfront.net
Software
nginx /
Resource Hash
7b307f2ce73aec07bfa1ab1d6462f491de0497c8819b1d6fed66eda9638a3530

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 01:04:16 GMT
content-encoding
gzip
via
1.1 5e691cfa2d6a5d86455e38cf854d7efa.cloudfront.net (CloudFront)
last-modified
Thu, 08 Dec 2022 17:25:10 GMT
server
nginx
x-amz-cf-pop
HKG62-C1
age
81090
etag
W/"63921df6-9377"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
8va95U1xN0F9U8PcfisH0ReKh469j5Ao6PnoJ2tcu8pZbG2hmVs8fg==
expires
Thu, 08 Jun 2023 01:04:16 GMT
plow.lite.js
www.themarysue.com/ 		42 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.themarysue.com/plow.lite.js
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.21.177 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4b1151607bd8d019960f0dbb936979159dae5b182012c4b5396aacf651c6bf4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:35:46 GMT
content-encoding
br
server
cloudflare
cf-ray
7d3cb6a2fde3dfb5-SYD
alt-svc
h3=":443"; ma=86400
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
web-vitals.iife.js
unpkg.com/web-vitals@3.3.2/dist/
Redirect Chain
  • https://unpkg.com/web-vitals/dist/web-vitals.iife.js
  • https://unpkg.com/web-vitals@3.3.2/dist/web-vitals.iife.js
7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/web-vitals@3.3.2/dist/web-vitals.iife.js
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
104.16.123.175 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27e29a5aebbbc2d82b6f7d9dbbf03ced7ecaf592adf68338a02aff332b3e7bd5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:35:47 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
811290
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01H1KXR58G9GM16Y4H2FPYBW8X-syd
server
cloudflare
etag
W/"1b99-+0VwSXVmoLd0uGhBB2XoSfehK74"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7d3cb6a94db9a949-SYD

Redirect headers

date
Wed, 07 Jun 2023 23:35:47 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01H2C3CMR905QY10JJ2VQH2NYT-syd
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
70
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/web-vitals@3.3.2/dist/web-vitals.iife.js
cache-control
public, s-maxage=600, max-age=60
cf-ray
7d3cb6a83c55a949-SYD
gtm.js
www.googletagmanager.com/ 		230 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NWJQJXJ
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.204.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ti-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
488a014ce40c23d8f6dfcebefe00201822f5c61e247a6fdb20a48e9aa9c317a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:35:46 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79849
x-xss-protection
0
last-modified
Wed, 07 Jun 2023 22:32:10 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 07 Jun 2023 23:35:46 GMT
v2ydn9AHpxvYASYOPhzN2mhpX7JnJUNIsFRj9Z_30fv8VGuDvN2yrX58
skisofa.com/ 		63 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://skisofa.com/v2ydn9AHpxvYASYOPhzN2mhpX7JnJUNIsFRj9Z_30fv8VGuDvN2yrX58
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.133.240 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
240.133.244.35.bc.googleusercontent.com
Software
/
Resource Hash
6e2748f46e001d6d5178c3e96dc924975f6e6b7b590b48e7b7103af42605bdcf
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
via
1.1 google
date
Wed, 07 Jun 2023 23:35:47 GMT
x-datacenter
gce-asia-east1
etag
"d0394fd906b9bfa4fb029d781d459c8f84ee865ac255cdb5ab8ab62edf3d8a62"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-asia-east1-test-zpgf
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
x-buildnumber
892946322
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
v2kpvGppUP3ILc7dedQy4-AqvOKUSV8xmEnAOvpavjhzL8T_vJyvU0NM5xAHXfF-GKR7fnPQY
skisofa.com/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://skisofa.com/v2kpvGppUP3ILc7dedQy4-AqvOKUSV8xmEnAOvpavjhzL8T_vJyvU0NM5xAHXfF-GKR7fnPQY
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.133.240 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
240.133.244.35.bc.googleusercontent.com
Software
/
Resource Hash
d252564dd4773891ad02e9a9a42cc9f2d5a13f6225bec09abc35300b4eb63849
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
gzip
via
1.1 google
date
Wed, 07 Jun 2023 23:35:47 GMT
x-datacenter
gce-asia-east1
etag
"4ea8e7fc44ab359dd2047d6362eaac816849eee2ccd90b07a43e5b1c01b10412"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-asia-east1-test-zpgf
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
x-buildnumber
892946322
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
beacon.js
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain
  • https://sb.scorecardresearch.com/cs/36750692/beacon.js
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
13.226.120.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-120-66.hkg62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:16:15 GMT
content-encoding
gzip
via
1.1 8423055724d780dc37ee5768e6d73374.cloudfront.net (CloudFront)
last-modified
Thu, 09 Mar 2023 10:02:11 GMT
server
AmazonS3
x-amz-cf-pop
HKG62-C1
age
1174
x-amz-server-side-encryption
AES256
etag
W/"77ff4ede4693897337a38594321529a3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
SKtTHtWJRIwE3z76KTWxI3fC9f26spvJCE6ZcgZuTCXq74cJbzuw8A==

Redirect headers

date
Wed, 07 Jun 2023 23:35:49 GMT
via
1.1 8423055724d780dc37ee5768e6d73374.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
HKG62-C1
x-cache
Miss from cloudfront
location
/internal-cs/default/beacon.js
content-length
0
x-amz-cf-id
KA3Ym1nV6UqJsRmahnxlF3Vx9blxTESsq1pF65_z3QDn8ThFnMzxBA==
all.js
connect.facebook.net/en_US/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
9beae38cf0d5dd2765495575ea4c8692930138336a9edf9db503c64ed1b15eb6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 07 Jun 2023 23:35:48 GMT
content-md5
eB+Rgko8Vl7dYVpeZbElSg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1688
x-fb-rlafr
0
x-fb-debug
t44r0FgnDqnhDWXi/+QOs3ZMzwcn4wmINvNWl+J4Vre9WM8OvFawYclzhS0Vt0dV1z/zVMUhmLQQSSs7dabVKQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
x-fb-content-md5
ec80324fdc430c595e8ff843099a4ef4
cross-origin-opener-policy
same-origin-allow-popups
etag
"6f50e89841a00ba003bfa35d4ca07b8e"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
x-frame-options
DENY
timing-allow-origin
*
expires
Wed, 07 Jun 2023 23:39:14 GMT
count.js
themarysue.disqus.com/
Redirect Chain
  • https://disqus.com/forums/themarysue/count.js
  • https://themarysue.disqus.com/count.js
1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://themarysue.disqus.com/count.js
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
HTTP/1.1
Server
199.232.192.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Wed, 07 Jun 2023 23:35:49 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=300; includeSubdomains
X-Amz-Cf-Pop
DFW3-C1
Age
129
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
871
X-XSS-Protection
1; mode=block
Last-Modified
Wed, 07 Jun 2023 14:55:15 GMT
Server
nginx
ETag
"64809a53-367"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=300
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
X-Amz-Cf-Id
Xe-RPmilQqgM6Ip7j2-07IaWmTtPCzuaq5fC2fRD6L_7rSccpqK4Cw==

Redirect headers

Date
Wed, 07 Jun 2023 23:35:48 GMT
Strict-Transport-Security
max-age=300; includeSubdomains
Server
Varnish
Location
https://themarysue.disqus.com/count.js
Cache-Control
public, max-age=3600
Cross-Origin-Resource-Policy
cross-origin
Connection
close
Content-Length
0
hotjar-3006819.js
static.hotjar.com/c/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-3006819.js?sv=6
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.167.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-167-17.hkg54.r.cloudfront.net
Software
/
Resource Hash
36ca3c7aa04c170cfdec60d7b33ea73c700b1d8c41f949a7f356f1053ca5f2e3
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Wed, 07 Jun 2023 23:35:14 GMT
via
1.1 42cd5a36cf9ad881ea4b618b3995860a.cloudfront.net (CloudFront)
x-amz-cf-pop
HKG54-C1
age
35
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
etag
W/606b4d60cbd25dc54a661b2a8547d17b
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
x-amz-cf-id
EAA0DE9yLufMM-r2WiOz_iS1iG-RP5jQ3o2nE-k-ezTwEF1CNiPmpg==
count.js
themarysue.disqus.com/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://themarysue.disqus.com/count.js
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/_static/??-eJx1j1sKwkAMRTdkmlZ8/YhLEZ1GTZ3MxEkGcfdWqSCCX+Hewz0QvCuEnJySo1TQWM+cDAdyPYQrdPOmxT2ngMfKsUe9ZM9pOo1wagab4ZfjIxDykhM5aMknjgTKwWshHEamCqfyHvT/9j3brdpYi4w12MOcBLUeI4eXYwL7kGvyfxK/kBDIA2IeMx7MyA0tFFb/pdMzO9l2q82qW7ftcjE8AVWjapM=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.232.192.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Wed, 07 Jun 2023 23:35:48 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=300; includeSubdomains
X-Amz-Cf-Pop
DFW3-C1
Age
128
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
871
X-XSS-Protection
1; mode=block
Last-Modified
Wed, 07 Jun 2023 14:55:15 GMT
Server
nginx
ETag
"64809a53-367"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=300
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
X-Amz-Cf-Id
Xe-RPmilQqgM6Ip7j2-07IaWmTtPCzuaq5fC2fRD6L_7rSccpqK4Cw==
pxieypY1o9NHyXh3WvSbGSggdO9_S1lDims.woff2
www.themarysue.com/fonts.gstatic.com/s/asapcondensed/v17/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.themarysue.com/fonts.gstatic.com/s/asapcondensed/v17/pxieypY1o9NHyXh3WvSbGSggdO9_S1lDims.woff2
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.21.177 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
313fd9d24cb57f0ce7025317eac48d7c8eef5d10f51946be7871222d8b31b5b1

Request headers

Referer
https://www.themarysue.com/
Origin
https://www.themarysue.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:35:45 GMT
cf-cache-status
HIT
last-modified
Tue, 02 May 2023 16:45:11 GMT
server
cloudflare
age
1317826
vary
Accept-Encoding
content-type
font/woff2
cache-control
public, max-age=31536000
cf-apo-via
proxy
accept-ranges
bytes
cf-ray
7d3cb69d4fbfdfb5-SYD
alt-svc
h3=":443"; ma=86400
content-length
21304
expires
Wed, 22 May 2024 17:31:59 GMT
init
d.pub.network/v2/ 		42 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d.pub.network/v2/init?siteId=6000&env=PROD
Requested by
Host: a.pub.network
URL: https://a.pub.network/themarysue-com/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
06b53a0a001fdccabc7ff5af0ce8aaccbdbb31b9636a1520ffc2efc30cb121c7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:35:46 GMT
content-encoding
gzip
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
content-type
application/json
access-control-allow-origin
https://www.themarysue.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
choice.js
cmp.quantcast.com/choice/wZt3yQfgdwnz-/themarysue.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.quantcast.com/choice/wZt3yQfgdwnz-/themarysue.com/choice.js?tag_version=V2
Requested by
Host: a.pub.network
URL: https://a.pub.network/themarysue-com/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.18.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-18-66.hkg62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2e9608f86820119f4d9c3a72ac4846a2da964852e907a6d515486505b9c9f109

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:35:16 GMT
content-encoding
br
via
1.1 e51142b132a2a14667512e908fde99e6.cloudfront.net (CloudFront)
last-modified
Tue, 25 Apr 2023 20:54:23 GMT
server
AmazonS3
x-amz-cf-pop
HKG62-C2
age
34
x-amz-server-side-encryption
AES256
etag
W/"b2c6a0391374522e5dd37f3819003647"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
cross-origin-resource-policy
cross-origin
x-amz-cf-id
qljP-Rj01u_uxsXisV4a6D7uBu8ot4gL1CY20lh3vlUlopq9pkB4WQ==
pubfig.engine.js
a.pub.network/core/pubfig/aad127a7a07479f79ad2ca704a251a5d6f32cb6d/ 		447 KB
133 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/core/pubfig/aad127a7a07479f79ad2ca704a251a5d6f32cb6d/pubfig.engine.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/themarysue-com/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.20.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28058f974e5807bfbb316a68d4e32b9d891b9a7eefdd834dd8d52f7bdbb7a261

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:35:48 GMT
content-encoding
gzip
cf-cache-status
HIT
age
105614
x-guploader-uploadid
ADPycdsy7fsQ-FX5GgtmhyibFM27qeE9Vb1qocxO5eiuEj5eFUEj-rGOcVEn3g4tQPoKzD09lpwTV8yvKDjbSXJac8NHEw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
last-modified
Thu, 01 Jun 2023 16:50:11 GMT
server
cloudflare
etag
W/"25e8c27c0476c5103ecc21c8c8437c39"
vary
Accept-Encoding
x-goog-hash
crc32c=lqzNcA==, md5=JejCfAR2xRA+zCHIyEN8OQ==
x-goog-generation
1685638211607924
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=3600
x-goog-stored-content-length
457287
cf-ray
7d3cb6aeeb0ca819-SYD
expires
Thu, 08 Jun 2023 00:35:48 GMT
/
r.skimresources.com/api/ 		150 B
377 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.skimresources.com/api/
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/114526X1684681.skimlinks.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.59.101 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
101.59.190.35.bc.googleusercontent.com
Software
openresty/1.19.9.1 /
Resource Hash
50749f7e20f6a9c3c20081b9e0daf61c2ac73a17f3c33e4ba7ae785b8ab84e19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.themarysue.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 07 Jun 2023 23:35:47 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
gzip
server
openresty/1.19.9.1
via
1.1 google
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.themarysue.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
robots.txt
t.skimresources.com/api/v2/ Frame FF45 		0
76 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.8478063450306106
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.10 aiohttp/3.8.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:35:48 GMT
via
1.1 google
cache-control
private, no-store
server
Python/3.10 aiohttp/3.8.4
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain charset=UTF-8
px.gif
p.skimresources.com/ 		43 B
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.skimresources.com/px.gif?ch=1&rn=7.991691040226203
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.91.190.35.bc.googleusercontent.com
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

p3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
date
Wed, 07 Jun 2023 23:35:48 GMT
via
1.1 google
server
Skimlinks Pixel 1.0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
content-type
image/gif
px.gif
p.skimresources.com/ 		43 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.skimresources.com/px.gif?ch=2&rn=7.991691040226203
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.91.190.35.bc.googleusercontent.com
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

p3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
date
Wed, 07 Jun 2023 23:35:48 GMT
via
1.1 google
server
Skimlinks Pixel 1.0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
content-type
image/gif
g.gif
pixel.wp.com/ 		50 B
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&blog=210961709&post=0&tz=-4&srv=www.themarysue.com&hp=vip&j=1%3A12.0&host=www.themarysue.com&ref=&fcp=3190&rand=0.6104929406583177
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 07 Jun 2023 23:35:49 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
tp2
spc.themarysue.com//com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://spc.themarysue.com//com.snowplowanalytics.snowplow/tp2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.157.206 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
206.157.120.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.themarysue.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-allow-origin
https://www.themarysue.com
access-control-max-age
5
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Wed, 07 Jun 2023 23:35:47 GMT
server
Google Frontend
via
1.1 google
x-cloud-trace-context
5646011e22c4f42b06ec04eaa2377f0f
tp2
spc.themarysue.com//com.snowplowanalytics.snowplow/ 		2 B
20 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://spc.themarysue.com//com.snowplowanalytics.snowplow/tp2
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/plow.lite.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.157.206 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
206.157.120.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.themarysue.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

date
Wed, 07 Jun 2023 23:35:47 GMT
via
1.1 google
server
Google Frontend
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin
https://www.themarysue.com
x-cloud-trace-context
23250f50328865bf86bebf61f670fb00
access-control-allow-credentials
true
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
blade-runner-2049.jpg
www.themarysue.com/wp-content/uploads/2022/12/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.themarysue.com/wp-content/uploads/2022/12/blade-runner-2049.jpg?resize=432%2C243
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.21.177 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a1cebf3da1285ff528af1a8a6e282846bb9a7de1c5426940047558d0eab242a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:35:46 GMT
cf-cache-status
HIT
age
13421
cf-polished
degrade=85, origSize=54060, status=vary_header_present
x-cache
MISS
alt-svc
h3=":443"; ma=86400
content-length
13881
x-rq
yyz2 80 130 443
cf-bgj
imgq:85,h2pri
last-modified
Wed, 07 Jun 2023 19:37:15 GMT
server
cloudflare
etag
"7c2270bc967a9961"
vary
Accept, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7d3cb6a48f73dfb5-SYD
expires
Thu, 06 Jun 2024 23:35:46 GMT
Chris-Pine-Peter-Parker-Earth-1610-Spider-Man-Into-the-Spider-Verse.jpg
www.themarysue.com/wp-content/uploads/2023/06/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.themarysue.com/wp-content/uploads/2023/06/Chris-Pine-Peter-Parker-Earth-1610-Spider-Man-Into-the-Spider-Verse.jpg?resize=432%2C243
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.21.177 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65feb1fa0bd67920dc1030b8fb8ebff3b6680a861fde3462c37589d820f8e06a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:35:46 GMT
cf-cache-status
HIT
age
16803
cf-polished
degrade=85, origSize=91989, status=vary_header_present
x-cache
MISS
alt-svc
h3=":443"; ma=86400
content-length
23495
x-rq
yyz2 87 95 443
cf-bgj
imgq:85,h2pri
last-modified
Wed, 07 Jun 2023 18:38:31 GMT
server
cloudflare
etag
"48069e0e9a0ed238"
vary
Accept, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7d3cb6a48f75dfb5-SYD
expires
Thu, 06 Jun 2024 23:35:46 GMT
Laya-DeLeon-Hayes-The-Angry-Black-Girl-and-Her-Monster.jpg
www.themarysue.com/wp-content/uploads/2023/05/ 		114 KB
115 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.themarysue.com/wp-content/uploads/2023/05/Laya-DeLeon-Hayes-The-Angry-Black-Girl-and-Her-Monster.jpg?resize=432%2C243
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.21.177 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2dbe17826f6d28917c939c4536dbabfd21b6ca7cfb7a23243004540318054109

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:35:46 GMT
cf-cache-status
HIT
age
13421
x-cache
HIT
alt-svc
h3=":443"; ma=86400
content-length
117020
x-rq
yyz2 80 130 443
last-modified
Tue, 06 Jun 2023 20:41:53 GMT
server
cloudflare
etag
"78a793adebbf8b0d"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7d3cb6a48f70dfb5-SYD
expires
Thu, 06 Jun 2024 23:35:46 GMT
little-mermaid-singing-halley-bailey.jpg
www.themarysue.com/wp-content/uploads/2023/05/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.themarysue.com/wp-content/uploads/2023/05/little-mermaid-singing-halley-bailey.jpg?resize=432%2C243
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.21.177 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b69b365cced8c4dd0064d7a47c1bee3829c55614b85835e2fbd49772961b34e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:35:46 GMT
cf-cache-status
HIT
age
16803
cf-polished
degrade=85, origSize=19626, status=vary_header_present
x-cache
MISS
alt-svc
h3=":443"; ma=86400
content-length
11112
x-rq
yyz2 86 167 443
cf-bgj
imgq:85,h2pri
last-modified
Tue, 30 May 2023 15:22:27 GMT
server
cloudflare
etag
"9b7be5d24993dfc6"
vary
Accept, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7d3cb6a48f6fdfb5-SYD
expires
Thu, 06 Jun 2024 23:35:46 GMT
Shameik-Moore-Miles-Morales-Spider-Variants-Spider-Man-Across-the-Spider-Verse.jpg
www.themarysue.com/wp-content/uploads/2023/04/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.themarysue.com/wp-content/uploads/2023/04/Shameik-Moore-Miles-Morales-Spider-Variants-Spider-Man-Across-the-Spider-Verse.jpg?resize=432%2C243
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.21.177 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfb44e64160dab670f43ea06ca5a521b1311d3e54c1ec0fb61e147e9baf68959

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:35:49 GMT
cf-cache-status
HIT
age
1784826
x-cache
HIT
alt-svc
h3=":443"; ma=86400
content-length
31968
x-rq
yyz2 87 203 443
last-modified
Thu, 18 May 2023 02:21:56 GMT
server
cloudflare
etag
"33cba496e2cbd007"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7d3cb6b528aedfb5-SYD
expires
Thu, 06 Jun 2024 23:35:49 GMT
Beginners.jpeg
www.themarysue.com/wp-content/uploads/2023/06/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.themarysue.com/wp-content/uploads/2023/06/Beginners.jpeg?resize=432%2C243
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.21.177 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a3c485c4e77adc192070ea1e25042764c787a37bb96d9f7c6a467046378a950

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:35:49 GMT
cf-cache-status
HIT
age
1242
cf-polished
degrade=85, origSize=21420, status=vary_header_present
x-cache
MISS
alt-svc
h3=":443"; ma=86400
content-length
19523
x-rq
yyz2 80 86 443
cf-bgj
imgq:85,h2pri
last-modified
Wed, 07 Jun 2023 22:57:25 GMT
server
cloudflare
etag
"d4befc9348d211ab"
vary
Accept, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7d3cb6b558ebdfb5-SYD
expires
Thu, 06 Jun 2024 23:35:49 GMT
Bryan-Singer.jpg
www.themarysue.com/wp-content/uploads/2023/06/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.themarysue.com/wp-content/uploads/2023/06/Bryan-Singer.jpg?resize=432%2C243
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.21.177 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58f6577983f9f14ced8a2a6c5cf8451a12e5038052bbae04915e7d28287e8a8b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:35:49 GMT
cf-cache-status
HIT
age
1242
cf-polished
degrade=85, origSize=51635, status=vary_header_present
x-cache
MISS
alt-svc
h3=":443"; ma=86400
content-length
8913
x-rq
yyz2 80 86 443
cf-bgj
imgq:85,h2pri
last-modified
Wed, 07 Jun 2023 22:56:38 GMT
server
cloudflare
etag
"9fa01b2e73f7eaf6"
vary
Accept, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7d3cb6b5d9a7dfb5-SYD
expires
Thu, 06 Jun 2024 23:35:49 GMT
SpiderverseBagel.jpg
www.themarysue.com/wp-content/uploads/2023/06/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.themarysue.com/wp-content/uploads/2023/06/SpiderverseBagel.jpg?resize=432%2C243
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.21.177 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccd4e2f238bf99930a6caf266392f615313332e104cc8aad0d5b1d9cda67c625

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:35:49 GMT
cf-cache-status
HIT
age
1242
cf-polished
origSize=14925, status=vary_header_present
x-cache
MISS
alt-svc
h3=":443"; ma=86400
content-length
14690
x-rq
yyz2 86 167 443
cf-bgj
imgq:85,h2pri
last-modified
Wed, 07 Jun 2023 22:49:40 GMT
server
cloudflare
etag
"bdb543e45df22b49"
vary
Accept, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7d3cb6b5e9bcdfb5-SYD
expires
Thu, 06 Jun 2024 23:35:49 GMT
Nikki-Haley-CNN-town-hall.jpg
www.themarysue.com/wp-content/uploads/2023/06/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.themarysue.com/wp-content/uploads/2023/06/Nikki-Haley-CNN-town-hall.jpg?resize=432%2C243
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.21.177 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1fb7414684938ff8c8651cbf9d992a611eeb5c4375ea7ae85249f6154a1b3f6b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:35:49 GMT
cf-cache-status
HIT
age
1242
cf-polished
degrade=85, origSize=51169, status=vary_header_present
x-cache
MISS
alt-svc
h3=":443"; ma=86400
content-length
17649
x-rq
yyz2 80 86 443
cf-bgj
imgq:85,h2pri
last-modified
Wed, 07 Jun 2023 22:40:20 GMT
server
cloudflare
etag
"c7602528b604f434"
vary
Accept, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7d3cb6b5e9bedfb5-SYD
expires
Thu, 06 Jun 2024 23:35:49 GMT
Transgender-Rights-Protest.jpg
www.themarysue.com/wp-content/uploads/2023/06/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.themarysue.com/wp-content/uploads/2023/06/Transgender-Rights-Protest.jpg?resize=432%2C243
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.21.177 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1056a5fff8f946f9bee4b3a6fc74b97bf16efea6918ec5519284f21c34742407

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:35:49 GMT
cf-cache-status
HIT
age
1242
cf-polished
degrade=85, origSize=78199, status=vary_header_present
x-cache
MISS
alt-svc
h3=":443"; ma=86400
content-length
28528
x-rq
yyz2 80 86 443
cf-bgj
imgq:85,h2pri
last-modified
Wed, 07 Jun 2023 22:39:18 GMT
server
cloudflare
etag
"174b59d94e935e13"
vary
Accept, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7d3cb6b5e9c0dfb5-SYD
expires
Thu, 06 Jun 2024 23:35:49 GMT
five-centimeters-per-second-.jpeg
www.themarysue.com/wp-content/uploads/2023/05/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.themarysue.com/wp-content/uploads/2023/05/five-centimeters-per-second-.jpeg?resize=432%2C243
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.21.177 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb062af82452b05dcb696e09379e176b87ae3e4bcf46191ffbcdf6638d131ca9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:35:49 GMT
cf-cache-status
HIT
age
13424
cf-polished
degrade=85, origSize=47119, status=vary_header_present
x-cache
MISS
alt-svc
h3=":443"; ma=86400
content-length
18401
x-rq
yyz2 87 107 443
cf-bgj
imgq:85,h2pri
last-modified
Wed, 07 Jun 2023 19:27:13 GMT
server
cloudflare
etag
"1ec163d00bc1d8e4"
vary
Accept, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7d3cb6b71ad6dfb5-SYD
expires
Thu, 06 Jun 2024 23:35:49 GMT
vanderpump-rules-copy.jpg
www.themarysue.com/wp-content/uploads/2023/06/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.themarysue.com/wp-content/uploads/2023/06/vanderpump-rules-copy.jpg?resize=432%2C243
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.21.177 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1058a0345413e10b5cf8d9e67ec1e49b20fe8fffa1069c57923680c390f39c8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:35:49 GMT
cf-cache-status
HIT
age
16806
cf-polished
degrade=85, origSize=38706, status=vary_header_present
x-cache
MISS
alt-svc
h3=":443"; ma=86400
content-length
25093
x-rq
yyz2 86 215 443
cf-bgj
imgq:85,h2pri
last-modified
Wed, 07 Jun 2023 18:12:02 GMT
server
cloudflare
etag
"547345e5d870adc0"
vary
Accept, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7d3cb6b73b00dfb5-SYD
expires
Thu, 06 Jun 2024 23:35:49 GMT
donald-trump-rally.jpg
www.themarysue.com/wp-content/uploads/2023/06/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.themarysue.com/wp-content/uploads/2023/06/donald-trump-rally.jpg?resize=432%2C243
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.21.177 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2db32246ca38d6c5a7597f3814cca49f36314dbd59f8d76e0faa0e705765b164

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:35:49 GMT
cf-cache-status
HIT
age
20247
x-cache
MISS
alt-svc
h3=":443"; ma=86400
content-length
23234
x-rq
yyz2 87 95 443
last-modified
Wed, 07 Jun 2023 17:29:55 GMT
server
cloudflare
etag
"41955f9c95f0138f"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7d3cb6b74b0ddfb5-SYD
expires
Thu, 06 Jun 2024 23:35:49 GMT
good-omens-2-e1665284453997.jpeg
www.themarysue.com/wp-content/uploads/2022/10/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.themarysue.com/wp-content/uploads/2022/10/good-omens-2-e1665284453997.jpeg?resize=432%2C243
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.21.177 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52e69b9024342fbbf28e39a8c5c782e23afe56fbf52ed7cead677f115cb09d03

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:35:49 GMT
cf-cache-status
HIT
age
20247
x-cache
HIT
alt-svc
h3=":443"; ma=86400
content-length
15582
x-rq
yyz2 80 130 443
last-modified
Tue, 16 May 2023 07:45:01 GMT
server
cloudflare
etag
"19b6566e5b264053"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7d3cb6b84c13dfb5-SYD
expires
Thu, 06 Jun 2024 23:35:49 GMT
/
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 		0
0
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305310101/ 		351 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305310101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9356934496955375
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.177.97.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tm-in-f154.1e100.net
Software
cafe /
Resource Hash
61ee6ba688bebe173692917d9474e35c90079186a0d8c46378d90a9df922b01b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:35:51 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
120640
x-xss-protection
0
server
cafe
etag
15464024940563367107
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 07 Jun 2023 23:35:51 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230601/r20190131/ Frame 7D3A 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230601/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9356934496955375
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.187.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tj-in-f156.1e100.net
Software
cafe /
Resource Hash
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themarysue.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
136
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4540
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 07 Jun 2023 23:33:32 GMT
etag
15057649708203361565
expires
Wed, 21 Jun 2023 23:33:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
js
www.googletagmanager.com/gtag/ 		226 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-7PGVNEX4L0&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-21433528-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.204.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ti-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
c45c402718b4d787974c2cf196f8c58c241aca5aed29b9f11230ef45058fcdc6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:35:49 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
81349
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 07 Jun 2023 23:35:49 GMT
analytics.js
www.google-analytics.com/ 		51 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-21433528-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.189.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tl-in-f101.1e100.net
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 07 Jun 2023 22:05:37 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
5413
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Thu, 08 Jun 2023 00:05:37 GMT
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=themarysue.com&p=%2F&u=Bk6PxfBBtijSC_JcPD&d=themarysue.com&g=66987&g0=No%20Section&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=8411&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.themarysue.com%2F&b=4833&t=fBnkJD1A_8ICVfMBHPMyIrBHgsMl&V=139&i=The%20Mary%20Sue%20-%20The%20Nexus%20of%20Pop%20Culture%20and%20the%20Uncharted%20Universe&tz=0&sn=1&sv=DWO7GuDcqI2VCvA4tWBj30QnDmFtmC&sd=1&im=067b0fff&_
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.222.109.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-109-236.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 07 Jun 2023 23:35:50 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
page
t.skimresources.com/api/v2/ 		22 B
416 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.skimresources.com/api/v2/page
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/114526X1684681.skimlinks.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.10 aiohttp/3.8.4 /
Resource Hash
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.themarysue.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:35:47 GMT
via
1.1 google
x-content-type-options
nosniff
server
Python/3.10 aiohttp/3.8.4
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8, application/javascript
access-control-allow-origin
https://www.themarysue.com
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
content-length
22
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
loader.js
cdn.taboola.com/libtrc/skimlinks-publishers/ 		137 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/skimlinks-publishers/loader.js
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/114526X1684681.skimlinks.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d8adbd06bdbeeca21b06b2dc74bf314f6197af2cc642b251fcdc9e9c5c559bc2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id
v7QpuVc4gKCxZr6WaOWgEhPnMNDeqNzZ
content-encoding
gzip
via
1.1 varnish
date
Wed, 07 Jun 2023 23:35:50 GMT
x-amz-request-id
2BCX03N8SF7BGC3T
age
6350
x-amz-server-side-encryption
AES256
x-cache
HIT
x-from-cache
1
x-envoy-upstream-service-time
6
x-amz-replication-status
FAILED
content-length
40189
x-amz-id-2
ePGjdpeyfqHDQ+ZEqoqrDFR7BTrC1P7IDDZhS+gm2TPyYzMu4fq33L4mCP/z2iVlLOQKyxX+YV4=
x-served-by
cache-bfi-krnt7300051-BFI
last-modified
Wed, 07 Jun 2023 21:48:51 UTC
server
nginx
x-timer
S1686180951.646593,VS0,VE0
etag
"7338588d7b5a65fa1839666b7e5c6b00b579acaf"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
abp
10
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
5
/
geoip.gamurs.workers.dev/ 		231 B
576 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geoip.gamurs.workers.dev/
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.76.254 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32a4699dd3c9523ded43a1f385da54698cacc6cb4fb723110c3343a36586a478

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:35:48 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jwbRGqKJeJOhcyaroMkGZUEO2CfoQlMEV4VXqs9cd5X8raWxGqqUE7%2B4sIgK%2FqSIHJT9kjnPnlGUB98XJpguCVPOdywQVNZwihaTiPj8l1QtPRzSh4q4TUZKpflwnM8NYgMjNP96ZdpwQ5E%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cf-ray
7d3cb6adc893ab05-SYD
alt-svc
h3=":443"; ma=86400
cgl7sjvv34
www.clarity.ms/tag/ 		647 B
1012 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/cgl7sjvv34?ref=gtm
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NWJQJXJ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.213.71 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
11aebad347d3ba414c78cd7a625500531a41752645d7199d8b061aafd7eb3800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

request-context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
date
Wed, 07 Jun 2023 23:35:50 GMT
x-azure-ref
0VhSBZAAAAAADyJ5G+dblSppciC7jb/8WU1lEMDNFREdFMTIxMAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
content-length
647
expires
-1
skeleton.gif
static.adsafeprotected.com/ 		43 B
481 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif?bannnerid=535690_advertisement_
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.18.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-18-72.hkg62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 15 May 2023 21:49:10 GMT
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via
1.1 1a70506ef88d5d28a7d133d7ccac4682.cloudfront.net (CloudFront)
x-amz-cf-pop
HKG62-C2
age
1993602
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
etag
"45cf913e5d9d3c9b2058033056d3dd23"
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
NkmoFYJpRSxsy-0R1DYK0Ggls-1I6xzp0c4EU1E7d0cxTrDSd1U_Lg==
liveView.php
live.primis.tech/live/ 		46 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?s=110295&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.167.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-167-7.hkg54.r.cloudfront.net
Software
nginx /
Resource Hash
def7c03fe706641bd1deb6d06658d2e525efc076c0319ce68ea15cc743e8c7f8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:35:51 GMT
content-encoding
gzip
via
1.1 52c5ddb029eae46cd9dad0cfd50b5b8e.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
HKG54-C1
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
x-amz-cf-id
-tQ4KeGJxbheIgqsrzgZPeH9ZP1ViS-_sr99tigW6Ybo2jkm8TXoOQ==
/
optimise.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://optimise.net/?k=0&d=www.themarysue.com&t=desktop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.152.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.152.111.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.themarysue.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Key, Authorization
access-control-allow-methods
ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
access-control-allow-origin
https://www.themarysue.com
access-control-expose-headers
fs-client-rtt
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
date
Wed, 07 Jun 2023 23:35:49 GMT
expires
0
fs-client-rtt
168
pragma
no-cache
strict-transport-security
max-age=31536000;includeSubDomains;preload;
via
1.1 google
/
optimise.net/ 		534 B
559 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://optimise.net/?k=0&d=www.themarysue.com&t=desktop
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/aad127a7a07479f79ad2ca704a251a5d6f32cb6d/pubfig.engine.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.152.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.152.111.34.bc.googleusercontent.com
Software
/
Resource Hash
f6ee4906a3f8c725d01fc9669abb7d6eabf2e6ba394811b97afdf570d9a76ff4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload;

Request headers

Referer
https://www.themarysue.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
application/json

Response headers

strict-transport-security
max-age=31536000;includeSubDomains;preload;
via
1.1 google
date
Wed, 07 Jun 2023 23:24:59 GMT
fs-client-rtt
168
age
650
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
534
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
content-type
application/json
access-control-allow-origin
https://www.themarysue.com
access-control-expose-headers
fs-client-rtt
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Key, Authorization
expires
0
config.js
cdn.confiant-integrations.net/qaKtxuL1KR_2Tfmz0NmPaAudsBc/gpt_and_prebid/ 		82 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/qaKtxuL1KR_2Tfmz0NmPaAudsBc/gpt_and_prebid/config.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/aad127a7a07479f79ad2ca704a251a5d6f32cb6d/pubfig.engine.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.153.246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b48a96e9d49029a8d30ce34701523882f5e1ef3d5a5c7a39a9de61648c4e27a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:35:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 07 Jun 2023 20:54:19 GMT
server
cloudflare
x-amz-request-id
7WRW6Z0HVK4PTAZC
age
133
etag
W/"6f5e46a1bede993f2cefba0da616a7de"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=900, stale-while-revalidate=3600
cf-ray
7d3cb6bf5999a955-SYD
alt-svc
h3=":443"; ma=86400
x-amz-id-2
jXDqVdEHTU+4f0dJKSAcnpPvK5rl/bAbjmmInlxYd/ljuHZ0ep/dmNshxTuYP+lHb9uP13HzVIM=
gpt.js
www.googletagservices.com/tag/js/ 		75 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/aad127a7a07479f79ad2ca704a251a5d6f32cb6d/pubfig.engine.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.203.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
th-in-f155.1e100.net
Software
cafe /
Resource Hash
a677b9a9a4b9a78e56f6886b9fc7ad9c334d74f028af62f8af3f7f78ce43ba6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:35:51 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25178
x-xss-protection
0
server
cafe
etag
728 / 19515 / m202306010101 / config-hash: 477340865933111811
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 07 Jun 2023 23:35:51 GMT
tag
btloader.com/
Redirect Chain
  • https://freestar-io.videoplayerhub.com/gallery.js
  • https://btloader.com/tag?h=freestar-io&upapi=true
475 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?h=freestar-io&upapi=true
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
172.67.70.134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
479d76daa1f9f5f5c296772971d7ce04c37f14f1f5dd1e4660080df06fedcc7c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:35:52 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 07 Jun 2023 23:01:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2028
etag
W/"7394fb58fb772b71cda5061086e93942"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=99Y1ZUFzOWGr4%2FhdsuRS%2BS%2B0Ms2dekgaBQXtnSFZwEluzXI%2BxQdq4Ge9j40zSBv%2Bnd56GeT%2FTh36Cl695uJIIGAsglBmQwBL6hIH%2FBWqeF9Zep2EMX6qB95kBQHy%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray
7d3cb6c91edcdfb9-SYD

Redirect headers

date
Wed, 07 Jun 2023 23:35:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ADykZ5%2FWWQVwHtJL9rFaqAHmeTtas53WHFfG7Zi%2BysaO4q2zIObDXm4%2BmyDR%2F0WKR7DYJOiQcYCceqCJ5BOnnqZRlNc5cDt19MRZOrw4bjYCOjZdoZcpoHtMn2u6wjl7n1Fbdy2Ku33D%2B9eeWMWRVg%3D%3D"}],"group":"cf-nel","max_age":604800}
location
https://btloader.com/tag?h=freestar-io&upapi=true
cache-control
max-age=3600
cf-ray
7d3cb6c3fd00a93e-SYD
expires
Thu, 08 Jun 2023 00:35:51 GMT
hadron.js
cdn.hadronid.net/ 		55 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.themarysue.com%2F&ref=&_it=freestar&partner_id=474
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.53.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9e9d6c9d3b76ddbbaf7cd44bbcb5e7c0eb9cdb69bb4c3895117f2341474b75f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:35:51 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 22 May 2023 16:51:11 GMT
server
cloudflare
x-amz-request-id
CYR6ZEGAGSH9EK3S
age
1384
etag
W/"82b3b53182a6a8dbe6684806275e839a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
7d3cb6c4ab30aaf9-SYD
x-amz-id-2
YYdcwitRr3DHNt7NQm1+Sg902LJSB4f7qhP3lwSODEZFT62tqhOtbf8uahKDj8SpjLadVWf2scE=
prebid-analytics-7.48.2.js
a.pub.network/core/ 		593 KB
192 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/core/prebid-analytics-7.48.2.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/aad127a7a07479f79ad2ca704a251a5d6f32cb6d/pubfig.engine.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.20.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a7468c8590db5b9d0bf5301cbe0f6ab2825cd7425b8afdf0fc1f219cddfea50

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:35:51 GMT
content-encoding
gzip
cf-cache-status
HIT
age
19216
x-guploader-uploadid
ADPycdsndisjzRqjgl6vKjdyGz13jlkIr3reXW8-7BIb1fT1wUvhybQgu_GghbPzaTFBWxus6HvaN3x8x2BXqY8SFMw-Q4GGb9dN
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
last-modified
Wed, 31 May 2023 19:58:10 GMT
server
cloudflare
etag
W/"d9426714d573a19f2e5851f8dba89346"
vary
Accept-Encoding
x-goog-hash
crc32c=9WAIIw==, md5=2UJnFNVzoZ8uWFH426iTRg==
x-goog-generation
1685563090540655
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=86400
x-goog-stored-content-length
607426
cf-ray
7d3cb6c0d9e1a819-SYD
expires
Thu, 08 Jun 2023 23:35:51 GMT
count-data.js
themarysue.disqus.com/ 		832 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://themarysue.disqus.com/count-data.js?1=648697%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D648697&1=677995%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D677995&1=680418%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D680418&1=682085%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D682085&1=682937%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D682937&1=686274%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D686274&1=686359%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D686359&1=686380%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D686380&1=686386%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D686386&1=686406%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D686406
Requested by
Host: themarysue.disqus.com
URL: https://themarysue.disqus.com/count.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.232.192.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5567ca4190d1fcb325270d4d0ee731e7844452b8229716befe2f5d3a7ff4dd59
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Wed, 07 Jun 2023 23:35:51 GMT
Strict-Transport-Security
max-age=300; includeSubdomains
X-Content-Type-Options
nosniff
Server
nginx
Age
332
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=600
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length
832
X-XSS-Protection
1; mode=block
count-data.js
themarysue.disqus.com/ 		900 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://themarysue.disqus.com/count-data.js?1=686410%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D686410&1=686414%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D686414&1=686420%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D686420&1=686445%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D686445&1=686455%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D686455&1=686459%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D686459&1=686469%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D686469&1=686470%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D686470&1=686519%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D686519&1=686523%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D686523
Requested by
Host: themarysue.disqus.com
URL: https://themarysue.disqus.com/count.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.232.192.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0274073365ee4a4041026472c153663a506dc8089290bb5250381136453b23a2
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Wed, 07 Jun 2023 23:35:53 GMT
Strict-Transport-Security
max-age=300; includeSubdomains
X-Content-Type-Options
nosniff
Server
nginx
Age
333
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=600
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length
900
X-XSS-Protection
1; mode=block
count-data.js
themarysue.disqus.com/ 		624 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://themarysue.disqus.com/count-data.js?1=686550%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D686550&1=686561%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D686561&1=686581%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D686581&1=686636%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D686636&1=686651%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D686651&1=686669%20https%3A%2F%2Fwww.themarysue.com%2F%3Fp%3D686669
Requested by
Host: themarysue.disqus.com
URL: https://themarysue.disqus.com/count.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.232.192.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
862d7bc68e1112808a64535b45bcb0ac807938f57462b3c1c6ef8b3db7f8e558
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Wed, 07 Jun 2023 23:35:53 GMT
Strict-Transport-Security
max-age=300; includeSubdomains
X-Content-Type-Options
nosniff
Server
nginx
Age
292
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=600
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length
624
X-XSS-Protection
1; mode=block
all.js
connect.facebook.net/en_US/ 		302 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js?hash=89678d1a2199a7b0b821428abba07947
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
d8566fc80a8251c20b95630e0e2dc4fcd6cb5b39767881cc5ed2148d17c95fd0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.themarysue.com/
Origin
https://www.themarysue.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 07 Jun 2023 23:35:54 GMT
content-md5
3t3CSVa9QGDg/k9S9UJesQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
87021
x-fb-rlafr
0
x-fb-debug
OLyl6Zz08ZlYxY19Rpk18GWCMyvIIsaSdqxKpQ46Sn2uYyocReLih0ikKvf5l5FE7VWAZVTafIWxgqCj0X5KNA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
x-fb-content-md5
4655c9741bfc7c8d77ef6680cea09c6a
cross-origin-opener-policy
same-origin-allow-popups
etag
"e39846113514559157a6a23f05daf637"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
x-frame-options
DENY
timing-allow-origin
*
expires
Thu, 06 Jun 2024 19:45:25 GMT
modules.532c2546c606928256d3.js
script.hotjar.com/ 		269 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.532c2546c606928256d3.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3006819.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.18.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-18-24.hkg62.r.cloudfront.net
Software
/
Resource Hash
cc30b78a814c2b12a7524cb064a9093e82819b7a1a9ae7b1a6eb7a41cd8c201e
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 13:28:08 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 4aed579d267267dd8aac916efed7b06e.cloudfront.net (CloudFront)
x-amz-cf-pop
HKG62-C2
age
36466
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
69953
last-modified
Wed, 07 Jun 2023 13:27:53 GMT
etag
"caec1cbdbba903b43f4d6f31b9c77bdf"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
mOl1rR07A3tNKn7Qa2oG5ER8niYZ03gpur-v8ZA_mFr8V2d6fptgBQ==
analytics.min.js
a.pub.network/core/analytics/1.1.1/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/core/analytics/1.1.1/analytics.min.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/aad127a7a07479f79ad2ca704a251a5d6f32cb6d/pubfig.engine.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.20.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56962bc48f2acb175c71b59298782cc1e841afb9f725986955105139e52078e9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:35:53 GMT
content-encoding
gzip
cf-cache-status
HIT
age
105623
x-guploader-uploadid
ADPycds0yXHjNjf-0k1d0dZ25WEgI7CqrRNHmUoRfJ-kruZvNRBz5catsDeLENC1bmO3TFGd0KOj1Yo1xpI91nyajsg1y3w0NcWG
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
last-modified
Tue, 21 Mar 2023 16:29:06 GMT
server
cloudflare
etag
W/"9faa51c72267d7040ea861c2a59c266f"
vary
Accept-Encoding
x-goog-hash
crc32c=Yy7HVA==, md5=n6pRxyJn1wQOqGHCpZwmbw==
x-goog-generation
1679416146332026
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=3600
x-goog-stored-content-length
13155
cf-ray
7d3cb6ce18bca819-SYD
expires
Thu, 08 Jun 2023 00:35:53 GMT
cmp2.js
cmp.quantcast.com/tcfv2/ 		178 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.quantcast.com/tcfv2/cmp2.js?referer=themarysue.com
Requested by
Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/choice/wZt3yQfgdwnz-/themarysue.com/choice.js?tag_version=V2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.18.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-18-66.hkg62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e60488e39acd8955e9dd3c61968b7d74dba47a4c742308bbab55bbe58754caf6

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 22:40:06 GMT
content-encoding
gzip
via
1.1 e51142b132a2a14667512e908fde99e6.cloudfront.net (CloudFront)
x-amz-cf-pop
HKG62-C2
age
3376
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
cross-origin-resource-policy
cross-origin
last-modified
Fri, 19 May 2023 14:04:43 GMT
server
AmazonS3
etag
W/"a20e62519055b97d58962adb8c6308bb"
access-control-max-age
604800
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=3600
vary
Accept-Encoding
x-amz-cf-id
6LIF3h0oTjZPPnc4_DQWlavI98r9arD0baL9WAEQp9I0UItD1v-vSg==
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=36750692&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1686180949890&ns_c=UTF-8&cs_cmp_nc=1&cs_fpcd=1&c7=https%3A%2F%2Fwww.themarysue.com%2F&c8=The%20Mary%20Sue%20...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=36750692&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1686180949890&ns_c=UTF-8&cs_cmp_nc=1&cs_fpcd=1&c7=https%3A%2F%2Fwww.themarysue.com%2F&c8=The%20Mary%20Sue%2...
0
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=36750692&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1686180949890&ns_c=UTF-8&cs_cmp_nc=1&cs_fpcd=1&c7=https%3A%2F%2Fwww.themarysue.com%2F&c8=The%20Mary%20Sue%20-%20The%20Nexus%20of%20Pop%20Culture%20and%20the%20Uncharted%20Universe&c9=
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
13.226.120.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-120-66.hkg62.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:35:54 GMT
via
1.1 8423055724d780dc37ee5768e6d73374.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
HKG62-C1
x-amz-cf-id
FYku6qKnxf98LJLAy8ZLNkCooEGN1FPCO5V38DzeLIDTeI3cZhgAHw==
x-cache
Miss from cloudfront

Redirect headers

date
Wed, 07 Jun 2023 23:35:53 GMT
via
1.1 8423055724d780dc37ee5768e6d73374.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
HKG62-C1
x-cache
Miss from cloudfront
location
/b2?c1=2&c2=36750692&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1686180949890&ns_c=UTF-8&cs_cmp_nc=1&cs_fpcd=1&c7=https%3A%2F%2Fwww.themarysue.com%2F&c8=The%20Mary%20Sue%20-%20The%20Nexus%20of%20Pop%20Culture%20and%20the%20Uncharted%20Universe&c9=
content-length
0
x-amz-cf-id
tBsGJmrreoMrmmNOrPXzMUGZFEHHHJS3h0nw0rXbaWO33aDxD48p-Q==
collect
analytics.google.com/g/ 		0
257 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-7PGVNEX4L0&gtm=45je3650&_p=552143194&_gaz=1&cid=2003950130.1686180950&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1686180950&sct=1&seg=0&dl=https%3A%2F%2Fwww.themarysue.com%2F&dt=The%20Mary%20Sue%20-%20The%20Nexus%20of%20Pop%20Culture%20and%20the%20Uncharted%20Universe&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7PGVNEX4L0&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:35:57 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.themarysue.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
57 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-7PGVNEX4L0&cid=2003950130.1686180950&gtm=45je3650&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7PGVNEX4L0&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.188.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tk-in-f157.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:35:57 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.themarysue.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com.au/ads/ 		42 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com.au/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7PGVNEX4L0&cid=2003950130.1686180950&gtm=45je3650&aip=1&z=1070264784
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.188.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tk-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:35:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
clarity.js
www.clarity.ms/s/0.7.8/ 		57 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.8/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/cgl7sjvv34?ref=gtm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.213.71 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9987dcc652130026523219440b654a3e307d16f186019031ad60a28d6f73aa2a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:35:53 GMT
content-encoding
br
last-modified
Wed, 07 Jun 2023 10:27:30 GMT
etag
"0x8DB6741CC9FDBC5"
x-azure-ref
0WRSBZAAAAADiMdgbS/k9Qq/lTj4sy5MaU1lEMDNFREdFMTIxMAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache
TCP_HIT
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
57671ee0-601e-007f-638e-99e140000000
cache-control
public, max-age=86400
x-ms-version
2018-03-28
accept-ranges
bytes
wrap.js
cdn.confiant-integrations.net/gptprebidnative/202305161109/ 		247 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/gptprebidnative/202305161109/wrap.js
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/qaKtxuL1KR_2Tfmz0NmPaAudsBc/gpt_and_prebid/config.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.153.246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9b8757ef83403b67a3f6d10da0c8f4259179fe48a775020aeb65ab9e1791cc3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:35:53 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 16 May 2023 15:12:41 GMT
server
cloudflare
x-amz-request-id
H06VYX40RF3Z086K
age
1927040
etag
W/"c445da83949e16f2c7f56d37a9f719f0"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
7d3cb6d0ddbfa955-SYD
alt-svc
h3=":443"; ma=86400
x-amz-id-2
xIQhzYtvX0q0BG2xiLk2cgEmwrEJnVvJ2OWySL7iVboxrVvNPAPSIRlcrT6qCou6bnpMAXUxF3c=
collect
www.google-analytics.com/j/ 		2 B
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&a=552143194&t=pageview&_s=1&dl=https%3A%2F%2Fwww.themarysue.com%2F&ul=en-us&de=UTF-8&dt=The%20Mary%20Sue%20-%20The%20Nexus%20of%20Pop%20Culture%20and%20the%20Uncharted%20Universe&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1599254338&gjid=1860876768&cid=2003950130.1686180950&tid=UA-21433528-1&_gid=1302078483.1686180951&_r=1&gtm=457e3650&jsscut=1&z=148801943
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.189.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tl-in-f101.1e100.net
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.themarysue.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:35:51 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.themarysue.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&a=552143194&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.themarysue.com%2F&ul=en-us&de=UTF-8&dt=The%20Mary%20Sue%20-%20The%20Nexus%20of%20Pop%20Culture%20and%20the%20Uncharted%20Universe&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ad%20Block&ea=Allowed&_u=YADAAUABAAAAACAAI~&jid=&gjid=&cid=2003950130.1686180950&tid=UA-21433528-1&_gid=1302078483.1686180951&gtm=457e3650&jsscut=1&z=1055357511
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.189.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tl-in-f101.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 21:10:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
8739
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
impl.20230605-13_b1-PR-57411-DEV-105123-remove-unused-features-from-loader-js-21bd1c7f52d.js
cdn.taboola.com/libtrc/ 		767 KB
160 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20230605-13_b1-PR-57411-DEV-105123-remove-unused-features-from-loader-js-21bd1c7f52d.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/skimlinks-publishers/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
271c6f572ec8b76041ea2528755c76657f6549804809eb16665fafce26776125

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id
sww6ep340gjpSCLeAPzqVE2CTLqGV817
content-encoding
br
via
1.1 varnish
date
Wed, 07 Jun 2023 23:35:53 GMT
x-amz-request-id
6XPR61Q419YTX4Y5
age
10481
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
163348
x-amz-id-2
RBmNiDlDB32WHkCpGc/gQeKVe1ZOCDMUgWMd1CoxjLl0f9TU9Lo58mNwPa7Y2UtbIQdB6nu68A4=
x-served-by
cache-bfi-krnt7300051-BFI
last-modified
Mon, 05 Jun 2023 11:59:54 GMT
server
AmazonS3-br
x-timer
S1686180954.971891,VS0,VE1
etag
"cc589b1e844eb63cde65f3ec4c212403"
vary
Accept-Encoding
content-type
application/javascript
abp
25
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
1
tr5
cdn.taboola.com/libtrc/ 		3 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/tr5?abgroup=rbox-loader-clean-test_var
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-served-by
cache-bfi-krnt7300051-BFI
date
Wed, 07 Jun 2023 23:35:55 GMT
via
1.1 varnish
server
Varnish
x-timer
S1686180955.410706,VS0,VE0
x-cache
HIT
content-type
text/html
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
content-length
3
retry-after
0
x-cache-hits
0
collect
stats.g.doubleclick.net/j/ 		8 B
355 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-21433528-1&cid=2003950130.1686180950&jid=1599254338&gjid=1860876768&_gid=1302078483.1686180951&_u=YADAAUAAAAAAACAAI~&z=524154973
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.188.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tk-in-f157.1e100.net
Software
Golfe2 /
Resource Hash
7817ee889e9c73351b96c97c740c9dd746ba87ebd6c6fcab3cd77cd021920ce7
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.themarysue.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 07 Jun 2023 23:35:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.themarysue.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc6e58ecab36db0355d977034ca1b804bb339ccfd8a558f21be8
skisofa.com/0/ 		202 B
717 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://skisofa.com/0/dc6e58ecab36db0355d977034ca1b804bb339ccfd8a558f21be8
Requested by
Host: skisofa.com
URL: https://skisofa.com/v2ydn9AHpxvYASYOPhzN2mhpX7JnJUNIsFRj9Z_30fv8VGuDvN2yrX58
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.133.240 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
240.133.244.35.bc.googleusercontent.com
Software
/
Resource Hash
5fbf392dfa3a16530db69a8c737df22ed13fe8d9a61922f23e8faefae772b63b
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.themarysue.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Wed, 07 Jun 2023 23:35:52 GMT
via
1.1 google
x-buildnumber
892946322
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
202
x-datacenter
gce-asia-east1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.themarysue.com
x-hostname
fen-hoothoot-asia-east1-test-zpgf
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Wed, 07 Jun 2023 23:35:51 GMT
hadron.json
id.hadron.ad.gt/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=freestar&partner_id=474&sync=0&domain=www.themarysue.com&url=https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.4.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.themarysue.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin
*
allow
POST, OPTIONS, GET
cf-cache-status
DYNAMIC
cf-ray
7d3cb6c9fa7aa95b-SYD
content-length
0
content-type
application/json
date
Wed, 07 Jun 2023 23:35:52 GMT
debug
OPTIONS block
server
cloudflare
hadron.json
id.hadron.ad.gt/v1/ 		109 B
320 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=freestar&partner_id=474&sync=0&domain=www.themarysue.com&url=https://www.themarysue.com/
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.themarysue.com%2F&ref=&_it=freestar&partner_id=474
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.4.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31366e9c8e93d9f0f45d4a5df46a107f12155eac05a9359f8fb24e93aa520f66

Request headers

Referer
https://www.themarysue.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 07 Jun 2023 23:35:53 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
private,max-age=30
access-control-allow-credentials
true
debug
NON-OPTIONS
access-control-allow-headers
authorization
cf-ray
7d3cb6cc0ceaa95b-SYD
liveView.php
live.primis.tech/live/ Frame 525D 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?s=110295&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer&x=690&y=390&cbuster=1686180951&pubUrlAuto=https%3A%2F%2Fwww.themarysue.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=110295&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.167.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-167-7.hkg54.r.cloudfront.net
Software
nginx /
Resource Hash
18ce73088c3f5ae82204fb7443b1e6c57848d10a19a0f2ba66e1580f7e917df7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:35:55 GMT
content-encoding
gzip
via
1.1 52c5ddb029eae46cd9dad0cfd50b5b8e.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
HKG54-C1
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
x-amz-cf-id
ihnxU5W_G-uXeaqT30PbhcQIig9Fz0gxdKfVV0dsGy7u5usHsFmrOQ==
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/ 		406 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.8.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tb-in-f157.1e100.net
Software
cafe /
Resource Hash
d69c318c5a18ce860870df13878596d3d7bb7efd57b77a0f32b5478d1cfe1c52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:34:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
90
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128351
x-xss-protection
0
server
cafe
etag
10410007902637205610
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 06 Jun 2024 23:34:26 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		1 KB
976 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.themarysue.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.8.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tb-in-f157.1e100.net
Software
cafe /
Resource Hash
dfbfafbecf02813a4eb85f10ab914df8f6eb500e0b2adef7465b6469eda7572b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:35:53 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
431
x-xss-protection
0
expires
Wed, 07 Jun 2023 23:35:53 GMT
ga-audiences
www.google.com/ads/ 		42 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-21433528-1&cid=2003950130.1686180950&jid=1599254338&_u=YADAAUAAAAAAACAAI~&z=1362651201
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f103.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:35:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com.au/ads/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com.au/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-21433528-1&cid=2003950130.1686180950&jid=1599254338&_u=YADAAUAAAAAAACAAI~&z=1362651201
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.188.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tk-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:35:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
px.gif
ad-delivery.net/ 		43 B
916 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:35:56 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2606089
x-guploader-uploadid
ADPycduX_M50Hx8hMLC0FYObQ6rORvKx35m_elyKuNTwQFPCICRqIJOGxnFHBhk-ug_vnHgirRsW5V-imOFJL50gYwLtaw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nnn5%2BdZciy1lJHDYB6vl0unFMesBeZIBECY2rW02kVd0Ww9Vb7eJRoATAaRrrGBKLv1y8waqOl%2FDGtlWavzpIeCsI3p0q9rtkxWQj6eXl6XEevZJZc00VgZOFmFRKNovAA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
7d3cb6e04bf2dfb5-SYD
expires
Mon, 08 May 2023 20:21:52 GMT
favicon.ico
ad.doubleclick.net/ 		1 KB
571 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.157.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ta-in-f148.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 08:29:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54415
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 08 Jun 2023 08:29:01 GMT
px.gif
ad-delivery.net/ 		43 B
322 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.6322241820160603
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:35:56 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2606089
x-guploader-uploadid
ADPycduX_M50Hx8hMLC0FYObQ6rORvKx35m_elyKuNTwQFPCICRqIJOGxnFHBhk-ug_vnHgirRsW5V-imOFJL50gYwLtaw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=itrPlqGQRU52rtQr2Dwplh2wnab0wJHF36UgLCERTRoFjJe99G4jW%2BEUPsQMVbepNx0b3FJF71iGXf8pv%2F6n7oiVaTJxp5TRANU0aJ01XpuP5RX410efCecMjgRBGgO3iw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
7d3cb6e04bf3dfb5-SYD
expires
Mon, 08 May 2023 20:21:52 GMT
75cd3240e047cf3055976ec49faa51f1f8cee7df7b2baefa7ea4
skisofa.com/ 		3 B
74 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://skisofa.com/75cd3240e047cf3055976ec49faa51f1f8cee7df7b2baefa7ea4
Requested by
Host: skisofa.com
URL: https://skisofa.com/v2ydn9AHpxvYASYOPhzN2mhpX7JnJUNIsFRj9Z_30fv8VGuDvN2yrX58
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.133.240 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
240.133.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.themarysue.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Wed, 07 Jun 2023 23:35:53 GMT
via
1.1 google
x-buildnumber
892946322
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
x-datacenter
gce-asia-east1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.themarysue.com
x-hostname
fen-hoothoot-asia-east1-test-zpgf
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
c
c.pub.network/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.themarysue.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.themarysue.com
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Wed, 07 Jun 2023 23:35:54 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
via
1.1 google
c
c.pub.network/v2/ 		36 B
53 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/analytics/1.1.1/analytics.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
8062317f6f2f91e260868f04ff72ca4a157a0205e9d15d4a89ef6885ab85f313

Request headers

Referer
https://www.themarysue.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 07 Jun 2023 23:35:55 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://www.themarysue.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
collect
v.clarity.ms/ 		0
298 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.8/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.189.135 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.themarysue.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.themarysue.com
Date
Wed, 07 Jun 2023 23:35:55 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
cookie.js
partner.googleadservices.com/gampad/ 		395 B
334 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.themarysue.com&callback=_gfp_s_&client=ca-pub-9356934496955375
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305310101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.177.97.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tm-in-f154.1e100.net
Software
cafe /
Resource Hash
6f36f481995afd3d769b347c07cdf70f9e4e7c21a50591863b0950a78d96bcdd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:35:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
254
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/ 		107 B
532 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=www.themarysue.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305310101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.188.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tk-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:35:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
457 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.themarysue.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305310101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.23.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tg-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:35:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame D35A 		0
190 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-9356934496955375&output=html&adk=522671305&adf=1178619241&lmt=1686180954&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x945_l%7C236x945_r&format=0x0&url=https%3A%2F%2Fwww.themarysue.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686180947023&bpp=3&bdt=2732&idt=4988&shv=r20230601&mjsv=m202305310101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7112081316901&frm=20&pv=2&ga_vid=2003950130.1686180950&ga_sid=1686180954&ga_hid=552143194&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788441%2C44793497%2C44789819&oid=2&pvsid=798598736179353&tmod=1060662944&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=7032
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305310101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.187.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tj-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themarysue.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 07 Jun 2023 23:35:54 GMT
expires
Wed, 07 Jun 2023 23:35:54 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sync
gum.criteo.com/ 		46 B
288 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS&us_privacy=1---&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230605-13_b1-PR-57411-DEV-105123-remove-unused-features-from-loader-js-21bd1c7f52d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:35:56 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
567483
expires
60
json
trc.taboola.com/skimlinks-publishers/trc/3/ 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/skimlinks-publishers/trc/3/json?tim=23%3A35%3A54.725&lti=rbox-loader-clean-test_var&data=%7B%22id%22%3A439%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1686152893663%2C%22vi%22%3A1686180954722%2C%22cv%22%3A%2220230605-13_b1-PR-57411-DEV-105123-remove-unused-features-from-loader-js-21bd1c7f52d%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.themarysue.com%2F%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22pev%22%3A11726%2C%22cmps%22%3A0%2C%22ga%22%3Afalse%2C%22ccpa_ps%22%3A%221---%22%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.themarysue.com%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A8411%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Aabp%3D0%22%2C%22uip%22%3A%22SkimlinksPublisher%22%2C%22orig_uip%22%3A%22SkimlinksPublisher%22%2C%22cd%22%3A8411.25%2C%22mw%22%3A1600%7D%5D%2C%22cacheKey%22%3A%22text%3D%2F%2CSkimlinksPublisher%3Drbox-tracking%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22rbox-loader-clean-test_var%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230605-13_b1-PR-57411-DEV-105123-remove-unused-features-from-loader-js-21bd1c7f52d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5f7a6151c57eca4de0be4459845f26d13a6fde8ea493b3336be8b9de60b01f50

Request headers

Referer
https://www.themarysue.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
57
date
Wed, 07 Jun 2023 23:35:54 GMT
content-encoding
gzip
via
1.1 varnish
x-served-by
cache-bfi-krnt7300051-BFI
server
nginx
x-timer
S1686180955.882945,VS0,VE57
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.themarysue.com
content-type
application/javascript; charset=utf-8
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
collect
v.clarity.ms/ 		0
298 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.8/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.189.135 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.themarysue.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.themarysue.com
Date
Wed, 07 Jun 2023 23:35:55 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
distance-from-article.20230605-13_b1-PR-57411-DEV-105123-remove-unused-features-from-loader-js-21bd1c7f52d.es6.js
cdn.taboola.com/libtrc/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/distance-from-article.20230605-13_b1-PR-57411-DEV-105123-remove-unused-features-from-loader-js-21bd1c7f52d.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/skimlinks-publishers/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d915b34fadf8ef9ed51cbed1cf5dcbceac1495bdda4e1861b918b260f96fce1f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id
NzJiz2PHOaA4zr57LQTaSWukMbGX_vFo
content-encoding
gzip
via
1.1 varnish
date
Wed, 07 Jun 2023 23:35:56 GMT
x-amz-request-id
4DTC2S2XBRQSSVVY
age
54
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
FAILED
content-length
1184
x-amz-id-2
ZyKoeYELSkAJPi3kmvG3ANs9yBw+9Q5QunUsbr/+P9JnXBDBhq+UFONQURwm39PsdgaVLl0gfVM=
x-served-by
cache-bfi-krnt7300051-BFI
last-modified
Mon, 05 Jun 2023 11:59:59 GMT
server
AmazonS3
x-timer
S1686180956.099640,VS0,VE2
etag
"d0b952668f00065b666416d7de49c6d5"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
48
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
1
article-detection.20230605-13_b1-PR-57411-DEV-105123-remove-unused-features-from-loader-js-21bd1c7f52d.es6.js
cdn.taboola.com/libtrc/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/article-detection.20230605-13_b1-PR-57411-DEV-105123-remove-unused-features-from-loader-js-21bd1c7f52d.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/skimlinks-publishers/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e620d194e248dc3e3f5ec6b9d2a197ca7adb211b026174d050e440999ab30dd8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id
cOgN37QEVJ0OHXj.ly2UCEMMyeopTMnA
content-encoding
gzip
via
1.1 varnish
date
Wed, 07 Jun 2023 23:35:56 GMT
x-amz-request-id
4DT0KDWQ9C74HBPJ
age
54
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
FAILED
content-length
1289
x-amz-id-2
qsOu5kTY/7WRr1F80SNqOnmaQyX/waffEYFi0d1Z5kkuAYWF5A2yw/s/iZscEzmjh/kG4/QC9H4=
x-served-by
cache-bfi-krnt7300051-BFI
last-modified
Mon, 05 Jun 2023 11:59:52 GMT
server
AmazonS3
x-timer
S1686180956.222737,VS0,VE1
etag
"1d3ad94a4bca872e68c180754025ee63"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
48
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
1
debug
ch-trc-events.taboola.com/skimlinks-publishers/log/2/ 		0
92 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-trc-events.taboola.com/skimlinks-publishers/log/2/debug?tim=23%3A35%3A55.134&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20rbox-tracking&llvl=2&id=6384&cv=20230605-13_b1-PR-57411-DEV-105123-remove-unused-features-from-loader-js-21bd1c7f52d&lt=rbox-loader-clean-test_var&pct=1
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:35:57 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
357495
collect
analytics.google.com/g/ 		0
0
hls.0.12.4_3.min.js
live.primis.tech/content/video/hls/ Frame 525D 		258 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=110295&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer&x=690&y=390&cbuster=1686180951&pubUrlAuto=https%3A%2F%2Fwww.themarysue.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.167.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-167-7.hkg54.r.cloudfront.net
Software
nginx /
Resource Hash
a20010b26bce05ea3cfc83cf3a162b7c16b5d2fa2bcf2253b0394b0eb322347a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:35:56 GMT
content-encoding
gzip
via
1.1 52c5ddb029eae46cd9dad0cfd50b5b8e.cloudfront.net (CloudFront)
last-modified
Wed, 23 Mar 2022 12:48:40 GMT
server
nginx
x-amz-cf-pop
HKG54-C1
etag
W/"623b1728-409bc"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
x-amz-cf-id
28afQQRTESiSVgKttiRa_N6gecyPbHvpTgyNvw5THN25ZT3ITPHn6w==
expires
Thu, 06 Jun 2024 23:35:56 GMT
prebidVid.7.16.0_9.min.js
live.primis.tech/content/prebid/ Frame 525D 		515 KB
260 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/prebid/prebidVid.7.16.0_9.min.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=110295&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer&x=690&y=390&cbuster=1686180951&pubUrlAuto=https%3A%2F%2Fwww.themarysue.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.167.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-167-7.hkg54.r.cloudfront.net
Software
nginx /
Resource Hash
8ff594557d15818d0407c52a3b2c3ea8e48e92b950211cfaa3e40e033a93cdd3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:35:56 GMT
content-encoding
gzip
via
1.1 52c5ddb029eae46cd9dad0cfd50b5b8e.cloudfront.net (CloudFront)
last-modified
Mon, 24 Apr 2023 11:04:49 GMT
server
nginx
x-amz-cf-pop
HKG54-C1
etag
W/"64466251-80b63"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
x-amz-cf-id
zM2OcZvGhBTjV46YmKrq7zk2t1ge7G3zyCm4GpNBXFAhxRmu2lKG1w==
expires
Thu, 06 Jun 2024 23:35:56 GMT
liveVideo.php
live.primis.tech/live/ Frame 525D 		625 KB
247 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D30362D30385F30327D7B7331373136373735357D7B4337377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583639307D7B593339307D7B66317D7B4C31333130317DFEFE&userIpAddr=66.203.112.162&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F114.0.5735.106+Safari%2F537.36&debugInformation=&isWePassGdpr=1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1686180955&csuuid=648114579bd51&debugInfo=17167755_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17167755&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed3559vwzxpmkh&secondaryContent=&x=690&y=390&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=350&flow_height=197&videoType=flow&gdpr=0&gdprConsent=&contentFeedId=&geoLati=-33&geoLong=146&vpTemplate=13101&flowMode=seenboth&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=&appName=&appBundleId=https%3A%2F%2Fwww.themarysue.com%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=110295&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer&x=690&y=390&cbuster=1686180951&pubUrlAuto=https%3A%2F%2Fwww.themarysue.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.167.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-167-7.hkg54.r.cloudfront.net
Software
nginx /
Resource Hash
e3402ed1d57205e89a09d2fe6321dfa7e7524434c6ec004b7cd95672ab9118a0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:35:56 GMT
content-encoding
gzip
via
1.1 52c5ddb029eae46cd9dad0cfd50b5b8e.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
HKG54-C1
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
x-amz-cf-id
4Kn58Fwygfb0XQTfx_WJnf6sDUqDxzL6WfaCweiZPlpJQKVs3k3b-g==
bulk
trc.taboola.com/skimlinks-publishers/log/3/ 		0
395 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/skimlinks-publishers/log/3/bulk?route=US%3ACH%3AV&lti=rbox-loader-clean-test_var&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230605-13_b1-PR-57411-DEV-105123-remove-unused-features-from-loader-js-21bd1c7f52d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.themarysue.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
43
pragma
no-cache
date
Wed, 07 Jun 2023 23:35:56 GMT
via
1.1 varnish
x-served-by
cache-bfi-krnt7300051-BFI
server
nginx
x-timer
S1686180956.302122,VS0,VE43
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.themarysue.com
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
country
api.btloader.com/ 		16 B
195 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/country
Requested by
Host: freestar-io.videoplayerhub.com
URL: https://freestar-io.videoplayerhub.com/gallery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
fa1f876cb70f7a711191b9dab191d9cc1c037ae4f5f5ea032dfe742f51c07f65

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:35:56 GMT
via
1.1 google
vary
Origin
content-type
application/json
access-control-allow-origin
*
cache-control
private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
pv
api.btloader.com/ 		0
67 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/pv?tid=PvagjNi7&w=5129062202212352&o=5714937848528896&cv=2.1.12-7-gb1eec29&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fwww.themarysue.com%2F&sid=7LemeXcuh&upapi=true
Requested by
Host: freestar-io.videoplayerhub.com
URL: https://freestar-io.videoplayerhub.com/gallery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 07 Jun 2023 23:35:56 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
abtests
ch-trc-events.taboola.com/skimlinks-publishers/log/3/ 		0
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-trc-events.taboola.com/skimlinks-publishers/log/3/abtests?route=US:CH:V&lti=rbox-loader-clean-test_var&ri=58a2a5c20464759b3d4dbe8f5d5332de&sd=v2_57a1282352395d197226e2e274d00cd7_19fd43c0-aab5-47d2-9549-7e0050dccabe-tuctb7a99da_1686180954_1686180954_CNawjgYQsJRZGOKE3sGJMSABKAEw4QE4kaQOQPG-DkihqNwDUJAFWABgAGj___vfgcH-_wlwAQ&ui=19fd43c0-aab5-47d2-9549-7e0050dccabe-tuctb7a99da&pi=/&wi=-2831823380945602862&pt=text&vi=1686180954722&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22feed-distance-from-article-end%22%2C%22type%22%3A%22211.25%22%2C%22eventTime%22%3A1686180956394%7D&tim=23%3A35%3A56.395&id=837&llvl=2&cv=20230605-13_b1-PR-57411-DEV-105123-remove-unused-features-from-loader-js-21bd1c7f52d&
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 07 Jun 2023 23:35:57 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
collect
v.clarity.ms/ 		0
298 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.8/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.189.135 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.themarysue.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.themarysue.com
Date
Wed, 07 Jun 2023 23:35:57 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
rtb-h
sync.taboola.com/sg/supershiprtb-display-network/1/ Frame 9D7D
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=taboola
  • https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZIEUXsCo8X4AACKnetcAAAAA
0
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZIEUXsCo8X4AACKnetcAAAAA
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:35:59 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
332144

Redirect headers

X-SO-Cluster-ID
0
Date
Wed, 07 Jun 2023 23:35:58 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=taboola","cluster_id":0,"gdpr":false,"ipv4":"66.203.112.162","key":"ZIEUXsCo8X4AACKnetcAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad230"}
X-SO-Key
ZIEUXsCo8X4AACKnetcAAAAA
Server
nginx
X-SO-Upstream-ID
m-ad230
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZIEUXsCo8X4AACKnetcAAAAA
Cache-Control
private
X-SO-HostName
m-ad230.dc4p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
2
Content-Length
0
X-SO-LB-Hostname
m-tgng26.dc4p.scaleout.jp
X-SO-IP
66.203.112.162
/
sync.taboola.com/sg/stroerrtbeur-network/1/rtb-h/ Frame 9D7D
Redirect Chain
  • https://ih.adscale.de/su?gdpr=0&gdpr_consent=&tpid=22688&cburl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fstroerrtbeur-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D__STROEER_USER_ID__
  • https://ih.adscale.de/su?gdpr=0&gdpr_consent=&tpid=22688&cburl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fstroerrtbeur-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D__STROEER_USER_ID__&nut&uu=6fe3c5d1fb4f4e9ab8...
  • https://sync.taboola.com/sg/stroerrtbeur-network/1/rtb-h/?taboola_hm=6fe3c5d1fb4f4e9ab8d0dd230f4d14f9
0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/stroerrtbeur-network/1/rtb-h/?taboola_hm=6fe3c5d1fb4f4e9ab8d0dd230f4d14f9
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:35:59 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
332144

Redirect headers

location
https://sync.taboola.com/sg/stroerrtbeur-network/1/rtb-h/?taboola_hm=6fe3c5d1fb4f4e9ab8d0dd230f4d14f9
date
Wed, 07 Jun 2023 23:35:59 GMT
content-length
0
sync
ssbsync.smartadserver.com/api/ Frame 9D7D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=4
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.53 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers
/
sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/ Frame 9D7D
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=16698
  • https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LIMCLUXN-28-LG0C
0
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LIMCLUXN-28-LG0C
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:35:59 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
332016

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LIMCLUXN-28-LG0C
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
dedf7fc216a5bbc739a54325e875a79f
Expires
0
/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame 9D7D
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/taboola/19fd43c0-aab5-47d2-9549-7e0050dccabe-tuctb7a99da?gdpr=0&gdpr_consent=&us_privacy=1---
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-NYmn8T1E2oRRXlLMTi9KTEWzgIcqseKw0IumIg--~A
0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-NYmn8T1E2oRRXlLMTi9KTEWzgIcqseKw0IumIg--~A
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:36:00 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
331981

Redirect headers

date
Wed, 07 Jun 2023 23:35:59 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-NYmn8T1E2oRRXlLMTi9KTEWzgIcqseKw0IumIg--~A
content-length
0
/
sync.taboola.com/sg/baidurtb-network/1/rtb-h/ Frame 9D7D
Redirect Chain
  • https://trace.mediago.io/ju/cs/taboola
  • https://sync.taboola.com/sg/baidurtb-network/1/rtb-h/?taboola_hm=9ed1380a50f25922e34f2a3ec8be8ae6
0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/baidurtb-network/1/rtb-h/?taboola_hm=9ed1380a50f25922e34f2a3ec8be8ae6
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:36:04 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
331923

Redirect headers

location
https://sync.taboola.com/sg/baidurtb-network/1/rtb-h/?taboola_hm=9ed1380a50f25922e34f2a3ec8be8ae6
date
Wed, 07 Jun 2023 23:36:04 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8
content-type
text/plain; charset=utf-8
/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame 9D7D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEGX1g0Hl42p2SgeFBKI0YCs&google_cver=1
0
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEGX1g0Hl42p2SgeFBKI0YCs&google_cver=1
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-vcl-time-ms
48
date
Wed, 07 Jun 2023 23:36:04 GMT
via
1.1 varnish
x-cache-hits
0
server
nginx
x-timer
S1686180964.997494,VS0,VE48
x-cache
MISS
accept-ranges
bytes
content-length
0
x-served-by
cache-bfi-krnt7300051-BFI

Redirect headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEGX1g0Hl42p2SgeFBKI0YCs&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
304
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 9D7D 		42 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=19fd43c0-aab5-47d2-9549-7e0050dccabe-tuctb7a99da:$UID
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.86 , Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 07 Jun 2023 23:36:04 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pixel
cm.g.doubleclick.net/ Frame 9D7D
Redirect Chain
  • https://sync.taboola.com/sg/google-network/1/rtb/?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=19fd43c0-aab5-47d2-9549-7e0050dccabe-tuctb7a99da
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=19fd43c0-aab5-47d2-9549-7e0050dccabe-tuctb7a99da
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Server
173.194.174.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
td-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=19fd43c0-aab5-47d2-9549-7e0050dccabe-tuctb7a99da
date
Wed, 07 Jun 2023 23:36:03 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
331954
/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame 9D7D
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=58f19e0b-0c54-4c75-92e1-bfa769476430
0
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=58f19e0b-0c54-4c75-92e1-bfa769476430
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-vcl-time-ms
42
date
Wed, 07 Jun 2023 23:36:03 GMT
via
1.1 varnish
x-cache-hits
0
server
nginx
x-timer
S1686180964.925908,VS0,VE42
x-cache
MISS
accept-ranges
bytes
content-length
0
x-served-by
cache-bfi-krnt7300051-BFI

Redirect headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:03 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=58f19e0b-0c54-4c75-92e1-bfa769476430
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
239
merge
ce.lijit.com/ Frame 9D7D
Redirect Chain
  • https://ce.lijit.com/merge?pid=42&3pid=19fd43c0-aab5-47d2-9549-7e0050dccabe-tuctb7a99da&us_privacy=1---&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=42&3pid=19fd43c0-aab5-47d2-9549-7e0050dccabe-tuctb7a99da&us_privacy=1---&gdpr=0&gdpr_consent=&dnr=1
43 B
696 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=42&3pid=19fd43c0-aab5-47d2-9549-7e0050dccabe-tuctb7a99da&us_privacy=1---&gdpr=0&gdpr_consent=&dnr=1
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
HTTP/1.1
Server
69.175.41.15 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
sovrn-193627-chi03-placeholder
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 07 Jun 2023 23:36:05 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ord1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 07 Jun 2023 23:36:05 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ce.lijit.com/merge?pid=42&3pid=19fd43c0-aab5-47d2-9549-7e0050dccabe-tuctb7a99da&us_privacy=1---&gdpr=0&gdpr_consent=&dnr=1
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ord1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame 9D7D 		49 B
882 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=19fd43c0-aab5-47d2-9549-7e0050dccabe-tuctb7a99da
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.214.196.131 Sunnyvale, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-AU
content-type
image/gif;charset=iso-8859-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-5c88bf657c-2swbl
expires
-1
/
rtb-csync.smartadserver.com/redir/ Frame 9D7D 		43 B
438 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=19fd43c0-aab5-47d2-9549-7e0050dccabe-tuctb7a99da&gdpr=0&gdpr_consent=
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.38 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 07 Jun 2023 23:36:04 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 9D7D
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=daaff8da-6b31-46f1-b8e1-bec0601bf249
0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=daaff8da-6b31-46f1-b8e1-bec0601bf249
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:36:05 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
331923

Redirect headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:03 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=daaff8da-6b31-46f1-b8e1-bec0601bf249
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1811922
content-length
0
expires
Wed, 07 Jun 2023 00:00:00 GMT
get
uipglob.semasio.net/id5/1/ Frame 9D7D
Redirect Chain
  • https://id5-sync.com/s/464/9.gif?puid=19fd43c0-aab5-47d2-9549-7e0050dccabe-tuctb7a99da&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D...
  • https://id5-sync.com/c/464/464/7/1.gif?puid=19fd43c0-aab5-47d2-9549-7e0050dccabe-tuctb7a99da&gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-7aebbdsga1nctBFnyOEudPyYGURARFSJurc0GDAI2Q&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F3%2F6%2F2.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26g...
  • https://id5-sync.com/c/464/3/6/2.gif?puid=8aa96481-1462-4400-8d93-3f57fee2e878&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=58f19e0b-0c54-4c75-92e1-bfa769476430&ttl=%%TTL%%
  • https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F10%2F4%2F4.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://id5-sync.com/c/464/10/4/4.gif?puid=7694876445673813675&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F3%2F5.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_con...
  • https://id5-sync.com/c/464/108/3/5.gif?puid=09e8f016-6ae2-4e9a-8e19-e40c6bba65b9&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/464/2/2/6.gif?puid=$UID&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/464/2/2/6.gif?puid=1731213324646008949&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F112%2F1%2F7.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
0
0
rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame 9D7D
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=0&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dtabo...
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=dbb997b9a0094362bdaac6a8db9530b9&ssp=taboola&bsw_param=4f0664f5-7787-47d1-8469-677d4e269b7e&gdpr=0&consent=&gdpr_pd=&expires=7
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=4f0664f5-7787-47d1-8469-677d4e269b7e&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=4f0664f5-7787-47d1-8469-677d4e269b7e&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:36:09 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
336408

Redirect headers

Location
//sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=4f0664f5-7787-47d1-8469-677d4e269b7e&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Date
Wed, 07 Jun 2023 23:36:09 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
rtb-h
match.taboola.com/sg/mediaforcebidder-network/1/ Frame 9D7D
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=taboola
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=e96e9413-9031-4b8e-879c-7f81656eaa36
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=e96e9413-9031-4b8e-879c-7f81656eaa36&tbid=19fd43c0-aab5-47d2-9549-7e0050dccabe-tuctb7a99da&query=taboola_hm%3De96e9413-9031-...
0
77 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=e96e9413-9031-4b8e-879c-7f81656eaa36&tbid=19fd43c0-aab5-47d2-9549-7e0050dccabe-tuctb7a99da&query=taboola_hm%3De96e9413-9031-4b8e-879c-7f81656eaa36&isDirect=0
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-cache-hits
0
date
Wed, 07 Jun 2023 23:36:11 GMT
via
1.1 varnish
server
nginx
x-timer
S1686180971.364109,VS0,VE69
x-cache
MISS
accept-ranges
bytes
content-length
0
x-served-by
cache-bfi-krnt7300051-BFI

Redirect headers

location
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=e96e9413-9031-4b8e-879c-7f81656eaa36&tbid=19fd43c0-aab5-47d2-9549-7e0050dccabe-tuctb7a99da&query=taboola_hm%3De96e9413-9031-4b8e-879c-7f81656eaa36&isDirect=0
date
Wed, 07 Jun 2023 23:36:11 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
335374
sd
u.openx.net/w/1.0/ Frame 9D7D 		43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/sd?id=543998486&val=19fd43c0-aab5-47d2-9549-7e0050dccabe-tuctb7a99da&gdpr=0&gdpr_consent=
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:08 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
xuid
eb2.3lift.com/ Frame 9D7D 		37 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7772&xuid=19fd43c0-aab5-47d2-9549-7e0050dccabe-tuctb7a99da&dongle=tbla&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-type
image/gif
date
Wed, 07 Jun 2023 23:36:08 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
rtb-h
sync.taboola.com/sg/stackadaptrtb-network/1/ Frame 9D7D
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=140
  • https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=KvtX7RgxWNRFeu4KcKUQBkLLcKI
0
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=KvtX7RgxWNRFeu4KcKUQBkLLcKI
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:36:09 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
335899

Redirect headers

Location
https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=KvtX7RgxWNRFeu4KcKUQBkLLcKI
Date
Wed, 07 Jun 2023 23:36:09 GMT
Connection
keep-alive
Content-Length
119
Content-Type
text/html; charset=utf-8
match
ads.betweendigital.com/ Frame 9D7D
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=453&user_id=19fd43c0-aab5-47d2-9549-7e0050dccabe-tuctb7a99da&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=4f0664f5-7787-47d1-8469-677d4e269b7e
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=4f0664f5-7787-47d1-8469-677d4e269b7e&crf=1
68 B
598 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=4f0664f5-7787-47d1-8469-677d4e269b7e&crf=1
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
203.195.121.141 , Singapore, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

location
/match?bidder_id=22&external_user_id=4f0664f5-7787-47d1-8469-677d4e269b7e&crf=1
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
sync
t.adx.opera.com/ Frame 9D7D 		35 B
466 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.adx.opera.com/sync?vendor=60151&uid=19fd43c0-aab5-47d2-9549-7e0050dccabe-tuctb7a99da
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS
n-sysadmin-jumpbox-03.feednews.opera.technology
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:12 GMT
server
nginx
access-control-allow-methods
POST, GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/ Frame 9D7D
Redirect Chain
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&ph=295bf259-a378-4089-aae8-a2a995ba8627&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Fr...
  • https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=b76f8224-cf5f-4727-83b3-33e62a118642
0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=b76f8224-cf5f-4727-83b3-33e62a118642
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:36:12 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
335005

Redirect headers

date
Wed, 07 Jun 2023 23:36:12 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=b76f8224-cf5f-4727-83b3-33e62a118642
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
sync.taboola.com/sg/centrortb-network/1/rtb-h/ Frame 9D7D
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=121&0&&us_privacy=1---&redir=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=121&0&&us_privacy=1---&redir=
  • https://sync.taboola.com/sg/centrortb-network/1/rtb-h/?taboola_hm=2c43c52b-8016-462a-a7c8-b819e09b1d64-6481146d-5553
0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/centrortb-network/1/rtb-h/?taboola_hm=2c43c52b-8016-462a-a7c8-b819e09b1d64-6481146d-5553
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:36:13 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
334572

Redirect headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:13 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://sync.taboola.com/sg/centrortb-network/1/rtb-h/?taboola_hm=2c43c52b-8016-462a-a7c8-b819e09b1d64-6481146d-5553
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
cds-pips.js
cdn.taboola.com/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230605-13_b1-PR-57411-DEV-105123-remove-unused-features-from-loader-js-21bd1c7f52d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id
z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding
gzip
via
1.1 varnish
date
Wed, 07 Jun 2023 23:36:12 GMT
x-amz-request-id
H94BPDMT0GC40804
age
1947
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1340
x-amz-id-2
MUayK/kuyynFztKIGTuxhlHWZcxelxmcGdfEGZnx1v3nNcWKE0jL+mrXZTfxBMXECRfXHrRogR0=
x-served-by
cache-bfi-krnt7300051-BFI
last-modified
Wed, 12 Oct 2022 13:57:57 GMT
server
AmazonS3
x-timer
S1686180972.199689,VS0,VE0
etag
"383fa66d2a0a09f4a6e64a9593ad43bb"
vary
Accept-Encoding
content-type
application/javascript
abp
48
access-control-allow-origin
*
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
1632
fraud-detect.js
cdn.taboola.com/scripts/ 		121 B
361 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/fraud-detect.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230605-13_b1-PR-57411-DEV-105123-remove-unused-features-from-loader-js-21bd1c7f52d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
392c32f20b9f867852a946a6ed1c5e21476df9619083548b6585d80a3b5f9bd4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id
vOXBAr_FxKHpU348.XTQhP6DWnVyKple
content-encoding
gzip
via
1.1 varnish
date
Wed, 07 Jun 2023 23:36:12 GMT
x-amz-request-id
9D124TQA9YV10VW5
age
20197
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
125
x-amz-id-2
A357VfmFYTZRqXvVgPawFG252NqG8ripyWoHC+xfKR81j3ruYV3AssfLpXFOwBssqqA61G+5Y8g=
x-served-by
cache-bfi-krnt7300051-BFI
last-modified
Thu, 15 Dec 2022 16:50:08 GMT
server
AmazonS3
x-timer
S1686180973.519775,VS0,VE0
etag
"f7a185d92ac2162dc0bc36c5d7ef7dfe"
vary
Accept-Encoding
content-type
application/javascript
abp
48
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
14718
eidf.es5.js
cdn.taboola.com/scripts/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/eidf.es5.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230605-13_b1-PR-57411-DEV-105123-remove-unused-features-from-loader-js-21bd1c7f52d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id
3979WkHCSLO5cQCJAWoE4w7tW4Dv40AW
content-encoding
gzip
via
1.1 varnish
date
Wed, 07 Jun 2023 23:36:12 GMT
x-amz-request-id
7QVHJVW7E6E0DCW1
age
6217
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
6467
x-amz-id-2
p2frpG9oV4AoGr+oJkJV7aA3JRbCHyW0rMFyQoQYoKr8yZS+c8RvIjMb8grQkblAu7cV2flIVms=
x-served-by
cache-bfi-krnt7300051-BFI
last-modified
Sun, 02 Apr 2023 13:49:08 GMT
server
AmazonS3
x-timer
S1686180973.519290,VS0,VE0
etag
"2fdf3e79d5e851201a0d52a886453d8b"
vary
Accept-Encoding
content-type
application/javascript
abp
48
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
4426
floors
api.floors.dev/sgw/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.floors.dev/sgw/v1/floors
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.128.112 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
112.128.160.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-api-key
Access-Control-Request-Method
POST
Origin
https://www.themarysue.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key
access-control-allow-methods
ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
access-control-allow-origin
https://www.themarysue.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
date
Wed, 07 Jun 2023 23:35:58 GMT
expires
0
pragma
no-cache
strict-transport-security
max-age=31536000;includeSubDomains;preload;
via
1.1 google
floors
api.floors.dev/sgw/v1/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.floors.dev/sgw/v1/floors
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/aad127a7a07479f79ad2ca704a251a5d6f32cb6d/pubfig.engine.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.128.112 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
112.128.160.34.bc.googleusercontent.com
Software
/
Resource Hash
478d2d27228672fdef97e922667ab897994659a8726f2eb7a1da985a04a9dd4c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload;

Request headers

Referer
https://www.themarysue.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
x-api-key
4e799501-b8b6-4ef1-bad5-225b3dd1aa8d
Content-Type
application/json

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:35:58 GMT
strict-transport-security
max-age=31536000;includeSubDomains;preload;
via
1.1 google
access-control-max-age
3600
access-control-allow-methods
ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
content-type
application/json
access-control-allow-origin
https://www.themarysue.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.themarysue.com%2F&domain=www.themarysue.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.themarysue.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.themarysue.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Wed, 07 Jun 2023 23:35:59 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
256782
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
apstag.js
c.amazon-adsystem.com/aax2/ 		228 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/aad127a7a07479f79ad2ca704a251a5d6f32cb6d/pubfig.engine.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.153.155 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e5455fe11eef6ea9da6fd8b89ec7d0376cf18b8d863a31fd6f4e13225055049a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:10:35 GMT
content-encoding
gzip
via
1.1 87c4d73b5ac2faa4ca336ce968e1aa1a.cloudfront.net (CloudFront), 1.1 000be6a6f55d3278e3e48047baa61246.cloudfront.net (CloudFront)
last-modified
Mon, 22 May 2023 19:17:48 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P2, HKG54-C1
age
1541
x-amz-server-side-encryption
AES256
etag
W/"164d5b26a12963e375c4bac3b8c240e8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
u4EkvbG2kBCbZM7wcUuD95KmOGmiZf7EebZJ2i64hOeb3DU1-KcGrA==
json
gum.criteo.com/sid/ 		365 B
689 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.themarysue.com%2F&domain=www.themarysue.com&cw=1&lsw=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
d574b79c184bf85347d89dcd8ea62a6c42cfb15b0b6eeee60fd5dc447d9ea75e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.themarysue.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:35:59 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.themarysue.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
667384
expires
0
rid
match.adsrvr.org/track/ 		109 B
548 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=6bjin1p&fmt=json
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
17e89d0e1e11fa204211ce2369bcb6fcf60231dd7b3eebb587e0225865f6aefc

Request headers

Referer
https://www.themarysue.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 07 Jun 2023 23:35:59 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.themarysue.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Fri, 07 Jul 2023 23:35:59 GMT
quant.js
secure.quantserve.com/ 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/aad127a7a07479f79ad2ca704a251a5d6f32cb6d/pubfig.engine.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.247 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:36:14 GMT
content-encoding
gzip
etag
"sLp6xTjO7svFVaOemhLWUQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Wed, 14 Jun 2023 23:36:14 GMT
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 -, , ASN (),
Reverse DNS
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 18 May 2023 19:49:39 GMT
content-encoding
gzip
age
1741595
x-guploader-uploadid
ADPycduzL5qzYxZTKkTKIif7C9nZwdfSLUvRC4fgP2-BEsGyUsvlc7ql9cRBtYJhpAHlR7QaaQVQj4SAmD8uXoXawlUvMw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Fri, 17 May 2024 19:49:39 GMT
publishertag.ids.js
static.criteo.net/js/ld/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
839c424b188a9bdafd46e5b643a2c5afb4b7df5e51f0321ffafd5f23b118e259
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:36:15 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 31 May 2023 13:09:50 GMT
server
nginx
etag
W/"6477471e-a980"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 08 Jun 2023 23:36:15 GMT
esp.js
cdn.id5-sync.com/api/1.0/ 		59 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.52.86 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
c6df03d6bd1a8ca1ce49d6b92d5fd80d5c1358191040696703718ce2054b1b2b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:36:14 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 06 Jun 2023 14:15:50 GMT
server
cloudflare
x-amz-request-id
A1PFSG2JWKHAWJTA
age
529
etag
W/"8c1740edd46834c66e82586d99a9e74c"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7d3cb754cf80ab0b-SYD
x-amz-id-2
E3EK7OQBLx6no6episXd+8KMIlL4yLjouzqnmmxa1dpIGjOCSU70+GkHCF8BOo1ZDPCBW0799SA=
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
901 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.229 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 07 Jun 2023 23:36:15 GMT
x-content-type-options
nosniff
content-encoding
br
age
1001
x-jsd-version
master
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
439
x-served-by
cache-fra-eddf8230042-FRA, cache-bfi-krnt7300068-BFI
x-jsd-version-type
branch
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 -, , ASN (),
Reverse DNS
Software
UploadServer /
Resource Hash
3b89401fea631023de67ae75bf8f246b1af109a9a4247c3862016949eacc462b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:06:24 GMT
via
1.1 google
age
1790
x-guploader-uploadid
ADPycdvLL0hDdnb8KJNIElityVwE_7TYRRv4AOWThSIZm5kNkCJ3z5tjmzcjmreUYVVXSj0Tu89evJsngQQmVdvhFzij4XREe023
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1938
last-modified
Thu, 27 Apr 2023 19:53:17 GMT
server
UploadServer
etag
"0a4a90264145ed4c5c647dae5dfb0429"
x-goog-generation
1682625197861193
x-goog-hash
crc32c=jhvysQ==, md5=CkqQJkFF7UxcZH2uXfsEKQ==
content-type
text/javascript
cache-control
public, max-age=3600
x-goog-stored-content-length
1938
accept-ranges
bytes
expires
Thu, 08 Jun 2023 00:06:24 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.18.65 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 20:50:12 GMT
content-encoding
gzip
via
1.1 94c711d93144b410c89faab8ecdec83c.cloudfront.net (CloudFront)
last-modified
Wed, 31 May 2023 20:34:33 GMT
server
AmazonS3
x-amz-cf-pop
HKG62-C2
age
9964
x-amz-server-side-encryption
AES256
etag
W/"550ead3a95bd6cfcd917d45c5f8f4553"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
THnAXdS-LrNEtCeTZU0E7D6SHOxqBVG8aCwQy1lTey0mzCNC9vRtPw==
rtd
id.hadron.ad.gt/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/api/v1/rtd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.4.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.themarysue.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
allow
POST, OPTIONS, GET
cf-cache-status
DYNAMIC
cf-ray
7d3cb6f39beba95b-SYD
content-length
0
content-type
application/json
date
Wed, 07 Jun 2023 23:35:59 GMT
debug
rtd-nx-sv
server
cloudflare
rtd
id.hadron.ad.gt/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/api/v1/rtd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.4.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.themarysue.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
allow
POST, OPTIONS, GET
cf-cache-status
DYNAMIC
cf-ray
7d3cb6f39befa95b-SYD
content-length
0
content-type
application/json
date
Wed, 07 Jun 2023 23:35:59 GMT
debug
rtd-nx-sv
server
cloudflare
rtd
id.hadron.ad.gt/api/v1/ 		27 B
86 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/api/v1/rtd
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.4.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33c1ab6a01b4049878497c2874d8cbb72e14ee7cf14fafec3c09b45f9874b67e

Request headers

Referer
https://www.themarysue.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 07 Jun 2023 23:35:59 GMT
cf-cache-status
DYNAMIC
server
cloudflare
allow
POST, OPTIONS, GET
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
debug
rtd-nx-sv
access-control-allow-headers
*
content-length
27
cf-ray
7d3cb6f59e91a95b-SYD
rtd
id.hadron.ad.gt/api/v1/ 		27 B
83 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/api/v1/rtd
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.4.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33c1ab6a01b4049878497c2874d8cbb72e14ee7cf14fafec3c09b45f9874b67e

Request headers

Referer
https://www.themarysue.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 07 Jun 2023 23:35:59 GMT
cf-cache-status
DYNAMIC
server
cloudflare
allow
POST, OPTIONS, GET
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
debug
rtd-nx-sv
access-control-allow-headers
*
content-length
27
cf-ray
7d3cb6f5ae98a95b-SYD
rtd
id.hadron.ad.gt/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/api/v1/rtd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.4.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.themarysue.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
allow
POST, OPTIONS, GET
cf-cache-status
DYNAMIC
cf-ray
7d3cb6f39bf4a95b-SYD
content-length
0
content-type
application/json
date
Wed, 07 Jun 2023 23:35:59 GMT
debug
rtd-nx-sv
server
cloudflare
rtd
id.hadron.ad.gt/api/v1/ 		27 B
83 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/api/v1/rtd
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.4.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33c1ab6a01b4049878497c2874d8cbb72e14ee7cf14fafec3c09b45f9874b67e

Request headers

Referer
https://www.themarysue.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 07 Jun 2023 23:35:59 GMT
cf-cache-status
DYNAMIC
server
cloudflare
allow
POST, OPTIONS, GET
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
debug
rtd-nx-sv
access-control-allow-headers
*
content-length
27
cf-ray
7d3cb6f5aea0a95b-SYD
cookie_sync
s2s.t13.io/ 		2 KB
828 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s2s.t13.io/cookie_sync
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
a6505af4c3200ee18e4dc4d1165c3a819d03bfd1ea75f643286c3a15728e40c7

Request headers

Referer
https://www.themarysue.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:35:59 GMT
content-encoding
gzip
via
1.1 google
content-type
application/json
access-control-allow-origin
https://www.themarysue.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
612
expires
0
auction
s2s.t13.io/openrtb2/ 		0
0
translator
hbopenbid.pubmatic.com/ 		0
0
imp
g2.gumgum.com/hbid/ 		0
0
imp
g2.gumgum.com/hbid/ 		0
0
hbjson
grid.bidswitch.net/ 		0
0
prebid
prebid.media.net/rtb/ 		0
0
v1
btlr.sharethrough.com/universal/ 		0
0
auction
tlx.3lift.com/header/ 		0
0
pbjs
htlb.casalemedia.com/openrtb/ 		0
0
bid
ap.lijit.com/rtb/ 		0
0
cdb
bidder.criteo.com/ 		0
0
trinity.json
apex.go.sonobi.com/ 		0
0
prebid
ib.adnxs.com/ut/v3/ 		0
0
primisslate.css
live.primis.tech/content/video/css/ 		18 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/video/css/primisslate.css
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D30362D30385F30327D7B7331373136373735357D7B4337377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583639307D7B593339307D7B66317D7B4C31333130317DFEFE&userIpAddr=66.203.112.162&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F114.0.5735.106+Safari%2F537.36&debugInformation=&isWePassGdpr=1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1686180955&csuuid=648114579bd51&debugInfo=17167755_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17167755&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed3559vwzxpmkh&secondaryContent=&x=690&y=390&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=350&flow_height=197&videoType=flow&gdpr=0&gdprConsent=&contentFeedId=&geoLati=-33&geoLong=146&vpTemplate=13101&flowMode=seenboth&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=&appName=&appBundleId=https%3A%2F%2Fwww.themarysue.com%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.167.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-167-7.hkg54.r.cloudfront.net
Software
nginx /
Resource Hash
dcbb76a8cb268e3ed25b14f8d4a9b8e906f20da34d903111c2d77fc2c34d83cc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:35:59 GMT
content-encoding
gzip
via
1.1 52c5ddb029eae46cd9dad0cfd50b5b8e.cloudfront.net (CloudFront)
last-modified
Mon, 05 Jun 2023 10:07:42 GMT
server
nginx
x-amz-cf-pop
HKG54-C1
etag
W/"647db3ee-469b"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
accept-ranges
bytes
x-amz-cf-id
yOBEyc9Ik_qjHhk4fDMR58vdyws-MBkw3VlK8a7sljQs6MZyYWXhXw==
apstag.js
c.amazon-adsystem.com/aax2/ Frame 525D 		228 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D30362D30385F30327D7B7331373136373735357D7B4337377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583639307D7B593339307D7B66317D7B4C31333130317DFEFE&userIpAddr=66.203.112.162&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F114.0.5735.106+Safari%2F537.36&debugInformation=&isWePassGdpr=1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1686180955&csuuid=648114579bd51&debugInfo=17167755_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17167755&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed3559vwzxpmkh&secondaryContent=&x=690&y=390&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=350&flow_height=197&videoType=flow&gdpr=0&gdprConsent=&contentFeedId=&geoLati=-33&geoLong=146&vpTemplate=13101&flowMode=seenboth&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=&appName=&appBundleId=https%3A%2F%2Fwww.themarysue.com%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.153.155 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e5455fe11eef6ea9da6fd8b89ec7d0376cf18b8d863a31fd6f4e13225055049a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:10:35 GMT
content-encoding
gzip
via
1.1 87c4d73b5ac2faa4ca336ce968e1aa1a.cloudfront.net (CloudFront), 1.1 000be6a6f55d3278e3e48047baa61246.cloudfront.net (CloudFront)
last-modified
Mon, 22 May 2023 19:17:48 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P2, HKG54-C1
age
1541
x-amz-server-side-encryption
AES256
etag
W/"164d5b26a12963e375c4bac3b8c240e8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
LvmlgiC4t9I9UpAXqwNlRiL0X7rE5tXKHaGG-P4ZBbzEWFzAfFiqcA==
ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame 525D 		93 B
930 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=793790479&pt=17&dpn=1&jsver=5.09&iiqidtype=2&iiqpcid=41f40a14-3997-4d29-8f22-0819d7a37eca&iiqpciddate=1686180959626&iiqcallcount=0&iiqfailcount=0&iiqnodata=false&iiqlocalstorageenabled=true&tsrnd=494_1686180959627&fbp=1120628898&cttl=43200000&rrtt=0&dud=0&abtg=A&iiqppcc=0&vrref=https%3A%2F%2Fwww.themarysue.com%2F&ref=www.themarysue.com
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D30362D30385F30327D7B7331373136373735357D7B4337377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583639307D7B593339307D7B66317D7B4C31333130317DFEFE&userIpAddr=66.203.112.162&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F114.0.5735.106+Safari%2F537.36&debugInformation=&isWePassGdpr=1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1686180955&csuuid=648114579bd51&debugInfo=17167755_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17167755&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed3559vwzxpmkh&secondaryContent=&x=690&y=390&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=350&flow_height=197&videoType=flow&gdpr=0&gdprConsent=&contentFeedId=&geoLati=-33&geoLong=146&vpTemplate=13101&flowMode=seenboth&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=&appName=&appBundleId=https%3A%2F%2Fwww.themarysue.com%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.120.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-120-104.hkg62.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
812bcacb6156e72a91fec76b30e2c6e909513a3038b28ff0680f7cda837cd9e8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:36:00 GMT
via
1.1 3faed3e1eaaa99404e46d74533c7bb48.cloudfront.net (CloudFront)
x-amz-cf-pop
HKG62-C1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
patent
https://www.almondnet.com/ip
alt-svc
h3=":443"; ma=86400
pragma
no-cache
server
Apache-Coyote/1.1
vary
Origin
access-control-allow-methods
POST, GET
content-type
text/html
access-control-allow-origin
https://www.themarysue.com
access-control-max-age
3600
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type, Accept, X-Requested-With, remember-me
x-amz-cf-id
7cAsm1yVxYhnNiV0qsBnjbqg3G3RN7g7DCXK5-CUHZ3dW6WL5XZh1g==
expires
Thu, 01 Jan 1970 00:00:00 GMT
ProfilesEngineServlet
sync1.intentiq.com/profiles_engine/ Frame 525D
Redirect Chain
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=793790479&rnd=732806&iiqidtype=2&iiqpcid=41f40a14-3997-4d29-8f22-0819d7a37eca&iiqpciddate=1686180959626&tsrn...
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=793790479&rnd=732806&iiqidtype=2&iiqpcid=41f40a14-3997-4d29-8f22-0819d7a37eca&iiqpciddate=1686180959626&tsr...
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=793790479&rnd=732806&iiqidtype=2&iiqpcid=41f40a14-3997-4d29-8f22-0819d7a37eca&iiqpciddate=1686180959626&tsrnd=604_1686180959628&fbp=1120628898&vrref=https%3A%2F%2Fwww.themarysue.com%2F&jsver=5.09&ckls=true&ci=NGqRdLD0mE&nc=false&trid=1235055317
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
54.192.18.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-18-66.hkg62.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:01 GMT
via
1.1 0fb19d5f326a219e83b7a2975900484e.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
HKG62-C2
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
ba_yGcBW3pzjdMGMHZAu-N8W-m_9b2pQ05iCIHIGj2sEUbRte5ovrQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:00 GMT
via
1.1 0fb19d5f326a219e83b7a2975900484e.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
HKG62-C2
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=793790479&rnd=732806&iiqidtype=2&iiqpcid=41f40a14-3997-4d29-8f22-0819d7a37eca&iiqpciddate=1686180959626&tsrnd=604_1686180959628&fbp=1120628898&vrref=https%3A%2F%2Fwww.themarysue.com%2F&jsver=5.09&ckls=true&ci=NGqRdLD0mE&nc=false&trid=1235055317
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
patent
https://www.almondnet.com/ip
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
A07XlVZRdvz-QGBiGTqrW-2UhKoRQf9uQB7ZFyHR9I9NuzU2P_xmrQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT
integrator.js
adservice.google.com.au/adsid/ 		107 B
166 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=www.themarysue.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.188.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tk-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:35:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
166 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.themarysue.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.23.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tg-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:35:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		26 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=798598736179353&correlator=1678853765788472&eid=31075123&output=ldjh&gdfp_req=1&vrg=202306010101&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&iu_parts=15184186%3A143457427%2Cthemarysuecom_sticky_footer&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1%7C728x90&ifi=2&adks=422699176&didk=3873984756&sfv=1-0-40&prev_scp=fsrefresh%3D0%26fsrebid%3D0%26floors_id%3Db9ab1f%26floors_hour%3D23%26fs_placementName%3Dthemarysuecom_sticky_footer%26fs_ad_product%3DstickyFooter%26fsbid%3Dtimeout&eri=1&cust_params=fs_session_id%3Deac238a2-c3cf-4012-b74f-202f249204cd%26fs_pageview_id%3D467c09e737c428e12e34396bcf246b30%26user-agent%3DChrome%26fs_used_optimise%3Dtrue%26floors_user%3D1%26floors_rtt%3D168%26fs_clientservermask%3D02011313222223220122%26fs_testgroup%3Doptimised&sc=1&cookie=ID%3D9372269f8aff243a-22b402b1d6e10025%3AT%3D1686180955%3ART%3D1686180955%3AS%3DALNI_MZEC4oGgdvfpuZbQtiJ291Z7Cd_1A&gpic=UID%3D00000c454dcfe687%3AT%3D1686180955%3ART%3D1686180955%3AS%3DALNI_MYF8Gt8GeVMjgxLKZo4mtkGhzLZqA&abxe=1&dt=1686180959756&lmt=1686180959&dlt=1686180944291&idt=13428&adxs=236&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.themarysue.com%2F&frm=20&vis=1&psz=1200x-1&msz=1200x-1&fws=512&ohw=0&ga_vid=2003950130.1686180950&ga_sid=1686180954&ga_hid=552143194&ga_fc=true&a3p=EhsKDGlkNS1zeW5jLmNvbRiJp97BiTFIAFICCGQSHAoNY3J3ZGNudHJsLm5ldBiJp97BiTFIAFICCGQSGQoKcHViY2lkLm9yZxiJp97BiTFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20YiafewYkxSABSAghkEhcKCHJ0YmhvdXNlGImn3sGJMUgAUgIIZBIUCgVvcGVueBiJp97BiTFIAFICCGQ.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.8.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tb-in-f157.1e100.net
Software
cafe /
Resource Hash
d7ebad1eec9e3f68ff5bf627aef8e75b74f7507fa08154a9725de5836add2a69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:36:00 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11266
x-xss-protection
0
google-lineitem-id
6296037975
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138432391344
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.themarysue.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 540D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.203.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
th-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themarysue.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 07 Jun 2023 23:36:00 GMT
expires
Thu, 06 Jun 2024 23:36:00 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		298 KB
56 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=798598736179353&correlator=1678853765788472&eid=31075123&output=ldjh&gdfp_req=1&vrg=202306010101&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&iu_parts=15184186%3A143457427%2Cthemarysuecom_skin%2Cthemarysuecom_right_sidebar_atf_sticky%2Cthemarysuecom_right_sidebar_btf_sticky&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F3&prev_iu_szs=1x1%2C300x250%7C336x280%7C300x300%2C120x200%7C200x200%7C300x200%7C250x250%7C300x250%7C336x280%7C300x300%7C300x333%7C250x360%7C120x400%7C240x400%7C300x400%7C300x420%7C120x600%7C160x600%7C300x600%2C120x200%7C200x200%7C300x200%7C250x250%7C300x250%7C336x280%7C300x300%7C300x333%7C250x360%7C120x400%7C240x400%7C300x400%7C300x420%7C120x600%7C160x600%7C300x600&ifi=3&adks=2435532307%2C4184723219%2C1053054902%2C1053054901&didk=2056009102~1495197391~3190893338~3190893339&sfv=1-0-40&prev_scp=fsrefresh%3D0%26fsrebid%3D0%26floors_id%3D2d5a0b%26floors_hour%3D23%26fs_placementName%3Dthemarysuecom_skin%26fs_ad_product%3Dbanner%26fsbid%3Dtimeout%7Cfsrefresh%3D0%26fsrebid%3D0%26floors_id%3D925169%26floors_hour%3D23%26fs_placementName%3Dthemarysuecom_right_sidebar_atf_sticky%26fs_ad_product%3Dbanner%26fsbid%3Dtimeout%7Cfsrefresh%3D0%26fsrebid%3D0%26floors_id%3Db9ab1f%26floors_hour%3D23%26fs_placementName%3Dthemarysuecom_right_sidebar_btf_sticky%26fs_ad_product%3Dbanner%26fsbid%3Dtimeout%7Cfsrefresh%3D0%26fsrebid%3D0%26floors_id%3Db9ab1f%26floors_hour%3D23%26fs_placementName%3Dthemarysuecom_right_sidebar_btf_sticky%26fs_ad_product%3Dbanner%26fsbid%3Dtimeout&eri=1&cust_params=fs_session_id%3Deac238a2-c3cf-4012-b74f-202f249204cd%26fs_pageview_id%3D467c09e737c428e12e34396bcf246b30%26user-agent%3DChrome%26fs_used_optimise%3Dtrue%26floors_user%3D1%26floors_rtt%3D168%26fs_clientservermask%3D02011313222223220122%26fs_testgroup%3Doptimised&sc=1&cookie=ID%3D9372269f8aff243a-22b402b1d6e10025%3AT%3D1686180955%3ART%3D1686180955%3AS%3DALNI_MZEC4oGgdvfpuZbQtiJ291Z7Cd_1A&gpic=UID%3D00000c454dcfe687%3AT%3D1686180955%3ART%3D1686180955%3AS%3DALNI_MYF8Gt8GeVMjgxLKZo4mtkGhzLZqA&abxe=1&dt=1686180959784&lmt=1686180959&dlt=1686180944291&idt=13428&adxs=0%2C1035%2C1130%2C1130&adys=109%2C129%2C1367%2C5165&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C1%7C2&ucis=2%7C3%7C4%7C5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.themarysue.com%2F&frm=20&vis=1&psz=1600x8091%7C300x300%7C120x200%7C120x200&msz=1600x0%7C300x300%7C120x200%7C120x200&fws=0%2C512%2C512%2C512&ohw=0%2C0%2C0%2C0&ga_vid=2003950130.1686180950&ga_sid=1686180954&ga_hid=552143194&ga_fc=true&a3p=EhsKDGlkNS1zeW5jLmNvbRiJp97BiTFIAFICCGQSHAoNY3J3ZGNudHJsLm5ldBiJp97BiTFIAFICCGQSGQoKcHViY2lkLm9yZxiJp97BiTFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20YiafewYkxSABSAghkEhcKCHJ0YmhvdXNlGImn3sGJMUgAUgIIZBIUCgVvcGVueBiJp97BiTFIAFICCGQ.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.8.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tb-in-f157.1e100.net
Software
cafe /
Resource Hash
1f8811e68087a164af866abf95ab58e46f1994a531fdd1436c3c6719af9d52c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:36:00 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56740
x-xss-protection
0
google-lineitem-id
-2,-1,-1,6313162928
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-1,-1,138434979529
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.themarysue.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
c
c.pub.network/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.themarysue.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.themarysue.com
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Wed, 07 Jun 2023 23:36:00 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
via
1.1 google
c
c.pub.network/v2/ 		36 B
53 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/analytics/1.1.1/analytics.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
8062317f6f2f91e260868f04ff72ca4a157a0205e9d15d4a89ef6885ab85f313

Request headers

Referer
https://www.themarysue.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 07 Jun 2023 23:36:00 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://www.themarysue.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
log
qsearch-a.akamaihd.net/ 		35 B
381 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=projectevents&project=prebid&acid=735e5b27-2825-48fb-a3b6-4bd43c7e1c7d&cid=8CUJ8GUQF&crid=315461417&adunit_count=1&dn=www.themarysue.com&requrl=https://www.themarysue.com/&istop=true&event=client_timeout&value=1&rd=634
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.216 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 07 Jun 2023 23:36:15 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Server-Timing
ak_p; desc="1686180975471_711167188_44483814_13_455_333_338_-";dur=1
Content-Length
35
Expires
Wed, 07 Jun 2023 23:36:15 GMT
auction
s2s.t13.io/openrtb2/ 		1 KB
545 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s2s.t13.io/openrtb2/auction
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
5389ea3f0c269b93f5d776f5ac7a1d405cff280ac626112f1b5ab57e1a2c7cee

Request headers

Referer
https://www.themarysue.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:00 GMT
content-encoding
gzip
via
1.1 google
x-prebid
pbs-java/1.114.0
content-type
application/json
access-control-allow-origin
https://www.themarysue.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
466
expires
0
auction
tlx.3lift.com/header/ 		0
0
bid
ap.lijit.com/rtb/ 		0
0
pbjs
htlb.casalemedia.com/openrtb/ 		0
0
imp
g2.gumgum.com/hbid/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1686180959912&to=0&aun=themarysuecom_right_sidebar_atf_sticky&hadronId=060d6eg8cahecdaclh6fk8gkl7cfebkiil8k0mq4iesmikei0s0oy4qy02iomgyuu&pubcid=7496775f-fce7-45f3-a89d-75ac79907d07&gpid=%2F15184186%2Fthemarysuecom_right_sidebar_atf_sticky%2Fthemarysuecom_right_sidebar_atf_sticky&maxw=336&maxh=280&si=14285&pi=3&bf=336x280%2C300x250&uspConsent=1---&schain=1.0%2C1!freestar.com%2C1570%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.themarysue.com%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.48.0%22%7D&ogu=https%3A%2F%2Fwww.themarysue.com%2F&ns=10240
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.198.69.30 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-198-69-30.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
513aa90db2d234ffd44cc6e4c013b0d8330bfd9d9ce5ea4209f78f354dc1ae9a

Request headers

Referer
https://www.themarysue.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:00 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.themarysue.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1686180959912&to=0&aun=themarysuecom_right_sidebar_btf_sticky_2&hadronId=060d6eg8cahecdaclh6fk8gkl7cfebkiil8k0mq4iesmikei0s0oy4qy02iomgyuu&pubcid=7496775f-fce7-45f3-a89d-75ac79907d07&gpid=%2F15184186%2Fthemarysuecom_right_sidebar_btf_sticky%2Fthemarysuecom_right_sidebar_btf_sticky_2&maxw=300&maxh=600&si=14286&pi=3&bf=300x600%2C160x600%2C120x600%2C336x280%2C300x250&uspConsent=1---&schain=1.0%2C1!freestar.com%2C1570%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.themarysue.com%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.48.0%22%7D&ogu=https%3A%2F%2Fwww.themarysue.com%2F&ns=10240
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.198.69.30 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-198-69-30.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
102cf10f68199a2015a7df02a3572d9ceed53e9b4cbc59f64e01b7eb036ca161

Request headers

Referer
https://www.themarysue.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:00 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.themarysue.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		0
0
imp
g2.gumgum.com/hbid/ 		0
0
imp
g2.gumgum.com/hbid/ 		1 KB
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1686180959912&to=0&aun=themarysuecom_right_sidebar_btf_sticky_3&hadronId=060d6eg8cahecdaclh6fk8gkl7cfebkiil8k0mq4iesmikei0s0oy4qy02iomgyuu&pubcid=7496775f-fce7-45f3-a89d-75ac79907d07&gpid=%2F15184186%2Fthemarysuecom_right_sidebar_btf_sticky%2Fthemarysuecom_right_sidebar_btf_sticky_3&maxw=300&maxh=600&si=14286&pi=3&bf=300x600%2C160x600%2C120x600%2C336x280%2C300x250&uspConsent=1---&schain=1.0%2C1!freestar.com%2C1570%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.themarysue.com%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.48.0%22%7D&ogu=https%3A%2F%2Fwww.themarysue.com%2F&ns=10240
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.198.69.30 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-198-69-30.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Referer
https://www.themarysue.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:00 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.themarysue.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		0
0
imp
g2.gumgum.com/hbid/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1686180959912&to=0&aun=themarysuecom_right_sidebar_btf_sticky_3&hadronId=060d6eg8cahecdaclh6fk8gkl7cfebkiil8k0mq4iesmikei0s0oy4qy02iomgyuu&pubcid=7496775f-fce7-45f3-a89d-75ac79907d07&gpid=%2F15184186%2Fthemarysuecom_right_sidebar_btf_sticky%2Fthemarysuecom_right_sidebar_btf_sticky_3&maxw=300&maxh=600&si=14290&pi=3&bf=300x600%2C160x600%2C120x600%2C336x280%2C300x250&uspConsent=1---&schain=1.0%2C1!freestar.com%2C1570%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.themarysue.com%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.48.0%22%7D&ogu=https%3A%2F%2Fwww.themarysue.com%2F&ns=10240
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.198.69.30 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-198-69-30.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
748a13abf546345cb680e9cb28c67c028d2d8be6a16c1d585538700daf2a9f77

Request headers

Referer
https://www.themarysue.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:00 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.themarysue.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
translator
hbopenbid.pubmatic.com/ 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.78 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
9046bb9a490adba8200cb041da51eecb1354ceda4435f0a112e33a341bdec6a5

Request headers

Referer
https://www.themarysue.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.themarysue.com
date
Wed, 07 Jun 2023 23:36:00 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-openrtb-version
2.3
content-encoding
gzip
content-type
application/json
trinity.json
apex.go.sonobi.com/ 		566 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22123fc03573ec132d%22%3A%221374b2b838cb3c97488f%7C336x280%2C300x250%7Cgpid%3D%2F15184186%2Fthemarysuecom_right_sidebar_atf_sticky%2Fthemarysuecom_right_sidebar_atf_sticky%2Cc%3Dd%2C%22%2C%22124f0a8029f0b6e5%22%3A%221374b2b838cb3c97488f%7C300x600%2C160x600%2C120x600%2C336x280%2C300x250%7Cgpid%3D%2F15184186%2Fthemarysuecom_right_sidebar_btf_sticky%2Fthemarysuecom_right_sidebar_btf_sticky_2%2Cc%3Dd%2C%22%2C%22125e9930fca70b8%22%3A%221374b2b838cb3c97488f%7C300x600%2C160x600%2C120x600%2C336x280%2C300x250%7Cgpid%3D%2F15184186%2Fthemarysuecom_right_sidebar_btf_sticky%2Fthemarysuecom_right_sidebar_btf_sticky_3%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.themarysue.com%2F&s=349424e1-a19b-436c-8cd7-223ae4744f8a&pv=3558df74-659d-4461-9f12-5310c0f8b4ae&vp=desktop&lib_name=prebid&lib_v=7.48.0&us=3&iqid=null&fpd=%7B%22site%22%3A%7B%22domain%22%3A%22themarysue.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22themarysue.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.themarysue.com%2F%22%2C%22name%22%3A%22themarysue-com%22%2C%22cat%22%3A%5B%5D%2C%22sectioncat%22%3A%5B%5D%2C%22pagecat%22%3A%5B%5D%2C%22ref%22%3A%22%22%2C%22content%22%3A%7B%22data%22%3A%5B%7B%22name%22%3A%22www.freestar.com%22%2C%22ext%22%3A%7B%22taxonomyname%22%3A%22iab_content_taxonomy%22%7D%2C%22segment%22%3A%5B%5D%7D%5D%7D%2C%22ext%22%3A%7B%22data%22%3A%7B%22fs_optimized%22%3Afalse%7D%7D%7D%2C%22user%22%3A%7B%22id%22%3A%22ae62389e-2fe2-4349-92fc-8445510c89e2%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F114.0.5735.106%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22geo%22%3A%7B%22region%22%3A%22NSW%22%2C%22country%22%3A%22AU%22%2C%22ext%22%3A%7B%7D%7D%2C%22devicetype%22%3A2%2C%22make%22%3A%22%22%2C%22model%22%3A%22%22%2C%22os%22%3A%22Windows%22%2C%22osv%22%3A%2210%22%7D%2C%22geo%22%3A%7B%22region%22%3A%22NSW%22%2C%22country%22%3A%22AU%22%2C%22ext%22%3A%7B%7D%7D%2C%22ext%22%3A%7B%22prebid%22%3A%7B%22storedrequest%22%3A%7B%22id%22%3A%22f20a6258-ed38-48d5-9cef-ec48c9438341%22%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.com%22%2C%22sid%22%3A%221570%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22audigent.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22060d6eg8cahecdaclh6fk8gkl7cfebkiil8k0mq4iesmikei0s0oy4qy02iomgyuu%22%2C%22atype%22%3A1%7D%5D%7D%2C%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%227496775f-fce7-45f3-a89d-75ac79907d07%22%2C%22atype%22%3A1%7D%5D%7D%5D&us_privacy=1---&coppa=0
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.34.250.77 Beaumont, United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
37cec64dd5d422626abbd488519396484861135408333052edd5bb54b42c6e2c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.themarysue.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 07 Jun 2023 23:36:00 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-lax-1-5-83
Content-Type
application/json
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://www.themarysue.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Length
383
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
prebid
prebid.media.net/rtb/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUJ8GUQF
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
1a74a25207b1bd5b449f7215397c1f62f232047e55c489220ab379c3a4fbcf20

Request headers

Referer
https://www.themarysue.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:00 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.themarysue.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
131
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 07 Jun 2023 23:36:00 GMT
cdb
bidder.criteo.com/ 		0
0
hbjson
grid.bidswitch.net/ 		25 B
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.117.18 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
18.117.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
0574bfc6752d1e08fa45ab016bd2ed8a1dd4dc7625ee6f93f993f256d8534d4d

Request headers

Referer
https://www.themarysue.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 07 Jun 2023 23:36:00 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.themarysue.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
50
v1
btlr.sharethrough.com/universal/ 		0
0
v1
btlr.sharethrough.com/universal/ 		0
0
v1
btlr.sharethrough.com/universal/ 		0
0
v1
btlr.sharethrough.com/universal/ 		0
0
v1
btlr.sharethrough.com/universal/ 		0
0
v1
btlr.sharethrough.com/universal/ 		0
0
v1
btlr.sharethrough.com/universal/ 		0
0
v1
btlr.sharethrough.com/universal/ 		0
0
v1
btlr.sharethrough.com/universal/ 		0
0
v1
btlr.sharethrough.com/universal/ 		0
0
v1
btlr.sharethrough.com/universal/ 		0
0
v1
btlr.sharethrough.com/universal/ 		0
0
prebid
ib.adnxs.com/ut/v3/ 		0
0
setuid
s2s.t13.io/
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-triple13&gdpr=&gdpr_consent=&us_privacy=1---
  • https://s2s.t13.io/setuid?bidder=rubicon&uid=LIMCLUXN-28-LG0C&us_privacy=1---
86 B
115 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2s.t13.io/setuid?bidder=rubicon&uid=LIMCLUXN-28-LG0C&us_privacy=1---
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:15 GMT
content-encoding
gzip
via
1.1 google
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s2s.t13.io/setuid?bidder=rubicon&uid=LIMCLUXN-28-LG0C&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
38ddff6a66d3988dfd0c6ea3be81c5f1
Expires
0
publishertag.prebid.135.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.135.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:36:15 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 24 Feb 2023 07:57:32 GMT
server
nginx
etag
W/"63f86dec-16386"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 08 Jun 2023 23:36:15 GMT
collect
v.clarity.ms/ 		0
298 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.8/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.189.135 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.themarysue.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.themarysue.com
Date
Wed, 07 Jun 2023 23:36:00 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
view
securepubads.g.doubleclick.net/pcs/ Frame 1623 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssvt8CAFLHl_OO2LQiVD_OkLFY41Rf1UUBqATYkoLQ0sIpytdhnRdbZ2duSNg27WLuxuFpNNXrUyFtJRYzsPHJR4MAe2AzSrhKNzn-_6pdwzgetJZDlm2oA1ktcsWBbKdO12tgCrEZ7jkt1nwTYFqNF18QMojFDkrnvIEW0W-_-99BshkLilDjrnpvDwNPKvA_djw5Zmt_w3_UOpISLCFGyUeFf6YSZJvRO-QWmRNPGMJsYqLzgi6ghh3NXcZNNyyiL4_urAIS1_Q3KqJomTR8G_8s0vWC9KkbFO4_wGelMg4gL710880JoPJGe_KNe1HMVPcv_mV6CYTd-Bbv6H3RPQapPi9AVU5jDaI6M2XZm52-KQdsUOg&sai=AMfl-YQOWHJG3CMIwXInfE_vLWFyfKs7K68ISnBkKnElWuI_d_qHjSX7fw-0kqjZ8lb11ivVUpH_GN1eX6bevkvffPVbp4iUx7wBPCdA2YWfiW01WK0mJh7d6F63P557Gfs&sig=Cg0ArKJSzNyKInF_Bb-FEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.8.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tb-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:36:00 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
infolinks_main.js
resources.infolinks.com/js/ Frame 1623 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/infolinks_main.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57ba1eaad0ead52d21b87c96d6e6068dd411de7f25644fde41bc9cec67fb36df

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:36:01 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 07 Jun 2023 12:04:11 GMT
server
cloudflare
age
12537
etag
W/"ed3-5fd88ef0c9257"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
7d3cb6feec85a826-SYD
expires
Wed, 07 Jun 2023 21:07:04 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1623 		173 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.203.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
th-in-f155.1e100.net
Software
sffe /
Resource Hash
c61b54fb4bbf7083918be7066e50126d1a95e56ccc9be9fafd69deb50ac7424b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:36:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55245
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1685965250302189"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 Jun 2023 23:36:00 GMT
cm
u.openx.net/w/1.0/ Frame A7F6
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdp...
  • https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%...
678 B
706 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
f67f8989c56fc2fe1f221784c33790994da31783ed55ac3790f5b92c54dca78f

Request headers

Referer
https://www.themarysue.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
411
content-type
text/html
date
Wed, 07 Jun 2023 23:36:01 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Wed, 07 Jun 2023 23:36:01 GMT
location
https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
via
1.1 google
floors
api.floors.dev/sgw/v1/ 		180 B
201 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.floors.dev/sgw/v1/floors
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/aad127a7a07479f79ad2ca704a251a5d6f32cb6d/pubfig.engine.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.128.112 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
112.128.160.34.bc.googleusercontent.com
Software
/
Resource Hash
f9fc63faae946021e5297a1ca959ec9657ecf0040160143eeb1eeff07aedc3ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload;

Request headers

Referer
https://www.themarysue.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
x-api-key
4e799501-b8b6-4ef1-bad5-225b3dd1aa8d
Content-Type
application/json

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:01 GMT
strict-transport-security
max-age=31536000;includeSubDomains;preload;
via
1.1 google
access-control-max-age
3600
access-control-allow-methods
ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
content-type
application/json
access-control-allow-origin
https://www.themarysue.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
floors
api.floors.dev/sgw/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.floors.dev/sgw/v1/floors
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.128.112 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
112.128.160.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-api-key
Access-Control-Request-Method
POST
Origin
https://www.themarysue.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key
access-control-allow-methods
ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
access-control-allow-origin
https://www.themarysue.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
date
Wed, 07 Jun 2023 23:36:01 GMT
expires
0
pragma
no-cache
strict-transport-security
max-age=31536000;includeSubDomains;preload;
via
1.1 google
container.html
f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0153 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.203.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
th-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themarysue.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 07 Jun 2023 23:36:00 GMT
expires
Thu, 06 Jun 2024 23:36:00 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CAA0 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.203.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
th-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themarysue.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 07 Jun 2023 23:36:00 GMT
expires
Thu, 06 Jun 2024 23:36:00 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 9524 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssi33D64S14sveGbKucNfeD0UPRvgPPbHCG8skM6DFmV2Oy61LL13NpGdt5OAca4Z2PI3nlVmu-iOMv-NlGnKqJ_3FCLObDXIMqoqj9R3A1_FPHww6811-gfJxzClAtFCBxuQSkQbkrvmcd8Wjs0bizQ38mgy-HUd-megCNKPqqfnaE7HPx5lunuVBCJWQqFDGNNlMwGQOFWJl2VI5uDaZ-iS5eaDmLjOABLRaV1KrAc52uEXcwut7BWMKVi0Q39qP2amSx_3XuLLWuQIrth6i7MCzpBt7yYG1w-90Ka5H5oF-QzZz5kHdEsd3nNfYoQCmSxB4DND6CNziJlePHl_IXFhKqn0DbPIKc1oDwXtPwfyjA&sai=AMfl-YRVQeD2RbmFtFAFAWI0lV30MoKR_Mbronvqn0ypgWx0zd0QyHkGyr2rUVfaoAxhgwKjfels3L_O-BkJ322Qqge8-PSA3OY3zR-Z1zp0GivfWp3zlAUFVHgUYVXW-CU&sig=Cg0ArKJSzJoE4s22nobVEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.8.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tb-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:36:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 9524 		136 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9356934496955375
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.177.97.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tm-in-f154.1e100.net
Software
cafe /
Resource Hash
29d5eaa5e682bd83e5be4a891ad375e8fe81430bc624e1781e8b0e18c0d71f84
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themarysue.com/
Origin
https://www.themarysue.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:36:16 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47331
x-xss-protection
0
server
cafe
etag
1260789246061087162
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 07 Jun 2023 23:36:16 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9524 		173 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.203.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
th-in-f155.1e100.net
Software
sffe /
Resource Hash
c61b54fb4bbf7083918be7066e50126d1a95e56ccc9be9fafd69deb50ac7424b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:36:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55245
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1685965250302189"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 Jun 2023 23:36:01 GMT
css
fonts.googleapis.com/ 		2 KB
994 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto&display=swap
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D30362D30385F30327D7B7331373136373735357D7B4337377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583639307D7B593339307D7B66317D7B4C31333130317DFEFE&userIpAddr=66.203.112.162&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F114.0.5735.106+Safari%2F537.36&debugInformation=&isWePassGdpr=1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1686180955&csuuid=648114579bd51&debugInfo=17167755_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17167755&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed3559vwzxpmkh&secondaryContent=&x=690&y=390&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=350&flow_height=197&videoType=flow&gdpr=0&gdprConsent=&contentFeedId=&geoLati=-33&geoLong=146&vpTemplate=13101&flowMode=seenboth&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=&appName=&appBundleId=https%3A%2F%2Fwww.themarysue.com%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.23.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tg-in-f95.1e100.net
Software
ESF /
Resource Hash
c87b7f745cfb4a994801488584e6e0e78d6c4f0ad567e985a781fc0b86074724
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 07 Jun 2023 23:36:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 07 Jun 2023 23:14:31 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 07 Jun 2023 23:36:02 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C2C5 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D30362D30385F30327D7B7331373136373735357D7B4337377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583639307D7B593339307D7B66317D7B4C31333130317DFEFE&userIpAddr=66.203.112.162&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F114.0.5735.106+Safari%2F537.36&debugInformation=&isWePassGdpr=1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1686180955&csuuid=648114579bd51&debugInfo=17167755_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17167755&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed3559vwzxpmkh&secondaryContent=&x=690&y=390&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=350&flow_height=197&videoType=flow&gdpr=0&gdprConsent=&contentFeedId=&geoLati=-33&geoLong=146&vpTemplate=13101&flowMode=seenboth&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=&appName=&appBundleId=https%3A%2F%2Fwww.themarysue.com%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.65.228.208 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-65-228-208.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.themarysue.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=45537
content-encoding
gzip
content-length
5554
content-type
text/html
date
Wed, 07 Jun 2023 23:36:02 GMT
expires
Thu, 08 Jun 2023 12:14:59 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
server-timing
ak_p; desc="1686180961723_390796573_64045101_12_358_331_335_255";dur=1
vary
Accept-Encoding
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame B1DD
Redirect Chain
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26gdpr%3D0%26gdpr_consent%3D%26adv...
  • https://u.openx.net/w/1.0/cm?cc=1&gdpr=0&gdpr_consent=&id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26gdpr%3D0%26gdpr_consent%3D%...
  • https://live.primis.tech/live/liveCS.php?source=external&gdpr=0&gdpr_consent=&advId=98&advUuid=c7f087b7-6918-4e83-b578-a443672461e3
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1486637409&pcid=c7f087b7-6918-4e83-b578-a443672461e3
43 B
978 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1486637409&pcid=c7f087b7-6918-4e83-b578-a443672461e3
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D30362D30385F30327D7B7331373136373735357D7B4337377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583639307D7B593339307D7B66317D7B4C31333130317DFEFE&userIpAddr=66.203.112.162&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F114.0.5735.106+Safari%2F537.36&debugInformation=&isWePassGdpr=1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1686180955&csuuid=648114579bd51&debugInfo=17167755_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17167755&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed3559vwzxpmkh&secondaryContent=&x=690&y=390&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=350&flow_height=197&videoType=flow&gdpr=0&gdprConsent=&contentFeedId=&geoLati=-33&geoLong=146&vpTemplate=13101&flowMode=seenboth&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=&appName=&appBundleId=https%3A%2F%2Fwww.themarysue.com%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.18.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-18-66.hkg62.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Referer
https://www.themarysue.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
date
Wed, 07 Jun 2023 23:36:02 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 0fb19d5f326a219e83b7a2975900484e.cloudfront.net (CloudFront)
x-amz-cf-id
aRMytMZzcf5o7NvQbZ1R3TrPy5DPF9xkKeWFyMhZ5D4LFS6QtydP6Q==
x-amz-cf-pop
HKG62-C2
x-cache
Miss from cloudfront

Redirect headers

age
0
cache-control
no-store
content-type
text/html; charset=utf-8
date
Wed, 07 Jun 2023 23:36:01 GMT
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1486637409&pcid=c7f087b7-6918-4e83-b578-a443672461e3
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
pragma
no-cache
server
nginx
via
1.1 52c5ddb029eae46cd9dad0cfd50b5b8e.cloudfront.net (CloudFront)
x-amz-cf-id
qyvbAKqT8Gf6QJP3x2o6tTycc8lIQa5xSWoW3pB_KXC6jzoi93naVQ==
x-amz-cf-pop
HKG54-C1
x-cache
Miss from cloudfront
liveView.php
live.primis.tech/live/ Frame 525D 		84 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMwMyMxZ2nWRyolUlRaVmZXJmJTJGo3JcZ2yhJTJGMwxlNwpyMxZ2nWRyo181ZwJuNmU2ZzVxODQjMwp1MTU1NmIkJTJGqzyxNwI1NDuzY2Y0YwU3YwElMmQlMDY1OS5gpDQyM0Z0o2fyM0Ryq29aSUNBZ0ygRaNnrUx2SUNKSVV6STFOnUymQ2yBZ0yDQWyxSGk3SWciZ0yepFuWQ0yLZyEhZXqiZ0yDQWqJoWk6Y3yJNxyDSyFwoWk0YVuNnUkBo2qJQ0FaSW5OMVycSTZJQ0y2ZFuCp2IlRzgwrTydYzcJrxjmWaBnR1Z2TDNWrycYSacMMwy5YVqxpGJcOHyPVExlTax5MzFXUzkvMTtkWzcKnE56VTJnoVZeT0RRq01dYmFNVFUkTacJrEjmWaBnRFy5TyRRNFcgTz1OR0xkTwJJrE1dTTBNnxElTyReqWJYQTBJnXqLSUNBZ0yDSaVZoVycT2yBrE5dZmJNVGN4TzcBq0kBo2qJQ0FaSW1WNGNDSTZJREUlT0RZrx5dZ3cOREFLZyEhraIkS0ZlZGElqzcZpmBmNEF6YyyIQwA0ZHc3X3qETHtlQTFQUWqxVFukSSZ2nWRsY29hqGVhqF9cZD0lMTY1NmYjJaZcZF9wo250ZW50X2Ryp2M9VG9jKmEjK0Jyp3QeQWN0nW5aK1BypzZipz1uozNyplgvrSgUZWVhYWqypaMzqzyxX2NioaRyoaRsqGy0oGU9VG9jKmEjK0Jyp3QeQWN0nW5aK1BypzZipz1uozNyplgvrSgUZWVhYWqypaMzqzyxX2NioaRyoaRsZHVlYXRco249ODp3JaBfYWNyoWVhqFN0pzVuoVR5pGU9MSZxZWJ1Z0yhZz9loWF0nW9hPSZjoGF5oGymqEyxPTEmNwU3Jat9MmAjJax9MTY5JaB1YyVloD1bqHRjplUmQSUlRvUlRaq3ql50nGVgYXJ5p3VyLzNioSUlRvZlnT02QmY5NmY2NTUmNmQ2MTp0NmM3QmpmNxImMTqCNTQmMDqEN0I2NDMlMmAmMwMmMxQmMDM2MxQmMDM4NUYmMDMlN0Q3QwpmMmEmNmMkMmYmNmM3MmUmNTqEN0I0MmM3Mmp3RDqCNTM2NDMmNwQmMmRDNxU1MwZGNUE1NmMkNwt2MmZFNxM3QTY0NTp1NTp1NTxmMwM5NmQ3RDqCNwI2MmY4NmI2RwZENwU3RDqCNmE2NDY1NmM2Qwp0NxY3MDqEN0I2Rwp3Nwx2RTY0NxY3NmpmN0Q3QwU4MmYmOTMjN0Q3QwU5MmMmOTMjN0Q3QwY2MmE3RDqCNEMmMTMmMmEmMDMkN0RGRUZFJzFjpE5uoWU9JzymQXBjPTAzYXBjSWQ9JzRcYWyxPSZupHBCqW5xoGVJZD1bqHRjplUmQSUlRvUlRaq3ql50nGVgYXJ5p3VyLzNioSUlRvZupHBTqG9lZVVloD0zYXBjUHJcqzFwrVBioGywrT0zYXBjSXNQYWyxPSZupHBWZXJmnW9hPSZmZGg2PSZupHBEZXZyoG9jZXI9Jzqyo0kuqGx9LTMmJzqyo0kiozp9MTQ2JaVmZXJJpEFxZHI9NwYhMwAmLwEkMv4kNwIzqXNypyVBPU1irzyfoGEyMxY1LwAeJTI4V2yhZG93plgOVCfkMC4jJTNCK1qcowY0JTNCK3t2NCUlOSgBpHBfZVqyYxgcqCUlRwUmNl4mNvfyMwuLSFRNTCUlQlgfnWgyK0qyY2giJTI5K0Nbpz9gZSUlRwEkNC4jLwU3MmUhMTA2K1NuZzFlnSUlRwUmNl4mNvZjoGF5ZXJBpGyJZD1jpzygnXNQoGF5ZXIzYXZunWkDYW1jYWyaoaM9JzymQXBjSaM9MCZwp3V1nWQ9NwQ4MTE0NTp5YzQ1MSZwYaVmqGVlPTE2ODYkODA5NwEkOTM=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D30362D30385F30327D7B7331373136373735357D7B4337377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583639307D7B593339307D7B66317D7B4C31333130317DFEFE&userIpAddr=66.203.112.162&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F114.0.5735.106+Safari%2F537.36&debugInformation=&isWePassGdpr=1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1686180955&csuuid=648114579bd51&debugInfo=17167755_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17167755&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed3559vwzxpmkh&secondaryContent=&x=690&y=390&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=350&flow_height=197&videoType=flow&gdpr=0&gdprConsent=&contentFeedId=&geoLati=-33&geoLong=146&vpTemplate=13101&flowMode=seenboth&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=&appName=&appBundleId=https%3A%2F%2Fwww.themarysue.com%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.167.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-167-7.hkg54.r.cloudfront.net
Software
nginx /
Resource Hash
8764cc83174a49899d0059393a7cb7514c20ceff2f2ab65e899c15bf14e12cfe

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:00 GMT
content-encoding
gzip
via
1.1 52c5ddb029eae46cd9dad0cfd50b5b8e.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
HKG54-C1
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://www.themarysue.com
content-type
application/json; charset=utf-8
cache-control
no-store
access-control-allow-credentials
true
content-length
9525
x-amz-cf-id
nK1pvov_u7jh2YJ5GFu4N_2eor9DgzDXQ7qnL3WZaTuWwlx8X_x8JA==
liveView.php
live.primis.tech/live/ Frame 525D 		68 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0jJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMwMyMxZ2nWRyolUlRaVmZXJmJTJGo3JcZ2yhJTJGMwxlNwpyMxZ2nWRyo181ZwJuNmU2ZzVxODQjMwp1MTU1NmIkJTJGqzyxNwI1NDuzY2Y0YwU3YwElMmQlMDY1OS5gpDQyM0Z0o2fyM0Ryq29aSUNBZ0ygRaNnrUx2SUNKSVV6STFOnUymQ2yBZ0yDQWyxSGk3SWciZ0yepFuWQ0yLZyEhZXqiZ0yDQWqJoWk6Y3yJNxyDSyFwoWk0YVuNnUkBo2qJQ0FaSW5OMVycSTZJQ0y2ZFuCp2IlRzgwrTydYzcJrxjmWaBnR1Z2TDNWrycYSacMMwy5YVqxpGJcOHyPVExlTax5MzFXUzkvMTtkWzcKnE56VTJnoVZeT0RRq01dYmFNVFUkTacJrEjmWaBnRFy5TyRRNFcgTz1OR0xkTwJJrE1dTTBNnxElTyReqWJYQTBJnXqLSUNBZ0yDSaVZoVycT2yBrE5dZmJNVGN4TzcBq0kBo2qJQ0FaSW1WNGNDSTZJREUlT0RZrx5dZ3cOREFLZyEhraIkS0ZlZGElqzcZpmBmNEF6YyyIQwA0ZHc3X3qETHtlQTFQUWqxVFukSSZ2nWRsY29hqGVhqF9cZD0lMTY1NmYjJaZcZF9wo250ZW50X2Ryp2M9VG9jKmEjK0Jyp3QeQWN0nW5aK1BypzZipz1uozNyplgvrSgUZWVhYWqypaMzqzyxX2NioaRyoaRsqGy0oGU9VG9jKmEjK0Jyp3QeQWN0nW5aK1BypzZipz1uozNyplgvrSgUZWVhYWqypaMzqzyxX2NioaRyoaRsZHVlYXRco249ODp3JaBfYWNyoWVhqFN0pzVuoVR5pGU9MSZxZWJ1Z0yhZz9loWF0nW9hPSZjoGF5oGymqEyxPTEmNwU3Jat9MmAjJax9MTY5JaB1YyVloD1bqHRjplUmQSUlRvUlRaq3ql50nGVgYXJ5p3VyLzNioSUlRvZlnT02QmY5NmY2NTUmNmQ2MTp0NmM3QmpmNxImMTqCNTQmMDqEN0I2NDMlMmAmMwMmMxQmMDM2MxQmMDM4NUYmMDMlN0Q3QwpmMmEmNmMkMmYmNmM3MmUmNTqEN0I0MmM3Mmp3RDqCNTM2NDMmNwQmMmRDNxU1MwZGNUE1NmMkNwt2MmZFNxM3QTY0NTp1NTp1NTxmMwM5NmQ3RDqCNwI2MmY4NmI2RwZENwU3RDqCNmE2NDY1NmM2Qwp0NxY3MDqEN0I2Rwp3Nwx2RTY0NxY3NmpmN0Q3QwU4MmYmOTMjN0Q3QwU5MmMmOTMjN0Q3QwY2MmE3RDqCNEMmMTMmMmEmMDMkN0RGRUZFJzFjpE5uoWU9JzymQXBjPTAzYXBjSWQ9JzRcYWyxPSZupHBCqW5xoGVJZD1bqHRjplUmQSUlRvUlRaq3ql50nGVgYXJ5p3VyLzNioSUlRvZupHBTqG9lZVVloD0zYXBjUHJcqzFwrVBioGywrT0zYXBjSXNQYWyxPSZupHBWZXJmnW9hPSZmZGg2PSZupHBEZXZyoG9jZXI9Jzqyo0kuqGx9LTMmJzqyo0kiozp9MTQ2JaVmZXJJpEFxZHI9NwYhMwAmLwEkMv4kNwIzqXNypyVBPU1irzyfoGEyMxY1LwAeJTI4V2yhZG93plgOVCfkMC4jJTNCK1qcowY0JTNCK3t2NCUlOSgBpHBfZVqyYxgcqCUlRwUmNl4mNvfyMwuLSFRNTCUlQlgfnWgyK0qyY2giJTI5K0Nbpz9gZSUlRwEkNC4jLwU3MmUhMTA2K1NuZzFlnSUlRwUmNl4mNvZjoGF5ZXJBpGyJZD1jpzygnXNQoGF5ZXIzYXZunWkDYW1jYWyaoaM9JzymQXBjSaM9MCZwp3V1nWQ9NwQ4MTE0NTp5YzQ1MSZwYaVmqGVlPTE2ODYkODA5NwEkOTM=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D30362D30385F30327D7B7331373136373735357D7B4337377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583639307D7B593339307D7B66317D7B4C31333130317DFEFE&userIpAddr=66.203.112.162&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F114.0.5735.106+Safari%2F537.36&debugInformation=&isWePassGdpr=1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1686180955&csuuid=648114579bd51&debugInfo=17167755_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17167755&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed3559vwzxpmkh&secondaryContent=&x=690&y=390&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=350&flow_height=197&videoType=flow&gdpr=0&gdprConsent=&contentFeedId=&geoLati=-33&geoLong=146&vpTemplate=13101&flowMode=seenboth&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=&appName=&appBundleId=https%3A%2F%2Fwww.themarysue.com%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.167.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-167-7.hkg54.r.cloudfront.net
Software
nginx /
Resource Hash
377a07f62e2c691df4f852ed4faa53989b67d68b4b820efd25edf4ce120e6be0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:01 GMT
content-encoding
gzip
via
1.1 52c5ddb029eae46cd9dad0cfd50b5b8e.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
HKG54-C1
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://www.themarysue.com
content-type
application/json; charset=utf-8
cache-control
no-store
access-control-allow-credentials
true
content-length
8610
x-amz-cf-id
BawlMvYFkMoJZz2ZJkAyFcXDGi8sZpv1IrMJOSxKCt8CI3m3AymkUQ==
liveView.php
live.primis.tech/live/ Frame 525D 		94 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMwMyMxZ2nWRyolUlRaVmZXJmJTJGo3JcZ2yhJTJGMwxlNwpyMxZ2nWRyo181ZwJuNmU2ZzVxODQjMwp1MTU1NmIkJTJGqzyxNwI1NDuzY2Y0YwU3YwElMmQlMDY1OS5gpDQyM0Z0o2fyM0Ryq29aSUNBZ0ygRaNnrUx2SUNKSVV6STFOnUymQ2yBZ0yDQWyxSGk3SWciZ0yepFuWQ0yLZyEhZXqiZ0yDQWqJoWk6Y3yJNxyDSyFwoWk0YVuNnUkBo2qJQ0FaSW5OMVycSTZJQ0y2ZFuCp2IlRzgwrTydYzcJrxjmWaBnR1Z2TDNWrycYSacMMwy5YVqxpGJcOHyPVExlTax5MzFXUzkvMTtkWzcKnE56VTJnoVZeT0RRq01dYmFNVFUkTacJrEjmWaBnRFy5TyRRNFcgTz1OR0xkTwJJrE1dTTBNnxElTyReqWJYQTBJnXqLSUNBZ0yDSaVZoVycT2yBrE5dZmJNVGN4TzcBq0kBo2qJQ0FaSW1WNGNDSTZJREUlT0RZrx5dZ3cOREFLZyEhraIkS0ZlZGElqzcZpmBmNEF6YyyIQwA0ZHc3X3qETHtlQTFQUWqxVFukSSZ2nWRsY29hqGVhqF9cZD0lMTY1NmYjJaZcZF9wo250ZW50X2Ryp2M9VG9jKmEjK0Jyp3QeQWN0nW5aK1BypzZipz1uozNyplgvrSgUZWVhYWqypaMzqzyxX2NioaRyoaRsqGy0oGU9VG9jKmEjK0Jyp3QeQWN0nW5aK1BypzZipz1uozNyplgvrSgUZWVhYWqypaMzqzyxX2NioaRyoaRsZHVlYXRco249ODp3JaBfYWNyoWVhqFN0pzVuoVR5pGU9MlZxZWJ1Z0yhZz9loWF0nW9hPSZjoGF5oGymqEyxPTEmNwU3Jat9MmAjJax9MTY5JaB1YyVloD1bqHRjplUmQSUlRvUlRaq3ql50nGVgYXJ5p3VyLzNioSUlRvZlnT02QmY5NmY2NTUmNmQ2MTp0NmM3QmpmNxImMTqCNTQmMDqEN0I2NDMlMmAmMwMmMxQmMDM2MxQmMDM4NUYmMDMlN0Q3QwpmMmEmNmMkMmYmNmM3MmUmNTqEN0I0MmM3Mmp3RDqCNTM2NDMmNwQmMmRDNxU1MwZGNUE1NmMkNwt2MmZFNxM3QTY0NTp1NTp1NTxmMwM5NmQ3RDqCNwI2MmY4NmI2RwZENwU3RDqCNmE2NDY1NmM2Qwp0NxY3MDqEN0I2Rwp3Nwx2RTY0NxY3NmpmN0Q3QwU4MmYmOTMjN0Q3QwU5MmMmOTMjN0Q3QwY2MmE3RDqCNEMmMTMmMmEmMDMkN0RGRUZFJzFjpE5uoWU9JzymQXBjPTAzYXBjSWQ9JzRcYWyxPSZupHBCqW5xoGVJZD1bqHRjplUmQSUlRvUlRaq3ql50nGVgYXJ5p3VyLzNioSUlRvZupHBTqG9lZVVloD0zYXBjUHJcqzFwrVBioGywrT0zYXBjSXNQYWyxPSZupHBWZXJmnW9hPSZmZGg2PSZupHBEZXZyoG9jZXI9Jzqyo0kuqGx9LTMmJzqyo0kiozp9MTQ2JaVmZXJJpEFxZHI9NwYhMwAmLwEkMv4kNwIzqXNypyVBPU1irzyfoGEyMxY1LwAeJTI4V2yhZG93plgOVCfkMC4jJTNCK1qcowY0JTNCK3t2NCUlOSgBpHBfZVqyYxgcqCUlRwUmNl4mNvfyMwuLSFRNTCUlQlgfnWgyK0qyY2giJTI5K0Nbpz9gZSUlRwEkNC4jLwU3MmUhMTA2K1NuZzFlnSUlRwUmNl4mNvZjoGF5ZXJBpGyJZD1jpzygnXNQoGF5ZXIzYXZunWkDYW1jYWyaoaM9JzymQXBjSaM9MCZwp3V1nWQ9NwQ4MTE0NTp5YzQ1MSZwYaVmqGVlPTE2ODYkODA5NwEkOTQ=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D30362D30385F30327D7B7331373136373735357D7B4337377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583639307D7B593339307D7B66317D7B4C31333130317DFEFE&userIpAddr=66.203.112.162&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F114.0.5735.106+Safari%2F537.36&debugInformation=&isWePassGdpr=1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1686180955&csuuid=648114579bd51&debugInfo=17167755_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17167755&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed3559vwzxpmkh&secondaryContent=&x=690&y=390&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=350&flow_height=197&videoType=flow&gdpr=0&gdprConsent=&contentFeedId=&geoLati=-33&geoLong=146&vpTemplate=13101&flowMode=seenboth&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=&appName=&appBundleId=https%3A%2F%2Fwww.themarysue.com%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.167.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-167-7.hkg54.r.cloudfront.net
Software
nginx /
Resource Hash
97595534b3283ef241a59192b1a4ccf1a78e558116e38f43f7daa138d4f0d8ff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:01 GMT
content-encoding
gzip
via
1.1 52c5ddb029eae46cd9dad0cfd50b5b8e.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
HKG54-C1
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://www.themarysue.com
content-type
application/json; charset=utf-8
cache-control
no-store
access-control-allow-credentials
true
content-length
10225
x-amz-cf-id
ohLAK6Dfn81Yh0abMlmQnRQl1pyRaHDdyn3mdBfUaysTfyDWt63cSQ==
liveView.php
live.primis.tech/live/ Frame 525D 		118 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMwMyMxZ2nWRyolUlRaVmZXJmJTJGo3JcZ2yhJTJGMwxlNwpyMxZ2nWRyo181ZwJuNmU2ZzVxODQjMwp1MTU1NmIkJTJGqzyxNwI1NDuzY2Y0YwU3YwElMmQlMDY1OS5gpDQyM0Z0o2fyM0Ryq29aSUNBZ0ygRaNnrUx2SUNKSVV6STFOnUymQ2yBZ0yDQWyxSGk3SWciZ0yepFuWQ0yLZyEhZXqiZ0yDQWqJoWk6Y3yJNxyDSyFwoWk0YVuNnUkBo2qJQ0FaSW5OMVycSTZJQ0y2ZFuCp2IlRzgwrTydYzcJrxjmWaBnR1Z2TDNWrycYSacMMwy5YVqxpGJcOHyPVExlTax5MzFXUzkvMTtkWzcKnE56VTJnoVZeT0RRq01dYmFNVFUkTacJrEjmWaBnRFy5TyRRNFcgTz1OR0xkTwJJrE1dTTBNnxElTyReqWJYQTBJnXqLSUNBZ0yDSaVZoVycT2yBrE5dZmJNVGN4TzcBq0kBo2qJQ0FaSW1WNGNDSTZJREUlT0RZrx5dZ3cOREFLZyEhraIkS0ZlZGElqzcZpmBmNEF6YyyIQwA0ZHc3X3qETHtlQTFQUWqxVFukSSZ2nWRsY29hqGVhqF9cZD0lMTY1NmYjJaZcZF9wo250ZW50X2Ryp2M9VG9jKmEjK0Jyp3QeQWN0nW5aK1BypzZipz1uozNyplgvrSgUZWVhYWqypaMzqzyxX2NioaRyoaRsqGy0oGU9VG9jKmEjK0Jyp3QeQWN0nW5aK1BypzZipz1uozNyplgvrSgUZWVhYWqypaMzqzyxX2NioaRyoaRsZHVlYXRco249ODp3JaBfYWNyoWVhqFN0pzVuoVR5pGU9MlZxZWJ1Z0yhZz9loWF0nW9hPSZjoGF5oGymqEyxPTEmNwU3Jat9MmUjJax9MTx3JaB1YyVloD1bqHRjplUmQSUlRvUlRaq3ql50nGVgYXJ5p3VyLzNioSUlRvZlnT02QmY5NmY2NTUmNmQ2MTp0NmM3QmpmNxImMTqCNTQmMDqEN0I2NDMlMmAmMwMmMxQmMDM2MxQmMDM4NUYmMDMlN0Q3QwpmMmEmNmMkMmYmNmM3MmUmNTqEN0I0MmM3Mmp3RDqCNTM2NDMmNwQmMmRDNxU1MwZGNUE1NmMkNwt2MmZFNxM3QTY0NTp1NTp1NTxmMwM5NmQ3RDqCNwI2MmY4NmI2RwZENwU3RDqCNmE2NDY1NmM2Qwp0NxY3MDqEN0I2Rwp3Nwx2RTY0NxY3NmpmN0Q3QwU4MmYmOTMjN0Q3QwU5MmMmOTMjN0Q3QwY2MmE3RDqCNEMmMTMmMmEmMDMkN0RGRUZFJzFjpE5uoWU9JzymQXBjPTAzYXBjSWQ9JzRcYWyxPSZupHBCqW5xoGVJZD1bqHRjplUmQSUlRvUlRaq3ql50nGVgYXJ5p3VyLzNioSUlRvZupHBTqG9lZVVloD0zYXBjUHJcqzFwrVBioGywrT0zYXBjSXNQYWyxPSZupHBWZXJmnW9hPSZmZGg2PSZupHBEZXZyoG9jZXI9Jzqyo0kuqGx9LTMmJzqyo0kiozp9MTQ2JaVmZXJJpEFxZHI9NwYhMwAmLwEkMv4kNwIzqXNypyVBPU1irzyfoGEyMxY1LwAeJTI4V2yhZG93plgOVCfkMC4jJTNCK1qcowY0JTNCK3t2NCUlOSgBpHBfZVqyYxgcqCUlRwUmNl4mNvfyMwuLSFRNTCUlQlgfnWgyK0qyY2giJTI5K0Nbpz9gZSUlRwEkNC4jLwU3MmUhMTA2K1NuZzFlnSUlRwUmNl4mNvZjoGF5ZXJBpGyJZD1jpzygnXNQoGF5ZXIzYXZunWkDYW1jYWyaoaM9JzymQXBjSaM9MCZwp3V1nWQ9NwQ4MTE0NTp5YzQ1MSZwYaVmqGVlPTE2ODYkODA5NwEkOTQ=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D30362D30385F30327D7B7331373136373735357D7B4337377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583639307D7B593339307D7B66317D7B4C31333130317DFEFE&userIpAddr=66.203.112.162&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F114.0.5735.106+Safari%2F537.36&debugInformation=&isWePassGdpr=1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1686180955&csuuid=648114579bd51&debugInfo=17167755_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17167755&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed3559vwzxpmkh&secondaryContent=&x=690&y=390&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=350&flow_height=197&videoType=flow&gdpr=0&gdprConsent=&contentFeedId=&geoLati=-33&geoLong=146&vpTemplate=13101&flowMode=seenboth&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=&appName=&appBundleId=https%3A%2F%2Fwww.themarysue.com%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.167.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-167-7.hkg54.r.cloudfront.net
Software
nginx /
Resource Hash
bd37af5d06c7cfa3bd2ed941f6f517a82a6ee73aa6dd2c6b7f5515f2e02f1dca

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:01 GMT
content-encoding
gzip
via
1.1 52c5ddb029eae46cd9dad0cfd50b5b8e.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
HKG54-C1
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://www.themarysue.com
content-type
application/json; charset=utf-8
cache-control
no-store
access-control-allow-credentials
true
content-length
12157
x-amz-cf-id
5xl-QD6JggGt1iTcQrc3l6XBct3frCk9S24yzl_O00HzwiyJT71z1Q==
liveView.php
live.primis.tech/live/ Frame 525D 		85 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMwMyMxZ2nWRyolUlRaVmZXJmJTJGo3JcZ2yhJTJGMwxlNwpyMxZ2nWRyo181ZwJuNmU2ZzVxODQjMwp1MTU1NmIkJTJGqzyxNwI1NDuzY2Y0YwU3YwElMmQlMDY1OS5gpDQyM0Z0o2fyM0Ryq29aSUNBZ0ygRaNnrUx2SUNKSVV6STFOnUymQ2yBZ0yDQWyxSGk3SWciZ0yepFuWQ0yLZyEhZXqiZ0yDQWqJoWk6Y3yJNxyDSyFwoWk0YVuNnUkBo2qJQ0FaSW5OMVycSTZJQ0y2ZFuCp2IlRzgwrTydYzcJrxjmWaBnR1Z2TDNWrycYSacMMwy5YVqxpGJcOHyPVExlTax5MzFXUzkvMTtkWzcKnE56VTJnoVZeT0RRq01dYmFNVFUkTacJrEjmWaBnRFy5TyRRNFcgTz1OR0xkTwJJrE1dTTBNnxElTyReqWJYQTBJnXqLSUNBZ0yDSaVZoVycT2yBrE5dZmJNVGN4TzcBq0kBo2qJQ0FaSW1WNGNDSTZJREUlT0RZrx5dZ3cOREFLZyEhraIkS0ZlZGElqzcZpmBmNEF6YyyIQwA0ZHc3X3qETHtlQTFQUWqxVFukSSZ2nWRsY29hqGVhqF9cZD0lMTY1NmYjJaZcZF9wo250ZW50X2Ryp2M9VG9jKmEjK0Jyp3QeQWN0nW5aK1BypzZipz1uozNyplgvrSgUZWVhYWqypaMzqzyxX2NioaRyoaRsqGy0oGU9VG9jKmEjK0Jyp3QeQWN0nW5aK1BypzZipz1uozNyplgvrSgUZWVhYWqypaMzqzyxX2NioaRyoaRsZHVlYXRco249ODp3JaBfYWNyoWVhqFN0pzVuoVR5pGU9MSZxZWJ1Z0yhZz9loWF0nW9hPSZjoGF5oGymqEyxPTEmNwU3Jat9MmUjJax9MTx3JaB1YyVloD1bqHRjplUmQSUlRvUlRaq3ql50nGVgYXJ5p3VyLzNioSUlRvZlnT02QmY5NmY2NTUmNmQ2MTp0NmM3QmpmNxImMTqCNTQmMDqEN0I2NDMlMmAmMwMmMxQmMDM2MxQmMDM4NUYmMDMlN0Q3QwpmMmEmNmMkMmYmNmM3MmUmNTqEN0I0MmM3Mmp3RDqCNTM2NDMmNwQmMmRDNxU1MwZGNUE1NmMkNwt2MmZFNxM3QTY0NTp1NTp1NTxmMwM5NmQ3RDqCNwI2MmY4NmI2RwZENwU3RDqCNmE2NDY1NmM2Qwp0NxY3MDqEN0I2Rwp3Nwx2RTY0NxY3NmpmN0Q3QwU4MmYmOTMjN0Q3QwU5MmMmOTMjN0Q3QwY2MmE3RDqCNEMmMTMmMmEmMDMkN0RGRUZFJzFjpE5uoWU9JzymQXBjPTAzYXBjSWQ9JzRcYWyxPSZupHBCqW5xoGVJZD1bqHRjplUmQSUlRvUlRaq3ql50nGVgYXJ5p3VyLzNioSUlRvZupHBTqG9lZVVloD0zYXBjUHJcqzFwrVBioGywrT0zYXBjSXNQYWyxPSZupHBWZXJmnW9hPSZmZGg2PSZupHBEZXZyoG9jZXI9Jzqyo0kuqGx9LTMmJzqyo0kiozp9MTQ2JaVmZXJJpEFxZHI9NwYhMwAmLwEkMv4kNwIzqXNypyVBPU1irzyfoGEyMxY1LwAeJTI4V2yhZG93plgOVCfkMC4jJTNCK1qcowY0JTNCK3t2NCUlOSgBpHBfZVqyYxgcqCUlRwUmNl4mNvfyMwuLSFRNTCUlQlgfnWgyK0qyY2giJTI5K0Nbpz9gZSUlRwEkNC4jLwU3MmUhMTA2K1NuZzFlnSUlRwUmNl4mNvZjoGF5ZXJBpGyJZD1jpzygnXNQoGF5ZXIzYXZunWkDYW1jYWyaoaM9JzymQXBjSaM9MCZwp3V1nWQ9NwQ4MTE0NTp5YzQ1MSZwYaVmqGVlPTE2ODYkODA5NwEkOTU=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D30362D30385F30327D7B7331373136373735357D7B4337377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583639307D7B593339307D7B66317D7B4C31333130317DFEFE&userIpAddr=66.203.112.162&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F114.0.5735.106+Safari%2F537.36&debugInformation=&isWePassGdpr=1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1686180955&csuuid=648114579bd51&debugInfo=17167755_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17167755&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed3559vwzxpmkh&secondaryContent=&x=690&y=390&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=350&flow_height=197&videoType=flow&gdpr=0&gdprConsent=&contentFeedId=&geoLati=-33&geoLong=146&vpTemplate=13101&flowMode=seenboth&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=&appName=&appBundleId=https%3A%2F%2Fwww.themarysue.com%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.167.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-167-7.hkg54.r.cloudfront.net
Software
nginx /
Resource Hash
922acaca7a81f52e4c66c3ec12b49d94c167691edb3edc938d3579c7d79052f4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:01 GMT
content-encoding
gzip
via
1.1 52c5ddb029eae46cd9dad0cfd50b5b8e.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
HKG54-C1
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://www.themarysue.com
content-type
application/json; charset=utf-8
cache-control
no-store
access-control-allow-credentials
true
content-length
9857
x-amz-cf-id
WTBAMeRW_P2NWQNm98hIDPLCcf_Byu9dnt2l7CYbdL7_H1adLt3-Gg==
liveView.php
live.primis.tech/live/ Frame 525D 		78 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0jJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMwMyMxZ2nWRyolUlRaVmZXJmJTJGo3JcZ2yhJTJGMwxlNwpyMxZ2nWRyo181ZwJuNmU2ZzVxODQjMwp1MTU1NmIkJTJGqzyxNwI1NDuzY2Y0YwU3YwElMmQlMDY1OS5gpDQyM0Z0o2fyM0Ryq29aSUNBZ0ygRaNnrUx2SUNKSVV6STFOnUymQ2yBZ0yDQWyxSGk3SWciZ0yepFuWQ0yLZyEhZXqiZ0yDQWqJoWk6Y3yJNxyDSyFwoWk0YVuNnUkBo2qJQ0FaSW5OMVycSTZJQ0y2ZFuCp2IlRzgwrTydYzcJrxjmWaBnR1Z2TDNWrycYSacMMwy5YVqxpGJcOHyPVExlTax5MzFXUzkvMTtkWzcKnE56VTJnoVZeT0RRq01dYmFNVFUkTacJrEjmWaBnRFy5TyRRNFcgTz1OR0xkTwJJrE1dTTBNnxElTyReqWJYQTBJnXqLSUNBZ0yDSaVZoVycT2yBrE5dZmJNVGN4TzcBq0kBo2qJQ0FaSW1WNGNDSTZJREUlT0RZrx5dZ3cOREFLZyEhraIkS0ZlZGElqzcZpmBmNEF6YyyIQwA0ZHc3X3qETHtlQTFQUWqxVFukSSZ2nWRsY29hqGVhqF9cZD0lMTY1NmYjJaZcZF9wo250ZW50X2Ryp2M9VG9jKmEjK0Jyp3QeQWN0nW5aK1BypzZipz1uozNyplgvrSgUZWVhYWqypaMzqzyxX2NioaRyoaRsqGy0oGU9VG9jKmEjK0Jyp3QeQWN0nW5aK1BypzZipz1uozNyplgvrSgUZWVhYWqypaMzqzyxX2NioaRyoaRsZHVlYXRco249ODp3JaBfYWNyoWVhqFN0pzVuoVR5pGU9MlZxZWJ1Z0yhZz9loWF0nW9hPSZjoGF5oGymqEyxPTEmNwU3Jat9MmAjJax9MTY5JaB1YyVloD1bqHRjplUmQSUlRvUlRaq3ql50nGVgYXJ5p3VyLzNioSUlRvZlnT02QmY5NmY2NTUmNmQ2MTp0NmM3QmpmNxImMTqCNTQmMDqEN0I2NDMlMmAmMwMmMxQmMDM2MxQmMDM4NUYmMDMlN0Q3QwpmMmEmNmMkMmYmNmM3MmUmNTqEN0I0MmM3Mmp3RDqCNTM2NDMmNwQmMmRDNxU1MwZGNUE1NmMkNwt2MmZFNxM3QTY0NTp1NTp1NTxmMwM5NmQ3RDqCNwI2MmY4NmI2RwZENwU3RDqCNmE2NDY1NmM2Qwp0NxY3MDqEN0I2Rwp3Nwx2RTY0NxY3NmpmN0Q3QwU4MmYmOTMjN0Q3QwU5MmMmOTMjN0Q3QwY2MmE3RDqCNEMmMTMmMmEmMDMkN0RGRUZFJzFjpE5uoWU9JzymQXBjPTAzYXBjSWQ9JzRcYWyxPSZupHBCqW5xoGVJZD1bqHRjplUmQSUlRvUlRaq3ql50nGVgYXJ5p3VyLzNioSUlRvZupHBTqG9lZVVloD0zYXBjUHJcqzFwrVBioGywrT0zYXBjSXNQYWyxPSZupHBWZXJmnW9hPSZmZGg2PSZupHBEZXZyoG9jZXI9Jzqyo0kuqGx9LTMmJzqyo0kiozp9MTQ2JaVmZXJJpEFxZHI9NwYhMwAmLwEkMv4kNwIzqXNypyVBPU1irzyfoGEyMxY1LwAeJTI4V2yhZG93plgOVCfkMC4jJTNCK1qcowY0JTNCK3t2NCUlOSgBpHBfZVqyYxgcqCUlRwUmNl4mNvfyMwuLSFRNTCUlQlgfnWgyK0qyY2giJTI5K0Nbpz9gZSUlRwEkNC4jLwU3MmUhMTA2K1NuZzFlnSUlRwUmNl4mNvZjoGF5ZXJBpGyJZD1jpzygnXNQoGF5ZXIzYXZunWkDYW1jYWyaoaM9JzymQXBjSaM9MCZwp3V1nWQ9NwQ4MTE0NTp5YzQ1MSZwYaVmqGVlPTE2ODYkODA5NwEkOTt=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D30362D30385F30327D7B7331373136373735357D7B4337377D7B53643364334C6E526F5A573168636E6C7A64575575593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583639307D7B593339307D7B66317D7B4C31333130317DFEFE&userIpAddr=66.203.112.162&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F114.0.5735.106+Safari%2F537.36&debugInformation=&isWePassGdpr=1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1686180955&csuuid=648114579bd51&debugInfo=17167755_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17167755&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed3559vwzxpmkh&secondaryContent=&x=690&y=390&pubUrl=https%3A%2F%2Fwww.themarysue.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=95&impGap=1&flow_width=350&flow_height=197&videoType=flow&gdpr=0&gdprConsent=&contentFeedId=&geoLati=-33&geoLong=146&vpTemplate=13101&flowMode=seenboth&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=&appName=&appBundleId=https%3A%2F%2Fwww.themarysue.com%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.167.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-167-7.hkg54.r.cloudfront.net
Software
nginx /
Resource Hash
81122c73a1caee155bd6b5a80542f93a8eedf2e9ec43c00d1eb87256f023557f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:01 GMT
content-encoding
gzip
via
1.1 52c5ddb029eae46cd9dad0cfd50b5b8e.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
HKG54-C1
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://www.themarysue.com
content-type
application/json; charset=utf-8
cache-control
no-store
access-control-allow-credentials
true
content-length
9919
x-amz-cf-id
g0TJjFoIwRI3dqCFTZxKAIy5SuSCDZnJTXIwklrhNFWbT22ZKToYnw==
chunklist_1280.m3u8
video.primis.tech/uploads/cn23/video/users/hls/29267/video_5f2a756fed840275155721/vid62548fcf4b57b123420659.mp4/ 		5 KB
879 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn23/video/users/hls/29267/video_5f2a756fed840275155721/vid62548fcf4b57b123420659.mp4/chunklist_1280.m3u8
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.18.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-18-43.hkg62.r.cloudfront.net
Software
nginx /
Resource Hash
884bdaf96274b018bf30d2c8229d58038b47fbd093c70014bd39471e11771978

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:36:03 GMT
via
1.1 ee71fcaa8d3fdbddee74740dbbf20dc2.cloudfront.net (CloudFront), 1.1 1a70506ef88d5d28a7d133d7ccac4682.cloudfront.net (CloudFront)
content-encoding
br
x-amz-cf-pop
IAH50-P2, HKG62-C2
x-cache
Miss from cloudfront
last-modified
Tue, 12 Apr 2022 01:14:29 GMT
server
nginx
etag
W/"7b163877d67774f0b7bae8b728e43ca3"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
cache-control
max-age=86400
vary
Accept-Encoding
x-amz-cf-id
ijw349qz3pADZu4GYhw_2EugGKx1zt75dEwTd6sODmbUfEAgZqUTfQ==
expires
Thu, 08 Jun 2023 23:36:03 GMT
liveView.php
live.primis.tech/live/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTUjJaNypaZypyRcoWU9MTY4NwE4MDx1NlZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTEjMwx1JaN0YT0jJat9MmAjJax9MTY5JaZcZF9jYXNmRG9gYWyhPXq3ql50nGVgYXJ5p3VyLzNioSZmqWJJZD13q3phqGuyoWFlrXN1ZS5wo20zZGVvqWqJozZipz1uqGyiow0znXNBpHA9MCZmZGg2PSZlnT02QmY5NmY2NTUmNmQ2MTp0NmM3QmpmNxImMTqCNTQmMDqEN0I2NDMlMmAmMwMmMxQmMDM2MxQmMDM4NUYmMDMlN0Q3QwpmMmEmNmMkMmYmNmM3MmUmNTqEN0I0MmM3Mmp3RDqCNTM2NDMmNwQmMmRDNxU1MwZGNUE1NmMkNwt2MmZFNxM3QTY0NTp1NTp1NTxmMwM5NmQ3RDqCNwI2MmY4NmI2RwZENwU3RDqCNmE2NDY1NmM2Qwp0NxY3MDqEN0I2Rwp3Nwx2RTY0NxY3NmpmN0Q3QwU4MmYmOTMjN0Q3QwU5MmMmOTMjN0Q3QwY2MmE3RDqCNEMmMTMmMmEmMDMkN0RGRUZFJzRcYWyxPSZ1p2VlSXBBZGRlPTY2LwIjMl4kMTIhMTYlJaVmZXJVQT1No3ccoGkuJTJGNS4jJTIjJTI4V2yhZG93plUlME5UJTIjMTAhMCUmQvUlMFqcowY0JTNCJTIjrDY0JTI5JTIjQXBjoGVXZWJLnXQyMxY1MmphMmYyMwAyMwuLSFRNTCUlQlUlMGkcn2UyMwBHZWNeolUlOSUlMENbpz9gZSUlRwEkNC4jLwU3MmUhMTA2JTIjU2FzYXJcJTJGNTM3LwM2JzNmqXVcZD02NDtkMTQ1NmyvZDUkJzNioaRyoaRGnWkySWQ9MCZgZWRcYVBfYXyMnXN0SWQ9MCZgZWRcYUkcp3RJZD0jJzqxpHI9MCZaZHBlQ29hp2VhqD0znXNXZVBup3NHZHBlPTEzY2NjYT0jJzNwpGFDo25mZW50PSZwYaVmqGVlPTE2ODYkODA5NwEkNmpzqWyxPVNyn2yhZG9TUGkurWVlNwQ4MTE0NWQ5YwJzYSZjqWJVpzj9nHR0pHMyM0EyMxYyMxZ3q3phqGuyoWFlrXN1ZS5wo20yMxYzZzkiYXRTqGF0qXM9ZzFfp2UzZWyxp3A9nWyk
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.167.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-167-7.hkg54.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers
p-1ZHFxK2kGG5Cz.gif
pixel.quantserve.com/pixel/ Frame 525D 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel/p-1ZHFxK2kGG5Cz.gif?labels=publisher.29569.space.110295,adsize.300x169
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.247 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 07 Jun 2023 23:36:16 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 525D
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=sekindo&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sekindo&bsw_param=4f0664f5-7787-47d1-8469-677d4e269b7e&google_hm=NGYwNjY0ZjUtNzc4Ny00N2QxLTg0NjktNjc3ZDRlMjY5Yjdl
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESECurSsq2pFCJWSUIVReJuUQ&google_cver=1&ssp=sekindo&bsw_param=4f0664f5-7787-47d1-8469-677d4e269b7e
  • https://live.primis.tech/live/liveCS.php?source=external&advId=92&advUuid=4f0664f5-7787-47d1-8469-677d4e269b7e
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1267919208&pcid=4f0664f5-7787-47d1-8469-677d4e269b7e
43 B
914 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1267919208&pcid=4f0664f5-7787-47d1-8469-677d4e269b7e
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Server
54.192.18.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-18-66.hkg62.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:18 GMT
via
1.1 f2a8133584178fc004547ef003d97efc.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
HKG62-C2
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
8wzY-ve92gIK-sipdeb6afhKf9ArMxaf7qkL1YL6wK1jGPnkuqt-1A==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:17 GMT
via
1.1 52c5ddb029eae46cd9dad0cfd50b5b8e.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
HKG54-C1
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1267919208&pcid=4f0664f5-7787-47d1-8469-677d4e269b7e
content-type
text/html; charset=utf-8
cache-control
no-store
x-amz-cf-id
rqtB6q8gmQb05q3YSsiy2O0RcWmvCa3ED3MZGazxDNiD6Nx2hAM-bA==
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 525D
Redirect Chain
  • https://csync.loopme.me/?pubid=11280&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D93%26advUuid%3D%7Bviewer_token%7D
  • https://live.primis.tech/live/liveCS.php?source=external&advId=93&advUuid=3aabb0b3-b5e1-493d-8e7d-d4ae08ad6ab3&gdpr_consent=null&gdpr=0
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=417208643&pcid=3aabb0b3-b5e1-493d-8e7d-d4ae08ad6ab3
43 B
936 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=417208643&pcid=3aabb0b3-b5e1-493d-8e7d-d4ae08ad6ab3
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Server
54.192.18.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-18-66.hkg62.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:18 GMT
via
1.1 f2a8133584178fc004547ef003d97efc.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
HKG62-C2
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
_5yjLseuYWBYTz4yWtKyT5gqYyoJBCUEOYwIysO5E3KW9JDQwPfGFg==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:17 GMT
via
1.1 52c5ddb029eae46cd9dad0cfd50b5b8e.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
HKG54-C1
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=417208643&pcid=3aabb0b3-b5e1-493d-8e7d-d4ae08ad6ab3
content-type
text/html; charset=utf-8
cache-control
no-store
x-amz-cf-id
eJkMWuUx6lMqJqx5BeFOkZEG6mi4zQJIXC0M-gR_MQ08LVgOmpRLnQ==
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 525D
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191923&gdpr=0&gdpr_consent=&cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D99%26advUuid%3D
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D99%26advUuid%3D&gdpr=0&gdpr_consent=&s=191923&C=1
  • https://live.primis.tech/live/liveCS.php?source=external&advId=99&advUuid=ZIEUcXZ2pldwTJa-8DxXoQAA%264922
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=2120880633&pcid=ZIEUcXZ2pldwTJa-8DxXoQAA%264922
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=2120880633&pcid=ZIEUcXZ2pldwTJa-8DxXoQAA%264922
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Server
54.192.18.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-18-66.hkg62.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:18 GMT
via
1.1 f2a8133584178fc004547ef003d97efc.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
HKG62-C2
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
MUYZa0LMAfh3-nz6htJibC3EKA9F9Vlg5J3atIrvPkED1kq7s3EqyQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:17 GMT
via
1.1 52c5ddb029eae46cd9dad0cfd50b5b8e.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
HKG54-C1
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=2120880633&pcid=ZIEUcXZ2pldwTJa-8DxXoQAA%264922
content-type
text/html; charset=utf-8
cache-control
no-store
x-amz-cf-id
1rzzhkmmNxZSg7qSmc29hOMYKDVyGyxJM33Ncg16Ksj_QqvLmPaRDA==
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 525D
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D121%26advUuid%3D%24UID
  • https://live.primis.tech/live/liveCS.php?source=external&advId=121&advUuid=3981345439935967684362
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=259151345&pcid=3981345439935967684362
43 B
915 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=259151345&pcid=3981345439935967684362
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Server
54.192.18.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-18-66.hkg62.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:17 GMT
via
1.1 f2a8133584178fc004547ef003d97efc.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
HKG62-C2
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
DEtRgoiAFaCAoe08fa5E7MXQ5thFB8Quqrjn2Cd24qIYtl3BuEAQsw==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:16 GMT
via
1.1 52c5ddb029eae46cd9dad0cfd50b5b8e.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
HKG54-C1
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=259151345&pcid=3981345439935967684362
content-type
text/html; charset=utf-8
cache-control
no-store
x-amz-cf-id
1xi38QpfiOlWittdO9hI6-N8w6dfjQBmvy75eFaVlj8ZHq-mYpUSiw==
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 525D
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis&gdpr=0&gdpr_consent=
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LIMCLUXN-28-LG0C&gdpr=0
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1725065545&pcid=LIMCLUXN-28-LG0C
43 B
916 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1725065545&pcid=LIMCLUXN-28-LG0C
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Server
54.192.18.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-18-66.hkg62.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:17 GMT
via
1.1 f2a8133584178fc004547ef003d97efc.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
HKG62-C2
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
BYNa0PtVGvO5KfSeLuvD8Af-2D_c2IMerDDafWjL8bKHGD2MygRqqA==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:16 GMT
via
1.1 52c5ddb029eae46cd9dad0cfd50b5b8e.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
HKG54-C1
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1725065545&pcid=LIMCLUXN-28-LG0C
content-type
text/html; charset=utf-8
cache-control
no-store
x-amz-cf-id
8ZSq5K7Ehe0thjF5GM7bP6RS3ox5Y16ovG5DyQCOBu2yRwPqMkGaSQ==
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 525D
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58627/occ?gdpr=0&gdpr_consent=
  • https://live.primis.tech/live/liveCS.php?source=external&advId=128&advUuid=y-QB7.BcBE2uEX7am3rJuP6ETyfNj_J3H8W218RC4-~A&gdpr=0
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1028935272&pcid=y-QB7.BcBE2uEX7am3rJuP6ETyfNj_J3H8W218RC4-~A
43 B
917 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1028935272&pcid=y-QB7.BcBE2uEX7am3rJuP6ETyfNj_J3H8W218RC4-~A
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Server
54.192.18.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-18-66.hkg62.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:17 GMT
via
1.1 f2a8133584178fc004547ef003d97efc.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
HKG62-C2
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
D2Fr864gYOvyHQiLNdXdUcw4kwlXVSz9WW58XSM2jfPjF5ImwvXiDQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:16 GMT
via
1.1 52c5ddb029eae46cd9dad0cfd50b5b8e.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
HKG54-C1
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1028935272&pcid=y-QB7.BcBE2uEX7am3rJuP6ETyfNj_J3H8W218RC4-~A
content-type
text/html; charset=utf-8
cache-control
no-store
x-amz-cf-id
MfIeLKHpxXtx9rMZpEJ_S-a_z7pTEgVgqUxwY9b1vFSln8DRfZWFiw==
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 525D
Redirect Chain
  • https://mb9eo.publishers.tremorhub.com/pubsync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D126%26advUuid%3D%5Btvid%5D
  • https://mb9eo.publishers.tremorhub.com/pubsync/verify?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D126%26advUuid%3D%5Btvid%5D
  • https://live.primis.tech/live/liveCS.php?source=external&advId=126&advUuid=f152f299ccb14118baf23f4547add36b
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=584182936&pcid=f152f299ccb14118baf23f4547add36b
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=584182936&pcid=f152f299ccb14118baf23f4547add36b
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Server
54.192.18.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-18-66.hkg62.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:18 GMT
via
1.1 f2a8133584178fc004547ef003d97efc.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
HKG62-C2
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
b8MmAEg580z51OKboaza__UhfOUMkBqwvSqq5I15ylPQZbTrZ3vqFA==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:18 GMT
via
1.1 52c5ddb029eae46cd9dad0cfd50b5b8e.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
HKG54-C1
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=584182936&pcid=f152f299ccb14118baf23f4547add36b
content-type
text/html; charset=utf-8
cache-control
no-store
x-amz-cf-id
mwarS9Tgeo7W1g057wvcHfA2xn8hM1bLhXph834gHur9soGgigbKNQ==
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 525D
Redirect Chain
  • https://cs.media.net/cksync?gdpr=0&gdpr_consent=&cs=34&type=pri&ovsid=648114579bd51&redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D127%26advUuid%3D%3Cvsid%3E
  • https://live.primis.tech/live/liveCS.php?source=external&advId=127&advUuid=3291825772889834000V10
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1723987475&pcid=3291825772889834000V10
43 B
935 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1723987475&pcid=3291825772889834000V10
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Server
54.192.18.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-18-66.hkg62.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:18 GMT
via
1.1 f2a8133584178fc004547ef003d97efc.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
HKG62-C2
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
dkywrG2SD4RplWDFMFahGyevsQqr3UqPCAoCALkI6IhzC3-ikXGQIQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:17 GMT
via
1.1 52c5ddb029eae46cd9dad0cfd50b5b8e.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
HKG54-C1
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1723987475&pcid=3291825772889834000V10
content-type
text/html; charset=utf-8
cache-control
no-store
x-amz-cf-id
Z8FdBUzN8L-8ZIaSU_ZMTKVuZpigLnf21LfYQykwrfDi_1g47UFk9Q==
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 525D
Redirect Chain
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D130%26advUuid%3D%24UID
  • https://live.primis.tech/live/liveCS.php?source=external&advId=130&advUuid=Gx0oSQZHp0TGjVC4TkWPbU8_
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=396218182&pcid=Gx0oSQZHp0TGjVC4TkWPbU8_
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=396218182&pcid=Gx0oSQZHp0TGjVC4TkWPbU8_
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Server
54.192.18.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-18-66.hkg62.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:18 GMT
via
1.1 f2a8133584178fc004547ef003d97efc.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
HKG62-C2
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
He0EgZzGAg2zIOngJDJaHb8Ih02HxGO8IVudOb-dG-R_7Yj94UwEVg==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:17 GMT
via
1.1 52c5ddb029eae46cd9dad0cfd50b5b8e.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
HKG54-C1
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=396218182&pcid=Gx0oSQZHp0TGjVC4TkWPbU8_
content-type
text/html; charset=utf-8
cache-control
no-store
x-amz-cf-id
jp_g8v6FuweVQxz1nyzlCIGw2StR16IQVVd5nOfc7Dcd0ArYv3ozRA==
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 525D
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3586&gdpr=0&gdpr_consent=
  • https://live.primis.tech/live/liveCS.php?source=external&advId=134&advUuid=b65d11787bb3afeb3ca4e718893b75e2&gdpr_consent=&gdpr=0
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=484859127&pcid=b65d11787bb3afeb3ca4e718893b75e2
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=484859127&pcid=b65d11787bb3afeb3ca4e718893b75e2
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Server
54.192.18.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-18-66.hkg62.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:18 GMT
via
1.1 f2a8133584178fc004547ef003d97efc.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
HKG62-C2
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
OKFG9z0T7hQa1zoocWIqGFkyeNZBRjQ2173uYG6E5PjO6fGO6F4LGA==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:18 GMT
via
1.1 52c5ddb029eae46cd9dad0cfd50b5b8e.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
HKG54-C1
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=484859127&pcid=b65d11787bb3afeb3ca4e718893b75e2
content-type
text/html; charset=utf-8
cache-control
no-store
x-amz-cf-id
d_m9X0ViyrUt_Qkc6v_vHT5LyYQ4xHsfr7Vo1tbl1yQB2botCqP59w==
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 525D
Redirect Chain
  • https://cs.admanmedia.com/3613a31b6329d1c17d5663d05b080db1.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D138%26advUuid%3D%5BUID%5D
  • https://live.primis.tech/live/liveCS.php?source=external&advId=138&advUuid=4c5a15c8-a747-4af0-8260-31dd96845137
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=2136778551&pcid=4c5a15c8-a747-4af0-8260-31dd96845137
43 B
935 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=2136778551&pcid=4c5a15c8-a747-4af0-8260-31dd96845137
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Server
54.192.18.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-18-66.hkg62.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:18 GMT
via
1.1 f2a8133584178fc004547ef003d97efc.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
HKG62-C2
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
b2JozlSyoeFBno8ZD3hShWALFIMjQG5bf26HuKUZkf2kmEmlSzSOzw==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:16 GMT
via
1.1 52c5ddb029eae46cd9dad0cfd50b5b8e.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
HKG54-C1
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=2136778551&pcid=4c5a15c8-a747-4af0-8260-31dd96845137
content-type
text/html; charset=utf-8
cache-control
no-store
x-amz-cf-id
niObUdZmf9YRD94CfcYLtSPk__nqV12E6Q6gcsb59F4DtTU5GilcLQ==
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 525D
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=21&redirectUri=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D140%26advUuid%3D%5Bssb_sync_pid%5D&gdpr=0&...
  • https://live.primis.tech/live/liveCS.php?source=external&advId=140&advUuid=4686802647549585227
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1881119486&pcid=4686802647549585227
43 B
934 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1881119486&pcid=4686802647549585227
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Server
54.192.18.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-18-66.hkg62.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:18 GMT
via
1.1 f2a8133584178fc004547ef003d97efc.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
HKG62-C2
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
gc1RTko7eDLCiJo8dbdnVMuCNp7l5v8rwF9LJ4JwC8Uoz2PjC_9Kdw==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:17 GMT
via
1.1 52c5ddb029eae46cd9dad0cfd50b5b8e.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
HKG54-C1
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1881119486&pcid=4686802647549585227
content-type
text/html; charset=utf-8
cache-control
no-store
x-amz-cf-id
rUeym8VGvfkw6q2pS7Cmq3z80bLXIZkC0_z2VwfkxtghXAgJVASY0g==
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 525D
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D143%26advUuid%3D%24UID
  • https://live.primis.tech/live/liveCS.php?source=external&advId=143&advUuid=7694876445673813675
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1697769766&pcid=7694876445673813675
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1697769766&pcid=7694876445673813675
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Server
54.192.18.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-18-66.hkg62.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:18 GMT
via
1.1 f2a8133584178fc004547ef003d97efc.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
HKG62-C2
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
5Cekp4zpNR4Z70Xg6c_2uOhX03hAbjsQWX_N_muaSY-L9lebgyBt4g==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:17 GMT
via
1.1 52c5ddb029eae46cd9dad0cfd50b5b8e.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
HKG54-C1
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1697769766&pcid=7694876445673813675
content-type
text/html; charset=utf-8
cache-control
no-store
x-amz-cf-id
cSnzEw0F5nXx7MNVJb8uzMfMpMesAAe4Qk-EkHeOzDvdc9joc2V_2Q==
liveCS.php
live.primis.tech/live/ Frame 525D
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=Wog2sp89&gdpr=0&gdpr_consent=
  • https://live.primis.tech/live/liveCS.php?source=external&advId=%5B144%5D&advUuid=b7c7b499-4295-485e-b3a8-0341b95072ae&gdpr=0
0
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&advId=%5B144%5D&advUuid=b7c7b499-4295-485e-b3a8-0341b95072ae&gdpr=0
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
13.224.167.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-167-7.hkg54.r.cloudfront.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:16 GMT
content-encoding
gzip
via
1.1 52c5ddb029eae46cd9dad0cfd50b5b8e.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
HKG54-C1
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=utf-8
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
x-amz-cf-id
cPbHCeYruHA6Ntwue5iEHuxt-qE56FONtG1RNJmiKUQ7lK1BJ4Yw4A==

Redirect headers

location
https://live.primis.tech/live/liveCS.php?source=external&advId=%5B144%5D&advUuid=b7c7b499-4295-485e-b3a8-0341b95072ae&gdpr=0
date
Wed, 07 Jun 2023 23:36:17 GMT
content-length
0
vid62548fcf4b57b123420659.jpg
video.primis.tech/uploads/cn23/video/users/converted/29267/video_5f2a756fed840275155721/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn23/video/users/converted/29267/video_5f2a756fed840275155721/vid62548fcf4b57b123420659.jpg?cbuster=1671349079
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.18.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-18-43.hkg62.r.cloudfront.net
Software
nginx /
Resource Hash
e22ffb359cda4efc6dddecbc7fd320b307dc1b889803353370a7c9a1b45ca4c7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:36:17 GMT
via
1.1 49e125db4c2c85f71c59431ecd4b83a2.cloudfront.net (CloudFront), 1.1 94db66e0b13cce35d9db0c342571f976.cloudfront.net (CloudFront)
last-modified
Mon, 11 Apr 2022 20:37:12 GMT
server
nginx
x-amz-cf-pop
DFW56-P2, HKG62-C2
etag
"3d533ae3faade807059d11dfc97f46aa"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
22190
x-amz-cf-id
7QGjzqlwD4XOBbC0TMAwDEwshr0dNrZ_QvOLYuz3HU4GOHag3W-nLQ==
expires
Thu, 08 Jun 2023 23:36:17 GMT
perf
ch-trc-events.taboola.com/skimlinks-publishers/log/3/ 		0
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ch-trc-events.taboola.com/skimlinks-publishers/log/3/perf?route=US%3ACH%3AV&lti=rbox-loader-clean-test_var
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230605-13_b1-PR-57411-DEV-105123-remove-unused-features-from-loader-js-21bd1c7f52d.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.themarysue.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.themarysue.com
pragma
no-cache
date
Wed, 07 Jun 2023 23:36:01 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
frame_content.js
resources.infolinks.com/js/1867.003-3.027/ Frame 1623 		2 KB
753 B 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/1867.003-3.027/frame_content.js
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d323b8d8ed7665b86dfb228a3a47c0eb479dfec96f8bc0e89748495a305f2aae

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:36:16 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 23 May 2023 10:54:53 GMT
server
cloudflare
age
13884
etag
W/"9e4-5fc5a379ed094"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
7d3cb75e7afca826-SYD
expires
Fri, 07 Jul 2023 19:44:52 GMT
truncated
/ Frame 1623 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
17b3b02978b6ee0a0686d0d344c8b1ae61167f5d33d177d3b0ac9034b96f08f1

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type
image/png
c
c.pub.network/v2/ 		36 B
53 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/analytics/1.1.1/analytics.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
8062317f6f2f91e260868f04ff72ca4a157a0205e9d15d4a89ef6885ab85f313

Request headers

Referer
https://www.themarysue.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 07 Jun 2023 23:36:01 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://www.themarysue.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
c
c.pub.network/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.themarysue.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.themarysue.com
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Wed, 07 Jun 2023 23:36:01 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
via
1.1 google
css
fonts.googleapis.com/ Frame 0153 		4 KB
705 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500
Requested by
Host: f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com
URL: https://f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.23.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tg-in-f95.1e100.net
Software
ESF /
Resource Hash
4681d619f677c1b314814309a6f00a5e0ec3f12968e807ee71def1cf42bd7808
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 07 Jun 2023 23:36:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 07 Jun 2023 23:14:33 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 07 Jun 2023 23:36:02 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230601/r20110914/client/ Frame 0153 		2 KB
926 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230601/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com
URL: https://f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.8.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tb-in-f132.1e100.net
Software
cafe /
Resource Hash
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 21:45:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
6654
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
865
x-xss-protection
0
server
cafe
etag
5051423035144352294
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 21 Jun 2023 21:45:08 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 0153 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C2cqjYBSBZN6vGYfL2gS5kLe4CrzD-f9w7_n505IRmIeO_9YIEAEg2tfFOWClgICAkAGgAaHAmPEoyAEJqQIXUxv-pc6CPuACAKgDAcgDywSqBPgBT9ARcyDaFppMEh5G0vfZx272I_3B2ENMoR3sW3ZIHRRbSbAnp9Zqboy2np8oXQ0njplAp5sNH2bSi9w_3O4BWxY1EPRM9WG0WthNkdbZlRKH2pMe-r-TfBA2GgNDQpBeoGe4HrdiIDheupNUpZ98ikXNo6NtMZJMyY9eVuia2ZVCrhvPKJT8vOVrAQkuBEOZ8sDT3gIR-t8Bj6DfJhMNWOKb5XIeaAaKkkAtP_iHbBP7TTzsv8amCWUs6yRHWO466V4yLIRFfm5b3xLKTNoswn-XGCVVy5zJ6DxuCLXp-hBIPUIkp6OVPWic3Kvt_BrlaVwMiIIW4hzABODh3NCwBOAEAZIFBAgEGAGSBQQIBRgEoAYugAfcqeWSBKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAPIHBBD25RrSCBQIgGEQARgdMgKKAjoCgEBIvf3BOoAKA8gLAdgTDNAVAYAXAbIXHgocCAASFHB1Yi04MDYxOTQ2NDEzNTM3OTg0GLrIFw&sigh=EiZfWTjTJ-M&uach_m=[UACH]&cid=CAQSPABygQiD5nHhWnJM0RiMoujYmh5nZGbYqApSXByjcdv-dd-V67jrVDyIXhN3jP_b37wemx_pSRtt5dWROBgB&template_id=494
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.8.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tb-in-f157.1e100.net
Software
/
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230601/r20110914/ Frame 0153 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230601/r20110914/abg_lite_fy2021.js
Requested by
Host: f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com
URL: https://f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.8.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tb-in-f132.1e100.net
Software
cafe /
Resource Hash
0f7c9dd864d72d258d50918e941413675eb7db0e7b6418e8a3b072e2c386885a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 21:45:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
6652
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8791
x-xss-protection
0
server
cafe
etag
14754480374493709716
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 21 Jun 2023 21:45:10 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230601/r20110914/client/ Frame 0153 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230601/r20110914/client/window_focus_fy2021.js
Requested by
Host: f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com
URL: https://f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.8.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tb-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 21:45:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
6661
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 21 Jun 2023 21:45:02 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 8927 		1 KB
758 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com
URL: https://f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.177.97.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tm-in-f154.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
43186
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 07 Jun 2023 11:36:15 GMT
etag
48472445140208031
expires
Thu, 08 Jun 2023 11:36:15 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230601/r20110914/client/ Frame 0153 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230601/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com
URL: https://f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.8.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tb-in-f132.1e100.net
Software
cafe /
Resource Hash
6803cee2f4dc388c4b4b7919a46731c73ac178a7f1f1e8c561bc7b10419edfc4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 21:45:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
6660
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7969
x-xss-protection
0
server
cafe
etag
12322974680428514663
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 21 Jun 2023 21:45:02 GMT
l
www.google.com/ads/measurement/ Frame 0153 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRQtlTLdD-AMJC6p3AunZVtk6_YvC53kXU5ZVN4cWffJMTpAzOOyRHWVapUdUuRCCfICI1MUE3yiazC4_ActKsJnXnXtQ
Requested by
Host: f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com
URL: https://f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f103.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0153 		173 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com
URL: https://f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.203.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
th-in-f155.1e100.net
Software
sffe /
Resource Hash
c61b54fb4bbf7083918be7066e50126d1a95e56ccc9be9fafd69deb50ac7424b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:36:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55245
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1685965250302189"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 Jun 2023 23:36:01 GMT
d955217a3c39fa1d48035534c1a62142.js
www.gstatic.com/mysidia/ Frame 0153 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/d955217a3c39fa1d48035534c1a62142.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com
URL: https://f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.188.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tk-in-f94.1e100.net
Software
sffe /
Resource Hash
a3c8d1021bd2ee3bb73e29d8fdf79a184be2c6b5ef6ba41b0a6bd09519d0dfd3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 01:11:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
167072
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13662
x-xss-protection
0
last-modified
Mon, 05 Jun 2023 22:56:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 04 Sep 2023 01:11:32 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame 0153 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcRFoRU-F3TDU92OjyAmYiskmdbgI7kM3zGZz5Xc4T4NUn-3Cr5UAmNIkO59Bg&usqp=CAI
Requested by
Host: f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com
URL: https://f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.187.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tj-in-f139.1e100.net
Software
sffe /
Resource Hash
b73a648418381a7bf2109d898780e9b7bebb0556276a97cbb7b2faf33bd88cca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 16:15:34 GMT
x-content-type-options
nosniff
age
199228
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19359
x-xss-protection
0
last-modified
Thu, 27 Apr 2023 02:06:01 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Tue, 04 Jun 2024 16:15:34 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame 0153 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcRerPUVjy-xhmWbVmE8Ljr-46G519bGmTILdCn2NXdIWYx9ds0s5W8w6DOcvg&usqp=CAI
Requested by
Host: f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com
URL: https://f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.157.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ta-in-f102.1e100.net
Software
sffe /
Resource Hash
3fefd1d90e917e50ded65a353f957caaf3d0c4004032a5a74cb54330c8f0fb03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 19:02:39 GMT
x-content-type-options
nosniff
age
102803
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28612
x-xss-protection
0
last-modified
Sun, 16 Apr 2023 07:15:58 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Wed, 05 Jun 2024 19:02:39 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame 0153 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcT77TQLg0Eel8SdfoQUIIU4jRk8N76Iuwg1buwRqZAtI4CDxZy3T8KXujObJ6U&usqp=CAI
Requested by
Host: f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com
URL: https://f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.157.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ta-in-f102.1e100.net
Software
sffe /
Resource Hash
a04de327f0c9763d3a4000c84843a306d17209411f535fe50bdb616fcf7c0fca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 05:17:49 GMT
x-content-type-options
nosniff
age
238693
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28137
x-xss-protection
0
last-modified
Wed, 19 Jul 2023 08:15:10 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Tue, 04 Jun 2024 05:17:49 GMT
13807221044435258780
tpc.googlesyndication.com/simgad/ Frame 0153
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODq2JicpwEQsAkYsAkyCOmWWTk7j0iF
  • https://tpc.googlesyndication.com/simgad/13807221044435258780
77 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13807221044435258780
Requested by
Host: f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com
URL: https://f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
142.251.8.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tb-in-f132.1e100.net
Software
sffe /
Resource Hash
87a92e159459b46d503d7ca9301e076e886bf1eb91abaae349f8b6a69deb2571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Fri, 02 Jun 2023 11:47:02 GMT
x-content-type-options
nosniff
age
474541
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79088
x-xss-protection
0
last-modified
Wed, 29 Mar 2023 14:21:14 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 01 Jun 2024 11:47:02 GMT

Redirect headers

date
Wed, 07 Jun 2023 13:31:18 GMT
x-content-type-options
nosniff
server
cafe
age
36284
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/13807221044435258780
content-type
text/html; charset=UTF-8
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 07 Jul 2023 13:31:18 GMT
css
fonts.googleapis.com/ Frame CAA0 		4 KB
705 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500
Requested by
Host: f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com
URL: https://f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.23.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tg-in-f95.1e100.net
Software
ESF /
Resource Hash
4681d619f677c1b314814309a6f00a5e0ec3f12968e807ee71def1cf42bd7808
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 07 Jun 2023 23:36:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 07 Jun 2023 23:18:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 07 Jun 2023 23:36:02 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230601/r20110914/client/ Frame CAA0 		2 KB
972 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230601/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com
URL: https://f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.8.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tb-in-f132.1e100.net
Software
cafe /
Resource Hash
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 21:45:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
6654
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
865
x-xss-protection
0
server
cafe
etag
5051423035144352294
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 21 Jun 2023 21:45:08 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame CAA0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C3CDXYBSBZN-vGYfL2gS5kLe4CrzD-f9w7_n505IRue7wyKoBEAEg2tfFOWClgICAkAGgAaHAmPEoyAEJqQIXUxv-pc6CPuACAKgDAcgDywSqBPgBT9BrS5P8xJayuDpTFVNwyAYU6zLOemoTqk67iR_F9AypYP-FYOHPB2EyqoOib4H6NQeGqm_iaA8jYRNb3r0sYe8iNwC8lXWBW2pXbkTcXeO8THgvPHQpp-Sa19Izxu70bGAhiopkJQ7YCpird3LZaVhh7VzTaWmzAGCDa51u4tx8RiBH4mxNF3AKQEBCHkcsOirAKw2Ybhx91dvovlz_7zeIRM4282mEr2-BKPTAg1MUSDyGVld6LzFHGmAJ2Np3GsAwbDPsD20S9AKL162EXwc8dbjSuuqUcrITaKnuJThm7biDvVNwbtr6hOeFN0017uadeKl9ouHABODh3NCwBOAEAZIFBAgEGAGSBQQIBRgEoAYugAfcqeWSBKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAPIHBBCCuxnSCBQIgGEQARgdMgKKAjoCgEBIvf3BOoAKA8gLAdgTDNAVAYAXAbIXHgocCAASFHB1Yi04MDYxOTQ2NDEzNTM3OTg0GLrIFw&sigh=kzd3JIc9_sU&uach_m=[UACH]&cid=CAQSPABygQiD5nHhWnJM0RiMoujYmh5nZGbYqApSXByjcdv-dd-V67jrVDyIXhN3jP_b37wemx_pSRtt5dWROBgB&template_id=494
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.8.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tb-in-f157.1e100.net
Software
/
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230601/r20110914/ Frame CAA0 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230601/r20110914/abg_lite_fy2021.js
Requested by
Host: f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com
URL: https://f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.8.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tb-in-f132.1e100.net
Software
cafe /
Resource Hash
0f7c9dd864d72d258d50918e941413675eb7db0e7b6418e8a3b072e2c386885a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 21:45:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
6652
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8791
x-xss-protection
0
server
cafe
etag
14754480374493709716
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 21 Jun 2023 21:45:10 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230601/r20110914/client/ Frame CAA0 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230601/r20110914/client/window_focus_fy2021.js
Requested by
Host: f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com
URL: https://f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.8.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tb-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 21:45:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
6661
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 21 Jun 2023 21:45:02 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 8DFA 		1 KB
677 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com
URL: https://f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.177.97.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tm-in-f154.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
43186
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 07 Jun 2023 11:36:15 GMT
etag
48472445140208031
expires
Thu, 08 Jun 2023 11:36:15 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230601/r20110914/client/ Frame CAA0 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230601/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com
URL: https://f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.8.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tb-in-f132.1e100.net
Software
cafe /
Resource Hash
6803cee2f4dc388c4b4b7919a46731c73ac178a7f1f1e8c561bc7b10419edfc4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 21:45:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
6660
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7969
x-xss-protection
0
server
cafe
etag
12322974680428514663
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 21 Jun 2023 21:45:02 GMT
l
www.google.com/ads/measurement/ Frame CAA0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSJCnTFVeMLDZay9JY1wA1lDsY-nghf_5Xe0eSRizlEY_4qVuOTbJIE7AglgqW0-DbPc0NslUK4HDjBSkmMZC-C66se8g
Requested by
Host: f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com
URL: https://f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f103.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CAA0 		173 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com
URL: https://f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.203.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
th-in-f155.1e100.net
Software
sffe /
Resource Hash
c61b54fb4bbf7083918be7066e50126d1a95e56ccc9be9fafd69deb50ac7424b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:36:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55245
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1685965250302189"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 Jun 2023 23:36:01 GMT
d955217a3c39fa1d48035534c1a62142.js
www.gstatic.com/mysidia/ Frame CAA0 		32 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/d955217a3c39fa1d48035534c1a62142.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com
URL: https://f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.188.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tk-in-f94.1e100.net
Software
sffe /
Resource Hash
a3c8d1021bd2ee3bb73e29d8fdf79a184be2c6b5ef6ba41b0a6bd09519d0dfd3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 01:11:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
167072
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13662
x-xss-protection
0
last-modified
Mon, 05 Jun 2023 22:56:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 04 Sep 2023 01:11:32 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame CAA0 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcRerPUVjy-xhmWbVmE8Ljr-46G519bGmTILdCn2NXdIWYx9ds0s5W8w6DOcvg&usqp=CAI
Requested by
Host: f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com
URL: https://f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.157.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ta-in-f102.1e100.net
Software
sffe /
Resource Hash
3fefd1d90e917e50ded65a353f957caaf3d0c4004032a5a74cb54330c8f0fb03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 19:02:39 GMT
x-content-type-options
nosniff
age
102803
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28612
x-xss-protection
0
last-modified
Sun, 16 Apr 2023 07:15:58 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Wed, 05 Jun 2024 19:02:39 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame CAA0 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQVg6rXcIB_m4LLB_SEpFNVK2S88vdngDDaXWfwtKoty-uQVOwJuWYQmzfU-Q&usqp=CAI
Requested by
Host: f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com
URL: https://f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.177.97.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tm-in-f100.1e100.net
Software
sffe /
Resource Hash
83985e5a86d1aff0f10552f406ed13bc024bb32be3ae53afeca953cc4f8436b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sun, 04 Jun 2023 00:02:17 GMT
x-content-type-options
nosniff
age
344025
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23674
x-xss-protection
0
last-modified
Mon, 31 Jul 2023 15:27:58 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Mon, 03 Jun 2024 00:02:17 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame CAA0 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQOaAUR4S-MX45YBCiZZREcQGZIeGz-S_e8GuqEzDfla4yOFjhdtVu6D_s9UQ&usqp=CAI
Requested by
Host: f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com
URL: https://f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.187.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tj-in-f139.1e100.net
Software
sffe /
Resource Hash
24ac4fb5d794709ca627c0d203be04a40e9748c3741a1166352da03dadf357db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Fri, 02 Jun 2023 22:07:12 GMT
x-content-type-options
nosniff
age
437330
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9497
x-xss-protection
0
last-modified
Wed, 14 Dec 2022 01:08:14 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sat, 01 Jun 2024 22:07:12 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame CAA0 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcSCbyjXAoNQV09rZAS981VifWFe5yC24quxQu2H1vG0-qS0fRGUjuhpJAXQ4qY&usqp=CAI
Requested by
Host: f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com
URL: https://f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.187.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tj-in-f139.1e100.net
Software
sffe /
Resource Hash
1b9b0824b3e8129287b1654c22a44a84231b5f9c0af2f629a34edc59ffa3cf47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:36:02 GMT
x-content-type-options
nosniff
last-modified
Sat, 01 Jul 2023 07:53:19 GMT
server
sffe
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17719
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Thu, 06 Jun 2024 23:36:02 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame CAA0 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQ-W_b21Ig9SA2A5blSBliPVXrdmKzaJhSeSUkdFf8dm1_0zjqJvL1wSp6LXQ&usqp=CAI
Requested by
Host: f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com
URL: https://f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.187.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tj-in-f139.1e100.net
Software
sffe /
Resource Hash
636f770fef14b2e16ad04545da1c9a975ce772225e9a391752938da85221c490
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Fri, 02 Jun 2023 04:32:28 GMT
x-content-type-options
nosniff
age
500614
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24796
x-xss-protection
0
last-modified
Mon, 31 Jul 2023 12:29:18 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sat, 01 Jun 2024 04:32:28 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame CAA0 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcT77TQLg0Eel8SdfoQUIIU4jRk8N76Iuwg1buwRqZAtI4CDxZy3T8KXujObJ6U&usqp=CAI
Requested by
Host: f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com
URL: https://f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.157.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ta-in-f102.1e100.net
Software
sffe /
Resource Hash
a04de327f0c9763d3a4000c84843a306d17209411f535fe50bdb616fcf7c0fca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 05:17:49 GMT
x-content-type-options
nosniff
age
238693
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28137
x-xss-protection
0
last-modified
Wed, 19 Jul 2023 08:15:10 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Tue, 04 Jun 2024 05:17:49 GMT
shopping
encrypted-tbn1.gstatic.com/ Frame CAA0 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQpzPB1CArw0pPk4RCf9qtAdeT4yDYUwWmftNqllHKp48ZE7EfUICFlL_Aecg&usqp=CAI
Requested by
Host: f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com
URL: https://f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.8.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tb-in-f101.1e100.net
Software
sffe /
Resource Hash
e461b281292f9c0a421c3773dbaa82d534a534de4c7b93ade129306f9aec625a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 19:31:23 GMT
x-content-type-options
nosniff
age
14679
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28345
x-xss-protection
0
last-modified
Sat, 22 Apr 2023 04:50:39 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Thu, 06 Jun 2024 19:31:23 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame CAA0 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcTag9vON6J3GGz3GLWiAGbU9osYsodIyrhJR2cnYiq3WFLKyxhALzJdii3soFM&usqp=CAI
Requested by
Host: f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com
URL: https://f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.187.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tj-in-f139.1e100.net
Software
sffe /
Resource Hash
e1d7e170cc51717fbf416a2aace920766635d079bb0a31612dd3327f03271fb5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:36:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 16 Apr 2023 08:26:15 GMT
server
sffe
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36432
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Thu, 06 Jun 2024 23:36:02 GMT
13807221044435258780
tpc.googlesyndication.com/simgad/ Frame CAA0
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODq2JicpwEQsAkYsAkyCOmWWTk7j0iF
  • https://tpc.googlesyndication.com/simgad/13807221044435258780
77 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13807221044435258780
Requested by
Host: f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com
URL: https://f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
142.251.8.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tb-in-f132.1e100.net
Software
sffe /
Resource Hash
87a92e159459b46d503d7ca9301e076e886bf1eb91abaae349f8b6a69deb2571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Fri, 02 Jun 2023 11:47:02 GMT
x-content-type-options
nosniff
age
474540
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79088
x-xss-protection
0
last-modified
Wed, 29 Mar 2023 14:21:14 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 01 Jun 2024 11:47:02 GMT

Redirect headers

date
Wed, 07 Jun 2023 13:31:18 GMT
x-content-type-options
nosniff
server
cafe
age
36284
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/13807221044435258780
content-type
text/html; charset=UTF-8
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 07 Jul 2023 13:31:18 GMT
truncated
/ Frame 9524 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e51a422946d39c99edfbc932f58ad6a1fa613f32019e5620a980f05d82eff7cc

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type
image/png
rtd
id.hadron.ad.gt/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/api/v1/rtd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.4.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.themarysue.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
allow
POST, OPTIONS, GET
cf-cache-status
DYNAMIC
cf-ray
7d3cb702cd61a95b-SYD
content-length
0
content-type
application/json
date
Wed, 07 Jun 2023 23:36:01 GMT
debug
rtd-nx-sv
server
cloudflare
rtd
id.hadron.ad.gt/api/v1/ 		27 B
106 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/api/v1/rtd
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.4.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33c1ab6a01b4049878497c2874d8cbb72e14ee7cf14fafec3c09b45f9874b67e

Request headers

Referer
https://www.themarysue.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 07 Jun 2023 23:36:02 GMT
cf-cache-status
DYNAMIC
server
cloudflare
allow
POST, OPTIONS, GET
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
debug
rtd-nx-sv
access-control-allow-headers
*
content-length
27
cf-ray
7d3cb704d83ba95b-SYD
integrator.js
adservice.google.com.au/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=www.themarysue.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.188.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tk-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:36:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.themarysue.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.23.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tg-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:36:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		806 B
425 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=798598736179353&correlator=1678853765788472&eid=31075123&output=ldjh&gdfp_req=1&vrg=202306010101&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&iu_parts=15184186%3A143457427%2Cthemarysuecom_skin&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=7&adks=2435532307&didk=2056009102&sfv=1-0-40&ris=2&rcs=1&prev_scp=fsrefresh%3D0%26fsrebid%3D1%26floors_id%3D9c0a23%26floors_hour%3D23%26fs_placementName%3Dthemarysuecom_skin%26fs_ad_product%3Dbanner%26fsbid%3Dtimeout&eri=1&cust_params=fs_session_id%3Deac238a2-c3cf-4012-b74f-202f249204cd%26fs_pageview_id%3D467c09e737c428e12e34396bcf246b30%26user-agent%3DChrome%26fs_used_optimise%3Dtrue%26floors_user%3D1%26floors_rtt%3D168%26fs_clientservermask%3D02011313222223220122%26fs_testgroup%3Doptimised&sc=1&cookie=ID%3D9372269f8aff243a-22b402b1d6e10025%3AT%3D1686180955%3ART%3D1686180955%3AS%3DALNI_MZEC4oGgdvfpuZbQtiJ291Z7Cd_1A&gpic=UID%3D00000c454dcfe687%3AT%3D1686180955%3ART%3D1686180955%3AS%3DALNI_MYF8Gt8GeVMjgxLKZo4mtkGhzLZqA&abxe=1&dt=1686180961701&lmt=1686180961&dlt=1686180944291&idt=13428&adxs=0&adys=109&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.themarysue.com%2F&frm=20&vis=1&psz=1600x7869&msz=1600x0&fws=0&ohw=0&psts=ABHeCvgraOWho89YGWz0_Rh3guPdMz1pPrs7u4ptFoc14WJ_ERQHLby0zCn8R6ODyMFE_MBU3nCTiQ-KZCl6EbA%2CABHeCvicX7v1cJhNyfVWwi3vAlYu3-QLlvvOMBbxrjo2HS69zz9xW7dSzRXdqwQNZJMih9kn_wnZqkz22xLJ4JM&ga_vid=2003950130.1686180950&ga_sid=1686180954&ga_hid=552143194&ga_fc=true&a3p=EhsKDGlkNS1zeW5jLmNvbRiJp97BiTFIAFICCGQSHAoNY3J3ZGNudHJsLm5ldBiJp97BiTFIAFICCGQSGQoKcHViY2lkLm9yZxiJp97BiTFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20YiafewYkxSABSAghkEhcKCHJ0YmhvdXNlGImn3sGJMUgAUgIIZBIUCgVvcGVueBiJp97BiTFIAFICCGQ.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.8.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tb-in-f157.1e100.net
Software
cafe /
Resource Hash
fe5b2cfe6d89a7451bd795b5294b49ff42fbe6a1612910d9d71b2bbcd8022d04
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:36:02 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
341
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.themarysue.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8927
Redirect Chain
  • https://v9999.adv.admeme.net/drtb/n?google_gid=CAESELAlUJ45waiNuS9-Ix_UReY&google_cver=1&google_push=ATf1kGNN0WIiOmlB94CjPQaQHrZWXWlK9sscsK53KbhOTkNJmfrrnLJtkwz2KvZQZoBnpVKrx8eEkd-kSdQGzrSl8EbzYDsZQcs
  • https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=ATf1kGNN0WIiOmlB94CjPQaQHrZWXWlK9sscsK53KbhOTkNJmfrrnLJtkwz2KvZQZoBnpVKrx8eEkd-kSdQGzrSl8EbzYDsZQcs
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=ATf1kGNN0WIiOmlB94CjPQaQHrZWXWlK9sscsK53KbhOTkNJmfrrnLJtkwz2KvZQZoBnpVKrx8eEkd-kSdQGzrSl8EbzYDsZQcs
Requested by
Host: f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com
URL: https://f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
173.194.174.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
td-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
http://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=ATf1kGNN0WIiOmlB94CjPQaQHrZWXWlK9sscsK53KbhOTkNJmfrrnLJtkwz2KvZQZoBnpVKrx8eEkd-kSdQGzrSl8EbzYDsZQcs
Date
Wed, 07 Jun 2023 23:36:03 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 8927
Redirect Chain
  • https://fksnk.com/cs/google?google_gid=CAESEB272XXutDrvSs0C6FO3cvM&google_cver=1&google_push=ATf1kGP_wKunNtQbQKZgnnjrp1Ii9SD9L-COZLWCK-anChv3CoIBiwrhca0ogpfGFJ3FYnadVMmQxY2JR0TXWmUCzqrwfMA6cP0i
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=NDFFMzczNjA5NDE4RjIwQw==
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=NDFFMzczNjA5NDE4RjIwQw==
Requested by
Host: f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com
URL: https://f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
173.194.174.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
td-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=NDFFMzczNjA5NDE4RjIwQw==
date
Wed, 07 Jun 2023 23:36:02 GMT
content-language
en-US
content-type
text/html;charset=ISO-8859-1
pixel
cm.g.doubleclick.net/ Frame 8927
Redirect Chain
  • https://a.c.appier.net/gcm?google_gid=CAESEPr1Fm_LKwtbPYSo0jrBCkc&google_cver=1&google_push=ATf1kGNZgWH74ZIpioupU6XpgS-AXk9UIyOCpL_YKg3qwww5RdZL1fGBle9hR9dWzF9lHZd2XXa1sjktX2mOg4SFauLAr4r_OM95
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=Y29jVTZySWZEeEt1cGRqYVloU0JaQQ%3D%3D&google_push=ATf1kGNZgWH74ZIpioupU6XpgS-AXk9UIyOCpL_YKg3qwww5RdZL1fGBle9hR9dWzF9lHZd2XXa1sjktX2mOg...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=Y29jVTZySWZEeEt1cGRqYVloU0JaQQ%3D%3D&google_push=ATf1kGNZgWH74ZIpioupU6XpgS-AXk9UIyOCpL_YKg3qwww5RdZL1fGBle9hR9dWzF9lHZd2XXa1sjktX2mOg4SFauLAr4r_OM95
Requested by
Host: f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com
URL: https://f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
173.194.174.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
td-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=Y29jVTZySWZEeEt1cGRqYVloU0JaQQ%3D%3D&google_push=ATf1kGNZgWH74ZIpioupU6XpgS-AXk9UIyOCpL_YKg3qwww5RdZL1fGBle9hR9dWzF9lHZd2XXa1sjktX2mOg4SFauLAr4r_OM95
date
Wed, 07 Jun 2023 23:36:02 GMT
cache-control
no-store
content-type
text/html; charset=utf-8
server
nginx
content-length
243
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pixel
cm.g.doubleclick.net/ Frame 8927
Redirect Chain
  • https://cs.r-ad.ne.jp/2/cs?google_gid=CAESEO3yzFF3n02ZjWSo2idFeI4&google_cver=1&google_push=ATf1kGMD2s7Ci3_zLCOA-8LDg0V7bhoT23coIjUH61g44WUHtkl7JLQ2VOtbl_yXRPbmtOXfFkZpeXPcdP8-Bj9XUz7ldYwoAS6g
  • https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=ATf1kGMD2s7Ci3_zLCOA-8LDg0V7bhoT23coIjUH61g44WUHtkl7JLQ2VOtbl_yXRPbmtOXfFkZpeXPcdP8-Bj9XUz7ldYwoAS6g&google_hm=NTRsTmEyMDE4QkREYTAwN0x...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=ATf1kGMD2s7Ci3_zLCOA-8LDg0V7bhoT23coIjUH61g44WUHtkl7JLQ2VOtbl_yXRPbmtOXfFkZpeXPcdP8-Bj9XUz7ldYwoAS6g&google_hm=NTRsTmEyMDE4QkREYTAwN0xLRTk
Requested by
Host: f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com
URL: https://f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
173.194.174.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
td-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-store, no-cache
Date
Wed, 07 Jun 2023 23:36:02 GMT
Server
nginx
P3P
CP="NON DSP COR CURa ADMa DEVa CUSo TAIa PSDo OUR BUS UNI COM NAV STA"
location
//cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=ATf1kGMD2s7Ci3_zLCOA-8LDg0V7bhoT23coIjUH61g44WUHtkl7JLQ2VOtbl_yXRPbmtOXfFkZpeXPcdP8-Bj9XUz7ldYwoAS6g&google_hm=NTRsTmEyMDE4QkREYTAwN0xLRTk
cache-control
private, no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
X-SID
159f32b0
pixel
cm.g.doubleclick.net/ Frame 8927
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEBHIINvHO9AnzZeU0crr7Ig&google_cver=1&google_push=ATf1kGObytt7kYVCgJ_ZKOqZdrq6BMez8Q_bQyvOa5W6LHhll5uqv0ygVDrXmXm14Rjfmud21N0pRhnF0RUbICb1...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=a07f2109&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=ATf1kGObytt7kYVCgJ_ZKOqZdrq6BMez8Q_bQyvOa5W6LHhl...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=a07f2109&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=ATf1kGObytt7kYVCgJ_ZKOqZdrq6BMez8Q_bQyvOa5W6LHhll5uqv0ygVDrXmXm14Rjfmud21N0pRhnF0RUbICb1uM8Kkbn1GeL5
Requested by
Host: f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com
URL: https://f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
173.194.174.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
td-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 07 Jun 2023 23:36:03 GMT
via
1.1 c67a090a0e09bb726997ec57a3515b9e.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
HKG62-C2
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=a07f2109&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=ATf1kGObytt7kYVCgJ_ZKOqZdrq6BMez8Q_bQyvOa5W6LHhll5uqv0ygVDrXmXm14Rjfmud21N0pRhnF0RUbICb1uM8Kkbn1GeL5
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
FRoaXaTaQY1O5PB6uIFy7iPoI6cGLKSwYKB_prcas25T-xzQldCrYA==
report
sync.teads.tv/um/ Frame 8927
Redirect Chain
  • https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESENXdxPzCxEmnRscx6iN342A&...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=NjRkY2ZmOWMtZDE2MS00YzdiLWExMTctZjI1ZjU5ZDlkOWY0&google_push=ATf1kGPJ9-HBDsMi5-vBQ-m01zsW497N4P9tEoI8-d20vQ6iD4wMKsQXTKRngh5LnofjM...
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by
Host: f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com
URL: https://f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
23.73.13.34 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-73-13-34.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires
Wed, 07 Jun 2023 23:36:03 GMT
pragma
no-cache
date
Wed, 07 Jun 2023 23:36:03 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8927
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEMNbr_ECR...
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEMN...
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=4f0664f5-7787-47d1-8469-677d4e269b7e&%%GOOGLE_PUSH_PAIR%%
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=4f0664f5-7787-47d1-8469-677d4e269b7e&%%GOOGLE_PUSH_PAIR%%
Requested by
Host: f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com
URL: https://f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
173.194.174.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
td-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=4f0664f5-7787-47d1-8469-677d4e269b7e&%%GOOGLE_PUSH_PAIR%%
Date
Wed, 07 Jun 2023 23:36:02 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
attr
cm.g.doubleclick.net/pixel/ Frame 8927 		0
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KrPK1EatlhpBSE6F00ZmT5YBpsYEyEi0pdSHCzMppZuByW5D6Rt-xA9Nqi_9s4uWKfjqbKPMI
Requested by
Host: f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com
URL: https://f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.174.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
td-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:36:02 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 8DFA
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEGTGXpJ8yOUfUbjFIJOz5Sk&google_cver=1&google_push=ATf1kGNoGJlCnNOr967a7uB78IIfm8I7AXHhAYk9Oxp8CpFoGBTFSOq8g8sqsmRxEZurf6121gTyfXfFPgOqAKwS...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGNoGJlCnNOr967a7uB78IIfm8I7AXHhAYk9Oxp8CpFoGBTFSOq8g8sqsmRxEZurf6121gTyfXfFPgOqAKwSUTn-U1gwrXg
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGNoGJlCnNOr967a7uB78IIfm8I7AXHhAYk9Oxp8CpFoGBTFSOq8g8sqsmRxEZurf6121gTyfXfFPgOqAKwSUTn-U1gwrXg
Requested by
Host: f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com
URL: https://f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
173.194.174.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
td-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Wed, 07 Jun 2023 23:36:02 GMT
Server
MT3 933 7933424 master hkg-pixel-x2 config_version:"1021"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGNoGJlCnNOr967a7uB78IIfm8I7AXHhAYk9Oxp8CpFoGBTFSOq8g8sqsmRxEZurf6121gTyfXfFPgOqAKwSUTn-U1gwrXg
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 07 Jun 2023 23:36:01 GMT
pixel
cm.g.doubleclick.net/ Frame 8DFA
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEGRkhBStl8fYlirpNbr9efw&google_cver=1&google_push=ATf1kGNI98QuXyehU3qW5bWCzzmKRKU-8ldYCThN7rkDznvUvozAccAbN6yezJHR4kkSdGDugfxGx1ddvIOFXcVfrZcAMLU...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGNI98QuXyehU3qW5bWCzzmKRKU-8ldYCThN7rkDznvUvozAccAbN6yezJHR4kkSdGDugfxGx1ddvIOFXcVfrZcAMLU5xqCY&google_hm=eS1VbUtVam10RTJwR21zd1...
170 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGNI98QuXyehU3qW5bWCzzmKRKU-8ldYCThN7rkDznvUvozAccAbN6yezJHR4kkSdGDugfxGx1ddvIOFXcVfrZcAMLU5xqCY&google_hm=eS1VbUtVam10RTJwR21zd1RtcGtsaVRkWlRSb015cEJoan5B
Requested by
Host: f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com
URL: https://f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
173.194.174.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
td-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 07 Jun 2023 23:36:02 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGNI98QuXyehU3qW5bWCzzmKRKU-8ldYCThN7rkDznvUvozAccAbN6yezJHR4kkSdGDugfxGx1ddvIOFXcVfrZcAMLU5xqCY&google_hm=eS1VbUtVam10RTJwR21zd1RtcGtsaVRkWlRSb015cEJoan5B
content-length
0
pixel
cm.g.doubleclick.net/ Frame 8DFA
Redirect Chain
  • https://dynalyst-sync.adtdp.com/pixel?pid=10&google_gid=CAESEMo1s1RUvZsa-7sqVyedQ9g&google_cver=1&google_push=ATf1kGNMbYL7nX5HeuAKmz9cGPDg3ImROaiIHgTxMxs6QXY_Y2ind0NWxGx-CzSiXdlbzjdeRObRuWWY6ZZNmfD...
  • https://cm.g.doubleclick.net/pixel?google_nid=cyberagent_dynalyst&google_hm=MTM4NzE2ODg2NTE&google_push=ATf1kGNMbYL7nX5HeuAKmz9cGPDg3ImROaiIHgTxMxs6QXY_Y2ind0NWxGx-CzSiXdlbzjdeRObRuWWY6ZZNmfDT-g_Dt...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=cyberagent_dynalyst&google_hm=MTM4NzE2ODg2NTE&google_push=ATf1kGNMbYL7nX5HeuAKmz9cGPDg3ImROaiIHgTxMxs6QXY_Y2ind0NWxGx-CzSiXdlbzjdeRObRuWWY6ZZNmfDT-g_DttcSLEAI
Requested by
Host: f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com
URL: https://f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
173.194.174.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
td-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=cyberagent_dynalyst&google_hm=MTM4NzE2ODg2NTE&google_push=ATf1kGNMbYL7nX5HeuAKmz9cGPDg3ImROaiIHgTxMxs6QXY_Y2ind0NWxGx-CzSiXdlbzjdeRObRuWWY6ZZNmfDT-g_DttcSLEAI
Date
Wed, 07 Jun 2023 23:36:02 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 8DFA
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google_jp&google_gid=CAESEA62_OG8TPskrXxCRRgJ5PM&google_cver=1&google_push=ATf1kGOtR-KPQcAmxAXAj1zOUGS54oiShoBwhiYipePhCAF9hiCJvAsOIswfmP_tOdmsK-h-WYJPduXuzV3ofG7ZW...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google_jp&google_gid=CAESEA62_OG8TPskrXxCRRgJ5PM&google_cver=1&google_push=ATf1kGOtR-KPQcAmxAXAj1zOUGS54oiShoBwhiYipePhCAF9hiCJvAsOIswfmP_tOdmsK-h-WYJPduXuzV3...
  • https://cm.g.doubleclick.net/pixel?google_nid=iponweb_japan&google_push=ATf1kGOtR-KPQcAmxAXAj1zOUGS54oiShoBwhiYipePhCAF9hiCJvAsOIswfmP_tOdmsK-h-WYJPduXuzV3ofG7ZWvgiwMuNnn6e&google_hm=TwZk9XeHR9GEaW...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=iponweb_japan&google_push=ATf1kGOtR-KPQcAmxAXAj1zOUGS54oiShoBwhiYipePhCAF9hiCJvAsOIswfmP_tOdmsK-h-WYJPduXuzV3ofG7ZWvgiwMuNnn6e&google_hm=TwZk9XeHR9GEaWd9Tiabfg==
Requested by
Host: f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com
URL: https://f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
173.194.174.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
td-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=iponweb_japan&google_push=ATf1kGOtR-KPQcAmxAXAj1zOUGS54oiShoBwhiYipePhCAF9hiCJvAsOIswfmP_tOdmsK-h-WYJPduXuzV3ofG7ZWvgiwMuNnn6e&google_hm=TwZk9XeHR9GEaWd9Tiabfg==
Date
Wed, 07 Jun 2023 23:36:02 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 8DFA
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEHVwE7bQCHb5xLY2elWrmMY&google_cver=1&google_push=ATf1kGOjdsacsC_hydKtX2q-iJBue2MaC8YQMZWxk1lShu3oa4bJz1oxCEQ2L2pGOYLtNCTznFTHGl4mKTtlwp2i0VmEn8e4PURv
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=ATf1kGOjdsacsC_hydKtX2q-iJBue2MaC8YQMZWxk1lShu3oa4bJz1oxCEQ2L2pGOYLtNCTznFTHGl4mKTtlwp2i0VmEn8e4PURv&google_hm=7wPrO4zYz14XaX7XWHUYTA==
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=ATf1kGOjdsacsC_hydKtX2q-iJBue2MaC8YQMZWxk1lShu3oa4bJz1oxCEQ2L2pGOYLtNCTznFTHGl4mKTtlwp2i0VmEn8e4PURv&google_hm=7wPrO4zYz14XaX7XWHUYTA==
Requested by
Host: f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com
URL: https://f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
173.194.174.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
td-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:02 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=ATf1kGOjdsacsC_hydKtX2q-iJBue2MaC8YQMZWxk1lShu3oa4bJz1oxCEQ2L2pGOYLtNCTznFTHGl4mKTtlwp2i0VmEn8e4PURv&google_hm=7wPrO4zYz14XaX7XWHUYTA==
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
229
pixel
cm.g.doubleclick.net/ Frame 8DFA
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEBHIINvHO9AnzZeU0crr7Ig&google_cver=1&google_push=ATf1kGNpNbvDfId0ZKZguH0GX8CddD32BiEusgc8VuuhaZgg7_tT8qoFFZAGFrriHd9KO2Y544wfX_CKyseK52b8...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=221b0855&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=ATf1kGNpNbvDfId0ZKZguH0GX8CddD32BiEusgc8VuuhaZgg...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=221b0855&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=ATf1kGNpNbvDfId0ZKZguH0GX8CddD32BiEusgc8VuuhaZgg7_tT8qoFFZAGFrriHd9KO2Y544wfX_CKyseK52b8BXLnoLF4ScMz
Requested by
Host: f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com
URL: https://f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
173.194.174.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
td-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 07 Jun 2023 23:36:03 GMT
via
1.1 c67a090a0e09bb726997ec57a3515b9e.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
HKG62-C2
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=221b0855&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=ATf1kGNpNbvDfId0ZKZguH0GX8CddD32BiEusgc8VuuhaZgg7_tT8qoFFZAGFrriHd9KO2Y544wfX_CKyseK52b8BXLnoLF4ScMz
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
8aHA-eyyto78bee_reKBAn1PN0GES0v1fZ_JqiBE9DC7pwQF3qD5ag==
pixel
cm.g.doubleclick.net/ Frame 8DFA
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEMNbr_ECR...
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEMN...
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=4f0664f5-7787-47d1-8469-677d4e269b7e&%%GOOGLE_PUSH_PAIR%%
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=4f0664f5-7787-47d1-8469-677d4e269b7e&%%GOOGLE_PUSH_PAIR%%
Requested by
Host: f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com
URL: https://f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
173.194.174.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
td-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=4f0664f5-7787-47d1-8469-677d4e269b7e&%%GOOGLE_PUSH_PAIR%%
Date
Wed, 07 Jun 2023 23:36:02 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
attr
cm.g.doubleclick.net/pixel/ Frame 8DFA 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LBkmAyMur1Gkx_XOvcQsTKMKfUfHZzvWovAzRGGfdV39sy7kV4l6WJ3J_KRvGLXMHr_8OOqQ
Requested by
Host: f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com
URL: https://f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.174.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
td-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:36:02 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
setuid
s2s.t13.io/ Frame A7F6 		0
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2s.t13.io/setuid?bidder=openx&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&f=b&uid=098beec8-9cc1-4599-9a91-f2750a37e07b
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:01 GMT
via
1.1 google
content-type
text/html
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0
sd
us-u.openx.net/w/1.0/ Frame A7F6
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=7398971242702350507&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=7398971242702350507&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:03 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=7398971242702350507&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Wed, 07 Jun 2023 23:36:03 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
us-u.openx.net/w/1.0/ Frame A7F6
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=30556107-255e-7670-f11d-32608b6c22f6&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=58f19e0b-0c54-4c75-92e1-bfa769476430&ttd_puid=30556107-255e-7670-f11d-32608b6c22f6&gdpr=0&gdpr_consent=
43 B
314 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=58f19e0b-0c54-4c75-92e1-bfa769476430&ttd_puid=30556107-255e-7670-f11d-32608b6c22f6&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:02 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:01 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=58f19e0b-0c54-4c75-92e1-bfa769476430&ttd_puid=30556107-255e-7670-f11d-32608b6c22f6&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
335
sd
jp-u.openx.net/w/1.0/ Frame A7F6
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=openx
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZIEUXsCo8X4AACKnetcAAAAA
43 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZIEUXsCo8X4AACKnetcAAAAA
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:02 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Wed, 07 Jun 2023 23:36:01 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":0,"gdpr":false,"ipv4":"66.203.112.162","key":"ZIEUXsCo8X4AACKnetcAAAAA","privacy_sensitive":false,"uid":"ZIEUXsCo8X4AACKnetcAAAAA","upstream_id":"m-ad230"}
X-SO-Key
ZIEUXsCo8X4AACKnetcAAAAA
X-SO-Upstream-ID
m-ad230
P3P
CP="See also http://www.scaleout.jp/privacy/"
X-SO-HostName
m-ad230.dc4p.scaleout.jp
X-SO-UID
ZIEUXsCo8X4AACKnetcAAAAA
Connection
keep-alive
Content-Length
0
X-SO-IP
66.203.112.162
X-SO-Cluster-ID
0
Server
nginx
Location
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZIEUXsCo8X4AACKnetcAAAAA
Cache-Control
private
X-SO-Ads-Time
2
X-SO-LB-Hostname
m-tgng26.dc4p.scaleout.jp
sd
jp-u.openx.net/w/1.0/ Frame A7F6
Redirect Chain
  • https://cr-p3.ladsp.com/cookiesender/3
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AeftSTT4Xl5Pks8AD7MOn2lKHM8AAAGImDekKA
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AeftSTT4Xl5Pks8AD7MOn2lKHM8AAAGImDekKA
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:03 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:03 GMT
via
1.1 5b349d62daf165d04da9d3f5802bc61e.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
HKG62-C2
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AeftSTT4Xl5Pks8AD7MOn2lKHM8AAAGImDekKA
cache-control
no-cache
content-length
0
x-amz-cf-id
vUpeKGwK9JErwYAPn6DIo8OIZeQk3hqY10J4U4zaYsd8Itt4pSzgbg==
expires
-1
pixel
cm.g.doubleclick.net/ Frame A7F6 		170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MWMzYWIyY2QtZWMyOS0yOGQ0LWU0ZmQtNjhkOTQxOGVlYzk2
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.174.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
td-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame A7F6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJCwEWvCZmM-XcBLTPNiT6M&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJCwEWvCZmM-XcBLTPNiT6M&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:02 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJCwEWvCZmM-XcBLTPNiT6M&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
c
c.pub.network/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.themarysue.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.themarysue.com
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Wed, 07 Jun 2023 23:36:02 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
via
1.1 google
c
c.pub.network/v2/ 		36 B
53 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/analytics/1.1.1/analytics.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
8062317f6f2f91e260868f04ff72ca4a157a0205e9d15d4a89ef6885ab85f313

Request headers

Referer
https://www.themarysue.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 07 Jun 2023 23:36:02 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://www.themarysue.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
setuid
s2s.t13.io/
Redirect Chain
  • https://ads.yieldmo.com/pbsync?gdpr=&gdpr_consent=&us_privacy=1---&redirectUri=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dyieldmo%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_si...
  • https://s2s.t13.io/setuid?bidder=yieldmo&gpp=&gpp_sid=&f=i&uid=3haKaqqnn7qBvSfBmBEa&gdpr=&gdpr_consent=&us_privacy=1---
86 B
115 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2s.t13.io/setuid?bidder=yieldmo&gpp=&gpp_sid=&f=i&uid=3haKaqqnn7qBvSfBmBEa&gdpr=&gdpr_consent=&us_privacy=1---
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:17 GMT
content-encoding
gzip
via
1.1 google
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0

Redirect headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:17 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://s2s.t13.io/setuid?bidder=yieldmo&gpp=&gpp_sid=&f=i&uid=3haKaqqnn7qBvSfBmBEa&gdpr=&gdpr_consent=&us_privacy=1---
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
ping
ping.chartbeat.net/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=themarysue.com&p=%2F&u=Bk6PxfBBtijSC_JcPD&d=themarysue.com&g=66987&g0=No%20Section&g1=No%20Author&n=1&f=00001&c=0.25&x=0&m=0&y=8189&o=1600&w=1200&j=30&R=1&W=0&I=0&E=5&e=5&r=&PA=https%3A%2F%2Fwww.themarysue.com%2F&b=4833&t=fBnkJD1A_8ICVfMBHPMyIrBHgsMl&V=139&tz=0&sn=2&sv=DWO7GuDcqI2VCvA4tWBj30QnDmFtmC&sd=1&im=067b0fff&_
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.222.109.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-109-236.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 07 Jun 2023 23:36:17 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
translator
hbopenbid.pubmatic.com/ Frame 525D 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_9.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.78 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.themarysue.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.themarysue.com
date
Wed, 07 Jun 2023 23:36:02 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
liveInternalSsp.php
live.primis.tech/live/ Frame 525D 		25 B
491 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveInternalSsp.php
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_9.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.167.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-167-7.hkg54.r.cloudfront.net
Software
nginx /
Resource Hash
1d16d42e33c80a00df5f4c6a514edbfaa985a2cdf0d33b4f76f90a6625b773b7

Request headers

Referer
https://www.themarysue.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:02 GMT
content-encoding
gzip
via
1.1 52c5ddb029eae46cd9dad0cfd50b5b8e.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
HKG54-C1
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.themarysue.com
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
access-control-allow-credentials
true
x-amz-cf-id
D6q_pcx-XK4lXm723L6ZSDHDIuFupx5j_gO8zLi_-50L7qSgcW97ZQ==
hb-mm-multi
hb.minutemedia-prebid.com/ Frame 525D 		105 B
455 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_9.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.249.124.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-124-14.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
0eb9b1b5acb815d19f73c2983fe9d764d3df184aabd4be90271aa7c4d414f743

Request headers

Referer
https://www.themarysue.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 07 Jun 2023 23:36:03 GMT
server
istio-envoy
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.themarysue.com
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
11
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
105
PugMaster
image6.pubmatic.com/AdServer/ Frame C2C5 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=73294023&p=159196&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
5f81683a6e71deb2fdab7899bae51d7d6a80990ce79732a91f188bc1e2226f81

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Wed, 07 Jun 2023 23:36:03 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f94.1e100.net
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.themarysue.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sun, 04 Jun 2023 09:40:23 GMT
x-content-type-options
nosniff
age
309340
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 03 Jun 2024 09:40:23 GMT
c
c.pub.network/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.themarysue.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.themarysue.com
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Wed, 07 Jun 2023 23:36:02 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
via
1.1 google
c
c.pub.network/v2/ 		36 B
53 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/analytics/1.1.1/analytics.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
8062317f6f2f91e260868f04ff72ca4a157a0205e9d15d4a89ef6885ab85f313

Request headers

Referer
https://www.themarysue.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 07 Jun 2023 23:36:02 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://www.themarysue.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
truncated
/ Frame 0153 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5eef148f8a76811b9226ca7e1bb41ce62e6330cc7e47c019cbf4a2829bd95956

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame CAA0 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2492bcc7bae107dc5da3fc7321926478ddc8c529af9d39313b47ac3ff5cd0839

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type
image/png
ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 0153 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f94.1e100.net
Software
sffe /
Resource Hash
92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 14:01:38 GMT
x-content-type-options
nosniff
age
207265
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21428
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:32:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 04 Jun 2024 14:01:38 GMT
ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 0153 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f94.1e100.net
Software
sffe /
Resource Hash
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sun, 04 Jun 2023 23:00:00 GMT
x-content-type-options
nosniff
age
261363
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20784
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:21:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 03 Jun 2024 23:00:00 GMT
ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame CAA0 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f94.1e100.net
Software
sffe /
Resource Hash
92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 14:01:38 GMT
x-content-type-options
nosniff
age
207265
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21428
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:32:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 04 Jun 2024 14:01:38 GMT
ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame CAA0 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f94.1e100.net
Software
sffe /
Resource Hash
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sun, 04 Jun 2023 23:00:00 GMT
x-content-type-options
nosniff
age
261363
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20784
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:21:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 03 Jun 2024 23:00:00 GMT
c
c.pub.network/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.themarysue.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.themarysue.com
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Wed, 07 Jun 2023 23:36:03 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
via
1.1 google
c
c.pub.network/v2/ 		36 B
53 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/analytics/1.1.1/analytics.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
8062317f6f2f91e260868f04ff72ca4a157a0205e9d15d4a89ef6885ab85f313

Request headers

Referer
https://www.themarysue.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 07 Jun 2023 23:36:03 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://www.themarysue.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
async_usersync.html
acdn.adnxs.com/dmp/ Frame 06EE 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.themarysue.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
56255
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 07 Jun 2023 23:36:03 GMT
ETag
W/"623de86a-cf34"
Expires
Wed, 24 May 2023 07:58:00 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
2421, 60067
X-Served-By
cache-lga13626-LGA, cache-bfi-krnt7300032-BFI
X-Timer
S1686180964.717869,VS0,VE0
sync
eb2.3lift.com/ Frame 91B8
Redirect Chain
  • https://eb2.3lift.com/sync?us_privacy=1---&
  • https://eb2.3lift.com/sync?us_privacy=1---&&ld=1
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?us_privacy=1---&&ld=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
fa4fd81992bc3788f9d24635e6f2e94c55f04d0ed19a8fcb2c5a3729668927f5

Request headers

Referer
https://www.themarysue.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1114
content-type
text/html; charset=utf-8
date
Wed, 07 Jun 2023 23:36:03 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Wed, 07 Jun 2023 23:36:03 GMT
location
/sync?us_privacy=1---&&ld=1
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pbcas
ads.yieldmo.com/ Frame B1A9 		855 B
995 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/pbcas?us_privacy=1---&gdpr=0&gdpr_consent=&type=iframe
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.142.188.55 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-142-188-55.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
a705334a42da65a584f56fd798ca6857c5051ef26d47b47258ff307327352433

Request headers

Referer
https://www.themarysue.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html;charset=utf-8
date
Wed, 07 Jun 2023 23:36:04 GMT
pragma
no-cache
vary
accept-encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6547 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696&us_privacy=1---
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.65.228.208 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-65-228-208.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.themarysue.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=45536
content-encoding
gzip
content-length
5554
content-type
text/html
date
Wed, 07 Jun 2023 23:36:03 GMT
expires
Thu, 08 Jun 2023 12:14:59 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
server-timing
ak_p; desc="1686180963092_390796573_64046139_9_338_331_0_255";dur=1
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame E308 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.themarysue.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
73
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
7d3cb70cf8e5a808-SYD
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 07 Jun 2023 23:36:03 GMT
expires
Thu, 08 Jun 2023 03:36:03 GMT
last-modified
Mon, 25 Jul 2022 19:18:30 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame 421A 		555 B
379 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd?us_privacy=1---&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
8cf723039218f1b738bcc54f8afa08788c40c4a6ef6bd2db8fc309cac2dd42c5

Request headers

Referer
https://www.themarysue.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
360
content-type
text/html
date
Wed, 07 Jun 2023 23:36:03 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
usync.html
eus.rubiconproject.com/ Frame 7AAC 		281 B
640 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?us_privacy=1---
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.39.5.30 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-5-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.themarysue.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 07 Jun 2023 23:36:03 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Server-Timing
ak_p; desc="1686180963427_1611772950_13934192_16_330_331_337_-";dur=1
Vary
Accept-Encoding
sync
x.bidswitch.net/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=themediagrid&us_privacy=1---
  • https://sync.aralego.com/bsw_sync?ucf_nid=par-E2B44D84BBBDED8A0B297323E4B4A68&dsp_id=445&bidswitch_ssp_id=themediagrid&bsw_custom_parameter=4f0664f5-7787-47d1-8469-677d4e269b7e&gdpr=&gdpr_consent=&...
  • https://x.bidswitch.net/sync?dsp_id=445&user_id=3f87d1aa-e052-3f98-a62a-0e995c0a4a83&ssp=themediagrid&bsw_param=4f0664f5-7787-47d1-8469-677d4e269b7e
43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=445&user_id=3f87d1aa-e052-3f98-a62a-0e995c0a4a83&ssp=themediagrid&bsw_param=4f0664f5-7787-47d1-8469-677d4e269b7e
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
HTTP/1.1
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Wed, 07 Jun 2023 23:36:19 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://x.bidswitch.net/sync?dsp_id=445&user_id=3f87d1aa-e052-3f98-a62a-0e995c0a4a83&ssp=themediagrid&bsw_param=4f0664f5-7787-47d1-8469-677d4e269b7e
date
Wed, 07 Jun 2023 23:36:19 GMT
connection
close
content-length
170
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
setuid
s2s.t13.io/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24UID
  • https://s2s.t13.io/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&f=i&uid=1731213324646008949
86 B
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2s.t13.io/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&f=i&uid=1731213324646008949
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:18 GMT
content-encoding
gzip
via
1.1 google
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0

Redirect headers

Date
Wed, 07 Jun 2023 23:36:18 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
66.203.112.162; 66.203.112.162; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
4854ed1f-95ff-4c6a-8b38-0819e5bb6ebb
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://s2s.t13.io/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&f=i&uid=1731213324646008949
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pxd
dps.jp.cinarra.com/ Frame 421A 		95 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dps.jp.cinarra.com/pxd?PLATFORM_ID=1&USER_ID=56e7fc07-3b8b-8c3c-fb15-803418f09d08
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?us_privacy=1---&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.114.50.162 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-114-50-162.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Wed, 07 Jun 2023 23:36:04 GMT
Connection
keep-alive
Content-Length
95
Content-Type
image/png
a4920743-b5f2-e439-c0ca-2495743befbf
pr-bh.ybp.yahoo.com/sync/openx/ Frame 421A 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/a4920743-b5f2-e439-c0ca-2495743befbf?gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?us_privacy=1---&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.77.136.156 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-136-156.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:36:03 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
openx
cs.nex8.net/cs/ Frame 421A 		0
0
dds
rtb.openx.net/sync/ Frame 421A
Redirect Chain
  • https://rtb.openx.net/sync/dds
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=7wPrO4zYz14XaX7XWHUYTA==&ox_sc=1&ox_init=1
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
43 B
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?us_privacy=1---&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba
Protocol
H3
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:03 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43

Redirect headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
249
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
send
sync-dsp.ad-m.asia/dsp/api/sync/ Frame 421A 		43 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=openx
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?us_privacy=1---&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
220.150.223.50 , Japan, ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP),
Reverse DNS
50.223.150.220.in-addr.arpa
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 07 Jun 2023 23:36:04 GMT
Server
nginx
Content-Type
image/gif
Cache-Control
no-store,no-cache
Connection
close
Content-Length
43
expires
-1
sd
jp-u.openx.net/w/1.0/ Frame 421A
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Fjp-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://jp-u.openx.net/w/1.0/sd?id=536872786&val=8aa96481-1462-4400-8d93-3f57fee2e878
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=536872786&val=8aa96481-1462-4400-8d93-3f57fee2e878
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?us_privacy=1---&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:03 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Wed, 07 Jun 2023 23:36:03 GMT
Server
MT3 933 7933424 master hkg-pixel-x17 config_version:"1021"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://jp-u.openx.net/w/1.0/sd?id=536872786&val=8aa96481-1462-4400-8d93-3f57fee2e878
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 07 Jun 2023 23:36:02 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 67F3
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:8aa96481-1462-4400-8d93-3f57fee2e878&gdpr=0&gdpr_consent=
42 B
326 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:8aa96481-1462-4400-8d93-3f57fee2e878&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.86 , Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 07 Jun 2023 23:36:04 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Wed, 07 Jun 2023 23:36:03 GMT
Expires
Wed, 07 Jun 2023 23:36:02 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 968 d3e9700 master hkg hkg-pixel-x1 config_version:"1021"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:8aa96481-1462-4400-8d93-3f57fee2e878&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame BE3B
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1976306192160214603
42 B
194 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1976306192160214603
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.86 , Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 07 Jun 2023 23:36:04 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Wed, 07 Jun 2023 23:36:04 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1976306192160214603
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame 1D18
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...
85 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZIEUZAAQCTiUGABL
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Wed, 07 Jun 2023 23:36:04 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-bfi-kbfi7400027-BFI
x-timer
S1686180964.428944,VS0,VE69

Redirect headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
0
date
Wed, 07 Jun 2023 23:36:04 GMT
location
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZIEUZAAQCTiUGABL
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-bfi-kbfi7400027-BFI
x-timer
S1686180964.052603,VS0,VE71
Pug
simage2.pubmatic.com/AdServer/ Frame 93DD
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1731213324646008949&gdpr=0&gdpr_consent=
42 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1731213324646008949&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.86 , Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 07 Jun 2023 23:24:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

AN-X-Request-Uuid
aa2b3efe-9c78-4f45-92f5-3f6ca14ce7cb
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Wed, 07 Jun 2023 23:36:03 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1731213324646008949&gdpr=0&gdpr_consent=
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
66.203.112.162; 66.203.112.162; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pug
image2.pubmatic.com/AdServer/ Frame AFAA
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=dXFIYnJxRmduc0U3IiNdanQnFTduJxUxdyd-efm_
42 B
338 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=dXFIYnJxRmduc0U3IiNdanQnFTduJxUxdyd-efm_
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.86 , Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 07 Jun 2023 23:36:04 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Wed, 07 Jun 2023 23:36:04 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=dXFIYnJxRmduc0U3IiNdanQnFTduJxUxdyd-efm_
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
usersync.aspx
dis.criteo.com/dis/ Frame C04F 		43 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.146 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Wed, 07 Jun 2023 23:36:03 GMT
expires
Wed, 07 Jun 2023 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
238738
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
simage2.pubmatic.com/AdServer/ Frame D93B
Redirect Chain
  • https://cm.ambientdsp.com/cm/send?vc=pmj
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=10cwc1q2awmq
1 B
168 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=10cwc1q2awmq
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.86 , Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Wed, 07 Jun 2023 23:36:04 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-encoding
utf-8
cache-control
no-store
content-length
0
date
Wed, 07 Jun 2023 23:36:04 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=10cwc1q2awmq
lws
127.0.0.1
strict-transport-security
max-age=31536000; includeSubDomains
time-ms
0
Pug
simage2.pubmatic.com/AdServer/ Frame 7CD7
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=KvtX7RgxWNRFeu4KcKUQBkLLcKI&gdpr=0&gdpr_consent=
42 B
301 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=KvtX7RgxWNRFeu4KcKUQBkLLcKI&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.86 , Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 07 Jun 2023 23:36:04 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Wed, 07 Jun 2023 23:36:04 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=KvtX7RgxWNRFeu4KcKUQBkLLcKI&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame 507B
Redirect Chain
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=2bebe3db9cfd47a8ac2b8aa57dfbc642
42 B
303 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=2bebe3db9cfd47a8ac2b8aa57dfbc642
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.86 , Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 07 Jun 2023 23:36:04 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html;charset=UTF-8
date
Wed, 07 Jun 2023 23:36:03 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=2bebe3db9cfd47a8ac2b8aa57dfbc642
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
status
302
via
1.1 google
x-xss-protection
1; mode=block
cm
ipac.ctnsnet.com/int/ Frame 4E5C 		43 B
369 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Wed, 07 Jun 2023 23:36:03 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
Pug
image2.pubmatic.com/AdServer/ Frame 1489
Redirect Chain
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1btffw02l5x9
42 B
230 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1btffw02l5x9
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.86 , Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 07 Jun 2023 23:36:04 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-encoding
utf-8
cache-control
no-cache, no-store
content-length
0
date
Wed, 07 Jun 2023 23:36:04 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1btffw02l5x9
lws
222
strict-transport-security
max-age=31536000; includeSubDomains
time-ms
0
send
sync-dsp.ad-m.asia/dsp/api/sync/ Frame 0348 		43 B
243 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
220.150.223.50 , Japan, ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP),
Reverse DNS
50.223.150.220.in-addr.arpa
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
no-store,no-cache
Connection
close
Content-Length
43
Content-Type
image/gif
Date
Wed, 07 Jun 2023 23:36:04 GMT
Pragma
no-cache
Server
nginx
expires
-1
Pug
image2.pubmatic.com/AdServer/ Frame C274
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=cocU6rIfDxKupdjaYhSBZA
42 B
200 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=cocU6rIfDxKupdjaYhSBZA
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.86 , Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 07 Jun 2023 23:36:04 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-store
content-length
153
content-type
text/html; charset=utf-8
date
Wed, 07 Jun 2023 23:36:04 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=cocU6rIfDxKupdjaYhSBZA
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
nginx
pxd
dps.jp.cinarra.com/ Frame 05E3 		95 B
220 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=65B55241-7913-40F1-9841-6178CE8D0BA2
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.114.50.162 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-114-50-162.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
95
Content-Type
image/png
Date
Wed, 07 Jun 2023 23:36:04 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 0DAE
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=11bd5a78-058c-11ee-88ea-707b7631d09d
42 B
267 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=11bd5a78-058c-11ee-88ea-707b7631d09d
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.86 , Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 07 Jun 2023 23:36:05 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
0
content-type
image/gif
date
Wed, 07 Jun 2023 23:36:05 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=11bd5a78-058c-11ee-88ea-707b7631d09d
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
aws-apsoutheast1b-delivery-2
i.match
s.tribalfusion.com/z/ Frame C782
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
418 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
7d3cb7133dd1a980-SYD
content-length
43
content-type
image/gif; charset=utf-8
date
Wed, 07 Jun 2023 23:36:04 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
7d3cb7111b8ea980-SYD
content-type
text/html
date
Wed, 07 Jun 2023 23:36:04 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
1116
cookiesync
core.iprom.net/ Frame 1DA2 		43 B
277 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Wed, 07 Jun 2023 23:36:04 GMT
Vary
Accept-Encoding
X-adserver-worker
avatar-11144eee1ef6@version_1.553
X-core-time
0ms
X-server-arch
v2
141
match.deepintent.com/usersync/ Frame 16F0 		0
44 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.18.47.7 Miami, United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
0
date
Wed, 07 Jun 2023 23:36:03 GMT
server
b
Pug
simage2.pubmatic.com/AdServer/ Frame B600
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.86 , Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 07 Jun 2023 23:36:03 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Wed, 07 Jun 2023 23:36:04 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 36FD
Redirect Chain
  • https://live.primis.tech/live/liveCS.php?source=external&advId=91&advUuid=65B55241-7913-40F1-9841-6178CE8D0BA2
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1402230080&pcid=65B55241-7913-40F1-9841-6178CE8D0BA2
43 B
897 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1402230080&pcid=65B55241-7913-40F1-9841-6178CE8D0BA2
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
54.192.18.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-18-66.hkg62.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
date
Wed, 07 Jun 2023 23:36:04 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 f2a8133584178fc004547ef003d97efc.cloudfront.net (CloudFront)
x-amz-cf-id
e47QkJCZnzcCaE7H4a7jagzMWAB8PFF809IyK0n_gxN8zQJF15Mb-A==
x-amz-cf-pop
HKG62-C2
x-cache
Miss from cloudfront

Redirect headers

age
0
cache-control
no-store
content-type
text/html; charset=utf-8
date
Wed, 07 Jun 2023 23:36:03 GMT
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1402230080&pcid=65B55241-7913-40F1-9841-6178CE8D0BA2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
pragma
no-cache
server
nginx
via
1.1 52c5ddb029eae46cd9dad0cfd50b5b8e.cloudfront.net (CloudFront)
x-amz-cf-id
8fy7-QEljniTJXbMWKn7hHmYQA8AKePCaI37VF55AFh59FuWgq6Egg==
x-amz-cf-pop
HKG54-C1
x-cache
Miss from cloudfront
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C2C5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ZbVSQXkTQPGYQWF4zo0Log%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
104.65.228.208 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-65-228-208.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:36:03 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=45536
server-timing
ak_p; desc="1686180963757_390796573_64046853_9_303_331_0_146";dur=1
accept-ranges
bytes
content-length
5554
expires
Thu, 08 Jun 2023 12:14:59 GMT

Redirect headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame C2C5
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=65B55241-7913-40F1-9841-6178CE8D0BA2
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=65B55241-7913-40F1-9841-6178CE8D0BA2
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=09e8f016-6ae2-4e9a-8e19-e40c6bba65b9%252C%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=58f19e0b-0c54-4c75-92e1-bfa769476430&ttd_puid=09e8f016-6ae2-4e9a-8e19-e40c6bba65b9%2C%2C
95 B
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=58f19e0b-0c54-4c75-92e1-bfa769476430&ttd_puid=09e8f016-6ae2-4e9a-8e19-e40c6bba65b9%2C%2C
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:36:04 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:04 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=58f19e0b-0c54-4c75-92e1-bfa769476430&ttd_puid=09e8f016-6ae2-4e9a-8e19-e40c6bba65b9%2C%2C
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
359
qmap
sync.crwdcntrl.net/ Frame C2C5
Redirect Chain
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=65B55241-7913-40F1-9841-6178CE8D0BA2&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=65B55241-7913-40F1-9841-6178CE8D0BA2&gdpr=0&gdpr_consent=&ct=y
49 B
544 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=65B55241-7913-40F1-9841-6178CE8D0BA2&gdpr=0&gdpr_consent=&ct=y
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
3.0.235.178 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-0-235-178.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:04 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.42.2.124
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:04 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=65B55241-7913-40F1-9841-6178CE8D0BA2&gdpr=0&gdpr_consent=&ct=y
cache-control
no-cache
x-server
10.42.26.152
content-length
0
expires
0
info
uipglob.semasio.net/pubmatic/1/ Frame C2C5 		0
0
Pug
image2.pubmatic.com/AdServer/ Frame C2C5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NjVCNTUyNDEtNzkxMy00MEYxLTk4NDEtNjE3OENFOEQwQkEy&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
67.199.150.86 , Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 07 Jun 2023 23:36:04 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame C2C5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJR5m0TcmJTjhhmbbbWS22M&google_cver=1
42 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJR5m0TcmJTjhhmbbbWS22M&google_cver=1
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
67.199.150.86 , Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 07 Jun 2023 23:36:03 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJR5m0TcmJTjhhmbbbWS22M&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame C2C5
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:6D58E35949B24D2789C3A33390EAEA17
42 B
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:6D58E35949B24D2789C3A33390EAEA17
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
67.199.150.86 , Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 07 Jun 2023 23:36:04 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Wed, 07 Jun 2023 23:36:04 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:6D58E35949B24D2789C3A33390EAEA17
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Tue, 06 Jun 2023 23:36:04 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame C2C5
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=58f19e0b-0c54-4c75-92e1-bfa769476430&gdpr=0&gdpr_consent=
42 B
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=58f19e0b-0c54-4c75-92e1-bfa769476430&gdpr=0&gdpr_consent=
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
67.199.150.86 , Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 07 Jun 2023 23:36:04 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:03 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=58f19e0b-0c54-4c75-92e1-bfa769476430&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
355
65B55241-7913-40F1-9841-6178CE8D0BA2
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame C2C5 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/65B55241-7913-40F1-9841-6178CE8D0BA2?gdpr=0&gdpr_consent=
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.77.136.156 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-136-156.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:36:04 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame C2C5
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=4f0664f5-7787-47d1-8469-677d4e269b7e&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=712bd63c-cb28-4d7d-ad31-63c1faf80437&expires=1&user_group=5&ssp=pubmatic&bsw_param=4f0664f5-7787-47d1-8469-677d4e269b7e&gdpr=0&gdpr_consent=&gdpr_pd=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=4f0664f5-7787-47d1-8469-677d4e269b7e&gdpr=0&gdpr_consent=&gdpr_pd=
1 B
246 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=4f0664f5-7787-47d1-8469-677d4e269b7e&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
67.199.150.86 , Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Wed, 07 Jun 2023 23:36:06 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=4f0664f5-7787-47d1-8469-677d4e269b7e&gdpr=0&gdpr_consent=&gdpr_pd=
Date
Wed, 07 Jun 2023 23:36:06 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
SPug
image4.pubmatic.com/AdServer/ Frame C2C5
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=65B55241-7913-40F1-9841-6178CE8D0BA2&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-hBsZ5apE2uW6QcMG1SrokfRXfEDGq7E-~A&gdpr=0
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-hBsZ5apE2uW6QcMG1SrokfRXfEDGq7E-~A&gdpr=0
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
67.199.150.85 , Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:36:06 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-hBsZ5apE2uW6QcMG1SrokfRXfEDGq7E-~A&gdpr=0
date
Wed, 07 Jun 2023 23:36:05 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame C2C5
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7694876445673813675
42 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7694876445673813675
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
67.199.150.86 , Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 07 Jun 2023 23:36:05 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7694876445673813675
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame C2C5
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7398971242702350507&gdpr=0&gdpr_consent=&us_privacy=
1 B
379 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7398971242702350507&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
67.199.150.86 , Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Wed, 07 Jun 2023 23:36:05 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7398971242702350507&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Wed, 07 Jun 2023 23:36:04 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame C2C5
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=65B55241-7913-40F1-9841-6178CE8D0BA2&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=1ec747a0fe53209c&is_secure=true&networkId=17100&version=1&nuid=65B55241-7913-40F1-9841-6178CE8D0BA2&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMRmaAg88z8gNT5AVIAAAAAAA&expiration=1686267367&nuid=65B55241-7913-40F1-9841-6178CE8D0BA2&...
42 B
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMRmaAg88z8gNT5AVIAAAAAAA&expiration=1686267367&nuid=65B55241-7913-40F1-9841-6178CE8D0BA2&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
67.199.150.86 , Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 07 Jun 2023 23:24:23 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:07 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMRmaAg88z8gNT5AVIAAAAAAA&expiration=1686267367&nuid=65B55241-7913-40F1-9841-6178CE8D0BA2&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame C2C5
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1731213324646008949
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1731213324646008949
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
67.199.150.86 , Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 07 Jun 2023 23:36:05 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Wed, 07 Jun 2023 23:36:05 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
66.203.112.162; 66.203.112.162; 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
20725c22-e40c-4a2c-b1f3-429311dda843
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1731213324646008949
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
w_1280_00000.ts
video.primis.tech/uploads/cn23/video/users/hls/29267/video_5f2a756fed840275155721/vid62548fcf4b57b123420659.mp4/ 		750 KB
752 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn23/video/users/hls/29267/video_5f2a756fed840275155721/vid62548fcf4b57b123420659.mp4/w_1280_00000.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.18.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-18-43.hkg62.r.cloudfront.net
Software
nginx /
Resource Hash
e4652142ac6c845f6c2a46716340a3079411bdec085c9f942eefcb0c07d38c3e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:36:03 GMT
via
1.1 1ad4f21710c30c86f0c2c6495ab30228.cloudfront.net (CloudFront), 1.1 1a70506ef88d5d28a7d133d7ccac4682.cloudfront.net (CloudFront)
x-amz-cf-pop
IAH50-P2, HKG62-C2
x-cache
Miss from cloudfront
content-length
768356
last-modified
Tue, 12 Apr 2022 01:14:29 GMT
server
nginx
etag
"b138bec9410588d39bf39123de9dab2f"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
mNV6KLlGgCeovTsS7vsoM-xODC6kYLHx3BaoSRyrlVVkBKhH5Ei0MQ==
expires
Wed, 21 Jun 2023 23:36:03 GMT
ddafbad8-23ba-47f8-ab6e-56abbeb0cff2
https://www.themarysue.com/ 		67 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.themarysue.com/ddafbad8-23ba-47f8-ab6e-56abbeb0cff2
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b3e57eb372e8b405c816875571e184854b2846261c7477c6c9bdb7782faa1a30

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Length
68465
Content-Type
text/javascript
xuid
eb2.3lift.com/ Frame 91B8
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=58f19e0b-0c54-4c75-92e1-bfa769476430&dongle=0cfd&gdpr=0&gdpr_consent=
37 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=58f19e0b-0c54-4c75-92e1-bfa769476430&dongle=0cfd&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&&ld=1
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-type
image/gif
date
Wed, 07 Jun 2023 23:36:04 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:03 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=58f19e0b-0c54-4c75-92e1-bfa769476430&dongle=0cfd&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
251
ebda
eb2.3lift.com/ Frame 91B8
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Mzk4MTM0NTQzOTkzNTk2NzY4NDM2Mg%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&&ld=1
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:36:04 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 91B8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEMpRYQgpbe52BHSlDJuOtIw&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEMpRYQgpbe52BHSlDJuOtIw&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&&ld=1
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-type
image/gif
date
Wed, 07 Jun 2023 23:36:04 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEMpRYQgpbe52BHSlDJuOtIw&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 91B8
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Mzk4MTM0NTQzOTkzNTk2NzY4NDM2Mg%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Mzk4MTM0NTQzOTkzNTk2NzY4NDM2Mg%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&&ld=1
Protocol
H3
Server
173.194.174.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
td-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Mzk4MTM0NTQzOTkzNTk2NzY4NDM2Mg%3D%3D
date
Wed, 07 Jun 2023 23:36:04 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame 91B8
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3981345439935967684362&dbredirect=true&gdpr=0&consent=
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3981345439935967684362&dbredirect=true&gdpr=0&consent=&cookiesTest=true
0
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3981345439935967684362&dbredirect=true&gdpr=0&consent=&cookiesTest=true
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&&ld=1
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:36:04 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 895346196A7C46B3AB8786693D221D02 Ref B: SYD03EDGE0814 Ref C: 2023-06-07T23:36:04Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX9kplzZK16bA6pmlgr4w==

Redirect headers

date
Wed, 07 Jun 2023 23:36:04 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 90D7DC8ADF4C400982747276E585FF0B Ref B: SYD03EDGE0814 Ref C: 2023-06-07T23:36:04Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
location
/setuid?partner=tripleliftdbredirect&tlUid=3981345439935967684362&dbredirect=true&gdpr=0&consent=&cookiesTest=true
x-li-proto
http/2
content-length
0
x-li-uuid
AAX9kplt16VeGQLsEpeNqg==
xuid
eb2.3lift.com/ Frame 91B8
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=3981345439935967684362&gdpr=0&gdpr_consent=
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=a31de76f-be4b-49d5-bbc9-fdbcaeb58eb3&ssp=triplelift
  • https://eb2.3lift.com/xuid?mid=2409&xuid=4f0664f5-7787-47d1-8469-677d4e269b7e&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
37 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=4f0664f5-7787-47d1-8469-677d4e269b7e&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&&ld=1
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-type
image/gif
date
Wed, 07 Jun 2023 23:36:05 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=4f0664f5-7787-47d1-8469-677d4e269b7e&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Date
Wed, 07 Jun 2023 23:36:05 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
c.gif
c.bing.com/ Frame 91B8 		42 B
669 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=3981345439935967684362&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:03 GMT
last-modified
Tue, 06 Jun 2023 16:36:02 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: B4BC383DC3A54863A38504AB53997741 Ref B: SYD03EDGE0817 Ref C: 2023-06-07T23:36:04Z
etag
"7b637fb9498d91:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42
xuid
eb2.3lift.com/ Frame 91B8
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/3981345439935967684362?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-ynSJ6WRE2oRs2s_FLrqKUzo4_KV94raYwHIAJtr6mw--~A&dongle=0883
37 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-ynSJ6WRE2oRs2s_FLrqKUzo4_KV94raYwHIAJtr6mw--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&&ld=1
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-type
image/gif
date
Wed, 07 Jun 2023 23:36:04 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Wed, 07 Jun 2023 23:36:04 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-ynSJ6WRE2oRs2s_FLrqKUzo4_KV94raYwHIAJtr6mw--~A&dongle=0883
content-length
0
xuid
eb2.3lift.com/ Frame 91B8
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=TEgykCnCr3EAGYbxX1zk&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLE...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5KRCWO6LLINXEG...
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=TEgykCnCr3EAGYbxX1zk
37 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=TEgykCnCr3EAGYbxX1zk
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&&ld=1
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-type
image/gif
date
Wed, 07 Jun 2023 23:36:08 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Wed, 07 Jun 2023 23:36:08 GMT
Content-Type
text/html; charset=utf-8
Location
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=TEgykCnCr3EAGYbxX1zk
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
xuid
eb2.3lift.com/ Frame 91B8
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=1731213324646008949&dongle=4d58&gdpr=0&gdpr_consent=
37 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=1731213324646008949&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&&ld=1
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-type
image/gif
date
Wed, 07 Jun 2023 23:36:04 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Date
Wed, 07 Jun 2023 23:36:04 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
66.203.112.162; 66.203.112.162; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
159d951f-d852-404c-b3a1-1b14aa3c1e27
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://eb2.3lift.com/xuid?mid=3335&xuid=1731213324646008949&dongle=4d58&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
c
c.pub.network/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.themarysue.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.themarysue.com
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Wed, 07 Jun 2023 23:36:04 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
via
1.1 google
c
c.pub.network/v2/ 		36 B
53 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/analytics/1.1.1/analytics.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
8062317f6f2f91e260868f04ff72ca4a157a0205e9d15d4a89ef6885ab85f313

Request headers

Referer
https://www.themarysue.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 07 Jun 2023 23:36:04 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://www.themarysue.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
usync.js
eus.rubiconproject.com/ Frame 7AAC 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.39.5.30 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-5-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
9e60c758712370d1339592fdbc4596bb067a52cd5f0b91f2f9ff07a447dd6839

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Wed, 07 Jun 2023 23:36:04 GMT
Content-Encoding
gzip
Last-Modified
Wed, 07 Jun 2023 02:02:59 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=8790
Connection
keep-alive
Server-Timing
ak_p; desc="1686180964109_1611772950_13934199_9_451_331_0_-";dur=1
Content-Length
10112
Expires
Thu, 08 Jun 2023 02:02:34 GMT
async_usersync
ib.adnxs.com/ Frame 06EE 		0
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.148.252 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 07 Jun 2023 23:36:04 GMT
AN-X-Request-Uuid
0ef280c0-a0f2-423c-a2f1-31fb493d7066
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
66.203.112.162; 66.203.112.162; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6ECD 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=1---&predirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.65.228.208 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-65-228-208.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.themarysue.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=45535
content-encoding
gzip
content-length
5554
content-type
text/html
date
Wed, 07 Jun 2023 23:36:04 GMT
expires
Thu, 08 Jun 2023 12:14:59 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
server-timing
ak_p; desc="1686180964116_390796573_64047218_8_307_331_0_255";dur=1
vary
Accept-Encoding
sync
ads.yieldmo.com/v000/ Frame B1A9
Redirect Chain
  • https://ib.adnxs.com/getuid?https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an
  • https://ads.yieldmo.com/v000/sync?userid=1731213324646008949&pn_id=an
43 B
573 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?userid=1731213324646008949&pn_id=an
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/pbcas?us_privacy=1---&gdpr=0&gdpr_consent=&type=iframe
Protocol
H2
Server
18.142.188.55 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-142-188-55.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:04 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

Date
Wed, 07 Jun 2023 23:36:04 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
66.203.112.162; 66.203.112.162; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
a8c69c86-21b9-49ef-be23-8528cec371c1
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://ads.yieldmo.com/v000/sync?userid=1731213324646008949&pn_id=an
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.yieldmo.com/v000/ Frame B1A9
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=yieldmo&redir%3Dhttps%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=yieldmo&zcc=1&cb=1686180964980
  • https://ad.turn.com/r/cs?pid=45&rndcb=2329209091
  • https://sync.1rx.io/usersync/turn/7398971242702350507?dspret=1&gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-af6c42ef-39ec-431c-b6ee-8b3073063fee-004?redir=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3DRX-af6c42ef-39ec-431c-b6ee-8b3073063f...
  • https://ads.yieldmo.com/v000/sync?pn_id=unl&id=RX-af6c42ef-39ec-431c-b6ee-8b3073063fee-004
43 B
591 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?pn_id=unl&id=RX-af6c42ef-39ec-431c-b6ee-8b3073063fee-004
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/pbcas?us_privacy=1---&gdpr=0&gdpr_consent=&type=iframe
Protocol
H2
Server
18.142.188.55 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-142-188-55.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:07 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

location
https://ads.yieldmo.com/v000/sync?pn_id=unl&id=RX-af6c42ef-39ec-431c-b6ee-8b3073063fee-004
date
Wed, 07 Jun 2023 23:36:07 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXaf6c42ef39ec431cb6ee8b3073063fee004
content-type
text/html
receive
pixel.tapad.com/idsync/ex/ Frame B1A9
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3107&partner_device_id=3haKaqqnn7qBvSfBmBEa
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=09e8f016-6ae2-4e9a-8e19-e40c6bba65b9%252C%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=58f19e0b-0c54-4c75-92e1-bfa769476430&ttd_puid=09e8f016-6ae2-4e9a-8e19-e40c6bba65b9%2C%2C
95 B
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=58f19e0b-0c54-4c75-92e1-bfa769476430&ttd_puid=09e8f016-6ae2-4e9a-8e19-e40c6bba65b9%2C%2C
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/pbcas?us_privacy=1---&gdpr=0&gdpr_consent=&type=iframe
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:36:04 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:04 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=58f19e0b-0c54-4c75-92e1-bfa769476430&ttd_puid=09e8f016-6ae2-4e9a-8e19-e40c6bba65b9%2C%2C
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
359
sync
ads.yieldmo.com/v000/ Frame B1A9
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=yieldmo&ttd_tpi=1&ttd_puid=3haKaqqnn7qBvSfBmBEa
  • https://ads.yieldmo.com/v000/sync?tdid=58f19e0b-0c54-4c75-92e1-bfa769476430
43 B
585 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?tdid=58f19e0b-0c54-4c75-92e1-bfa769476430
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/pbcas?us_privacy=1---&gdpr=0&gdpr_consent=&type=iframe
Protocol
H2
Server
18.142.188.55 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-142-188-55.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:04 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:04 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ads.yieldmo.com/v000/sync?tdid=58f19e0b-0c54-4c75-92e1-bfa769476430
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
181
sync
ads.yieldmo.com/v000/ Frame B1A9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_cm&pn_id=c
  • https://ads.yieldmo.com/v000/sync?pn_id=c&google_gid=CAESEDvLVLenCEaIvygX6csP0s4&google_cver=1
43 B
581 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?pn_id=c&google_gid=CAESEDvLVLenCEaIvygX6csP0s4&google_cver=1
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/pbcas?us_privacy=1---&gdpr=0&gdpr_consent=&type=iframe
Protocol
H2
Server
18.142.188.55 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-142-188-55.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:04 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.yieldmo.com/v000/sync?pn_id=c&google_gid=CAESEDvLVLenCEaIvygX6csP0s4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
299
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
s2s.t13.io/
Redirect Chain
  • https://sync.1rx.io/usersync2/rmphb?gdpr=&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%...
  • https://sync.targeting.unrulymedia.com/csync/RX-af6c42ef-39ec-431c-b6ee-8b3073063fee-004?redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26...
  • https://s2s.t13.io/setuid?bidder=unruly&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&f=i&uid=RX-af6c42ef-39ec-431c-b6ee-8b3073063fee-004
86 B
115 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2s.t13.io/setuid?bidder=unruly&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&f=i&uid=RX-af6c42ef-39ec-431c-b6ee-8b3073063fee-004
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:20 GMT
content-encoding
gzip
via
1.1 google
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0

Redirect headers

location
https://s2s.t13.io/setuid?bidder=unruly&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&f=i&uid=RX-af6c42ef-39ec-431c-b6ee-8b3073063fee-004
date
Wed, 07 Jun 2023 23:36:20 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXaf6c42ef39ec431cb6ee8b3073063fee004
content-type
text/html
setuid
px.ads.linkedin.com/ Frame 7AAC
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0&us_privacy=1---
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LIMCLUXN-28-LG0C&gdpr=0&us_privacy=1---
0
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LIMCLUXN-28-LG0C&gdpr=0&us_privacy=1---
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:36:05 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: A3895F33BE7044A799AAC06877EBE83A Ref B: SYD03EDGE0814 Ref C: 2023-06-07T23:36:06Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX9kpmCytLpgIsiR1X5sA==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LIMCLUXN-28-LG0C&gdpr=0&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
548ddf114c6f6bfbb66a4cdeb6a219f4
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 7AAC
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0&us_privacy=1---
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/J5EJkw7dBIOOrOKRDbx5ZMn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=0&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-ScVtcJ1E2oLl8wUuFX0YYU2onaWweZoqu9KGaw--~A
42 B
721 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-ScVtcJ1E2oLl8wUuFX0YYU2onaWweZoqu9KGaw--~A
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
f60a7260b0ebb7a40a81234af4a9e826
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Wed, 07 Jun 2023 23:36:06 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-ScVtcJ1E2oLl8wUuFX0YYU2onaWweZoqu9KGaw--~A
content-length
0
tap.php
pixel.rubiconproject.com/ Frame 7AAC
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=58f19e0b-0c54-4c75-92e1-bfa769476430&gdpr=0&gdpr_consent=&expires=30
42 B
721 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=58f19e0b-0c54-4c75-92e1-bfa769476430&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
38ddff6a66d3988dfd0c6ea3be81c5f1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:04 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=58f19e0b-0c54-4c75-92e1-bfa769476430&gdpr=0&gdpr_consent=&expires=30
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
289
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 7AAC
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&us_privacy=1---
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&us_privacy=1---&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=MCb9UQY_RaSw9bm4gumMEg&rk=usync-other&gdpr=0
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=MCb9UQY_RaSw9bm4gumMEg&gdpr=0
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=MCb9UQY_RaSw9bm4gumMEg&gdpr=0
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
HTTP/1.1
Server
52.95.126.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 07 Jun 2023 23:36:08 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
AXRESQM7TEBHZKYR6Y0N
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=MCb9UQY_RaSw9bm4gumMEg&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
94869a3d6d62a785bc2a9351b08a70bb
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 7AAC
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjMyY2IxYmZlY2VlNjIwOTZiZWFmOGMyZWUwMzkwZGJjNjZkZTE0OQ&gdpr=0&us_privacy=1---
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjMyY2IxYmZlY2VlNjIwOTZiZWFmOGMyZWUwMzkwZGJjNjZkZTE0OQ&gdpr=0&us_privacy=1---
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Server
173.194.174.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
td-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjMyY2IxYmZlY2VlNjIwOTZiZWFmOGMyZWUwMzkwZGJjNjZkZTE0OQ&gdpr=0&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
38ddff6a66d3988dfd0c6ea3be81c5f1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 7AAC
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&us_privacy=1---
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&us_privacy=1---&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=VRVIi6jURSWIiue_tLpH6w&rk=usync-na&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=VRVIi6jURSWIiue_tLpH6w&gdpr=0
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=VRVIi6jURSWIiue_tLpH6w&gdpr=0
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 07 Jun 2023 23:36:06 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
Q5HQMWH4PNYYJ60Z17JK
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=VRVIi6jURSWIiue_tLpH6w&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6690dc791bf02dde8c4051a04cfd7bb8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 7AAC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEFs4VAJzlo2Y4PTm4_Ee64w&google_cver=1
42 B
721 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEFs4VAJzlo2Y4PTm4_Ee64w&google_cver=1
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
6690dc791bf02dde8c4051a04cfd7bb8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEFs4VAJzlo2Y4PTm4_Ee64w&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
337
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7AAC
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TElNQ0xVWE4tMjgtTEcwQw==&gdpr=0&us_privacy=1---
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=0&google_gid=CAESEAd03RJwXWR48iqMJIrg0eM&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TElNQ0xVWE4tMjgtTEcwQw==&google_push=&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TElNQ0xVWE4tMjgtTEcwQw==&google_push=&gdpr=0
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Server
173.194.174.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
td-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TElNQ0xVWE4tMjgtTEcwQw==&google_push=&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
38ddff6a66d3988dfd0c6ea3be81c5f1
Expires
0
envelope
lexicon.33across.com/v1/ Frame 525D 		0
0
prebid
id5-sync.com/api/config/ Frame 525D 		135 B
547 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_9.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
25359cb3d49c2e00cb2e97f95643ee30748d54c33daa11c9c6fb0d2b519dfffa
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.themarysue.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.themarysue.com
date
Wed, 07 Jun 2023 23:36:05 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ Frame 525D 		0
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=34
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_9.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.155.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.155.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.themarysue.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 07 Jun 2023 23:36:05 GMT
via
1.1 google
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.themarysue.com
cache-control
no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
id
id.crwdcntrl.net/ Frame 525D 		152 B
906 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_9.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.251.138.231 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-251-138-231.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
0200f94555b8f6f1f267dbe099845cf76703edfaa3be2d243e86b28ee5b8d84e

Request headers

Referer
https://www.themarysue.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:05 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.themarysue.com
cache-control
no-cache
x-server
10.42.25.46
access-control-allow-credentials
true
content-length
152
expires
0
rid
match.adsrvr.org/track/ Frame 525D 		108 B
742 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=j6w8ta9&fmt=json
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_9.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
3cc8113388165e2e9de5f3f654671d060e38b3e9664ce0e3b5462967e49e8f71

Request headers

Referer
https://www.themarysue.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 07 Jun 2023 23:36:04 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.themarysue.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Fri, 07 Jul 2023 23:36:04 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E5C6 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&us_privacy=1---
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_9.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.65.228.208 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-65-228-208.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.themarysue.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=45535
content-encoding
gzip
content-length
5554
content-type
text/html
date
Wed, 07 Jun 2023 23:36:04 GMT
expires
Thu, 08 Jun 2023 12:14:59 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
server-timing
ak_p; desc="1686180964776_390796573_64047852_12_355_339_0_255";dur=1
vary
Accept-Encoding
collect
v.clarity.ms/ 		0
298 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.8/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.189.135 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.themarysue.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.themarysue.com
Date
Wed, 07 Jun 2023 23:36:05 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
021tMgbmWdpib38qUft40v3Y3wOFK7xcDKTuj95SMW0.js
pagead2.googlesyndication.com/bg/ Frame 5121 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/021tMgbmWdpib38qUft40v3Y3wOFK7xcDKTuj95SMW0.js
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.177.97.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tm-in-f154.1e100.net
Software
sffe /
Resource Hash
d36d6d3206e659da626f7f2a51fb78d2fdd8df03852bbc5c0ca4ee8fde52316d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sun, 04 Jun 2023 15:08:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
289638
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14684
x-xss-protection
0
last-modified
Tue, 30 May 2023 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 03 Jun 2024 15:08:47 GMT
021tMgbmWdpib38qUft40v3Y3wOFK7xcDKTuj95SMW0.js
pagead2.googlesyndication.com/bg/ Frame 85FE 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/021tMgbmWdpib38qUft40v3Y3wOFK7xcDKTuj95SMW0.js
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.177.97.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tm-in-f154.1e100.net
Software
sffe /
Resource Hash
d36d6d3206e659da626f7f2a51fb78d2fdd8df03852bbc5c0ca4ee8fde52316d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sun, 04 Jun 2023 15:08:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
289638
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14684
x-xss-protection
0
last-modified
Tue, 30 May 2023 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 03 Jun 2024 15:08:47 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame C2C5 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=159196&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.85 , Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:36:06 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
/
ce.lijit.com/beacon/prebid-server/ Frame 318E
Redirect Chain
  • https://ap.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=1---&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_...
  • https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=1---&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_...
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=1---&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.175.41.15 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
sovrn-193627-chi03-placeholder
Software
/
Resource Hash
7f8089e9d4cc8559bfadd1795f5e809f1605333d3510e69ea78d6d218d09cac8

Request headers

Referer
https://www.themarysue.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Encoding
gzip
Content-Length
756
Content-Type
text/html
Date
Wed, 07 Jun 2023 23:36:06 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
Vary
Accept-Encoding, User-Agent
X-Sovrn-Pod
ad_ap2ord1

Redirect headers

Content-length
0
Location
https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=1---&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
c
c.pub.network/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.themarysue.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.themarysue.com
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Wed, 07 Jun 2023 23:36:06 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
via
1.1 google
c
c.pub.network/v2/ 		36 B
53 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/analytics/1.1.1/analytics.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
8062317f6f2f91e260868f04ff72ca4a157a0205e9d15d4a89ef6885ab85f313

Request headers

Referer
https://www.themarysue.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 07 Jun 2023 23:36:06 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://www.themarysue.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
v1
lb.eu-1-id5-sync.com/lb/ Frame 525D 		33 B
405 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_9.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
5ccccd60aaf75f80ee6b89018de71a08c58530ca0beda7d7895f0ba8d43d542f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.themarysue.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.themarysue.com
date
Wed, 07 Jun 2023 23:36:06 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
w_1280_00001.ts
video.primis.tech/uploads/cn23/video/users/hls/29267/video_5f2a756fed840275155721/vid62548fcf4b57b123420659.mp4/ 		803 KB
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn23/video/users/hls/29267/video_5f2a756fed840275155721/vid62548fcf4b57b123420659.mp4/w_1280_00001.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.18.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-18-43.hkg62.r.cloudfront.net
Software
nginx /
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:36:06 GMT
via
1.1 55429f2d64d86ac51a104a1c84030e14.cloudfront.net (CloudFront), 1.1 1a70506ef88d5d28a7d133d7ccac4682.cloudfront.net (CloudFront)
x-amz-cf-pop
SFO5-C1, HKG62-C2
x-cache
Miss from cloudfront
content-length
904844
last-modified
Tue, 12 Apr 2022 01:14:29 GMT
server
nginx
etag
"b96840865d0c74ea206069cf2e97abef"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
zm9Q6V1LHoLsKlJiPEfh7a0aR116UpRBagfUaQvP2mmNn7FmA3Yw8g==
expires
Wed, 21 Jun 2023 23:36:06 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 0153 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssHf8PIuidtf2q0V_Yjte_0tHLtOXWSaXxQLy3nRgiYIREOZvi62kDP6QRs6YT3KmLS7x3CQNdmQI4yPUf2iUHSvaqWa3xfJVangpCw_uuItbPAUKaMZiOg4fjMAPmsdK3VSwTdavUlpw&sai=AMfl-YQ3vwK4j_38wQ7ej_0uUSpIFBr3_WiZ90HsA4Qi4PvjhMK82qRy0hXdVc4ZQKM1v1dVpa3APbrEWgKZM_wt1j6-dG-RmgBjzPTB69GmfJmEyEzPMbSpCkuD_40T&sig=Cg0ArKJSzFdOAtkMk8VtEAE&cid=CAQSPABygQiD5nHhWnJM0RiMoujYmh5nZGbYqApSXByjcdv-dd-V67jrVDyIXhN3jP_b37wemx_pSRtt5dWROBgB&id=lidar2&mcvt=1000&p=129,1025,429,1361&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230605&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=4184723219&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1686180961120&rpt=4157&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.177.97.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tm-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 6547 		837 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=65526799&p=156696&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
51921e697ea16e4fd7897e059618589e8fddf9e809a6feed4e297f4a096d4d71

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Wed, 07 Jun 2023 23:36:06 GMT
content-length
837
content-type
text/html; charset=UTF-8
setuid
s2s.t13.io/
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=99&gdpr=&gdpr_consent=&redir=
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=2c43c52b-8016-462a-a7c8-b819e09b1d64-6481146d-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=2c43c52b-8016-462a-a7c8-b819e09b1d64-6481146d-5553&partner_url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dbasis%26gdpr%3D0...
  • https://s2s.t13.io/setuid?bidder=basis&gdpr=0&gdpr_consent=&us_privacy=&uid=2c43c52b-8016-462a-a7c8-b819e09b1d64-6481146d-5553
86 B
115 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2s.t13.io/setuid?bidder=basis&gdpr=0&gdpr_consent=&us_privacy=&uid=2c43c52b-8016-462a-a7c8-b819e09b1d64-6481146d-5553
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:20 GMT
content-encoding
gzip
via
1.1 google
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0

Redirect headers

date
Wed, 07 Jun 2023 23:36:20 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://s2s.t13.io/setuid?bidder=basis&gdpr=0&gdpr_consent=&us_privacy=&uid=2c43c52b-8016-462a-a7c8-b819e09b1d64-6481146d-5553
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
match
c1.adform.net/serving/cookie/ Frame 8874 		35 B
592 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=65B55241-7913-40F1-9841-6178CE8D0BA2&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Wed, 07 Jun 2023 23:36:06 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 86A6
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:DrvZez1X1Q72Hd5&gdpr=0&gdpr_consent=
42 B
300 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:DrvZez1X1Q72Hd5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.86 , Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 07 Jun 2023 23:36:08 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Wed, 07 Jun 2023 23:36:07 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:DrvZez1X1Q72Hd5&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/v2.0.30-778-gc59cb35#rel-ec2-master i-000c46b183365119d@ap-southeast-1a@dxedge-app-ap-southeast-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
merge
ce.lijit.com/ Frame 3FBE
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8594266546
  • https://sync.1rx.io/usersync/tradedesk/58f19e0b-0c54-4c75-92e1-bfa769476430
  • https://sync.targeting.unrulymedia.com/csync/RX-af6c42ef-39ec-431c-b6ee-8b3073063fee-004?redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D97%263pid%3DRX-af6c42ef-39ec-431c-b6ee-8b3073063fee-004
  • https://ce.lijit.com/merge?pid=97&3pid=RX-af6c42ef-39ec-431c-b6ee-8b3073063fee-004
43 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=97&3pid=RX-af6c42ef-39ec-431c-b6ee-8b3073063fee-004
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.175.41.15 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
sovrn-193627-chi03-placeholder
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
43
Content-Type
image/gif
Date
Wed, 07 Jun 2023 23:36:07 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap2ord1

Redirect headers

content-type
text/html
date
Wed, 07 Jun 2023 23:36:07 GMT
etag
RXaf6c42ef39ec431cb6ee8b3073063fee004
location
https://ce.lijit.com/merge?pid=97&3pid=RX-af6c42ef-39ec-431c-b6ee-8b3073063fee-004
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Pug
simage2.pubmatic.com/AdServer/ Frame 3153
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:6D58E35949B24D2789C3A33390EAEA17&gdpr=0&gdpr_consent=
1 B
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:6D58E35949B24D2789C3A33390EAEA17&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.86 , Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Wed, 07 Jun 2023 23:36:07 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Wed, 07 Jun 2023 23:36:06 GMT
expires
Tue, 06 Jun 2023 23:36:06 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:6D58E35949B24D2789C3A33390EAEA17&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
458249.gif
idsync.rlcdn.com/ Frame 6547
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=65B55241-7913-40F1-9841-6178CE8D0BA2
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJDY1QjU1MjQxLTc5MTMtNDBGMS05ODQxLTYxNzhDRThEMEJBMhAAGg0I56iEpAYSBQjoBxAAQgBKAA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=cb3ae32dc2a6e45de8e9fc37c347abc8b938b8ee11d012b070e3bfbf8576429b791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlBjYjNhZTMyZGMyYTZlNDVkZThlOWZjMzdjMzQ3YWJjOGI5MzhiOGVlMTFkMDEyYjA3MGUzYmZiZjg1NzY0MjliNzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlBjYjNhZTMyZGMyYTZlNDVkZThlOWZjMzdjMzQ3YWJjOGI5MzhiOGVlMTFkMDEyYjA3MGUzYmZiZjg1NzY0MjliNzkxNDI2YjU0MTdkY2UyMRAAGgwI6KiEpAYSBAgCEABCAEoA&goog...
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
  • https://idsync.rlcdn.com/458249.gif?partner_uid=eaf3497a-e89b-4704-bcd2-9e1feb432b91
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/458249.gif?partner_uid=eaf3497a-e89b-4704-bcd2-9e1feb432b91
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:36:09 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/458249.gif?partner_uid=eaf3497a-e89b-4704-bcd2-9e1feb432b91
date
Wed, 07 Jun 2023 23:36:09 GMT
via
1.1 google
x-samesite
secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
content-type
text/html; charset=utf-8
setuid
s2s.t13.io/ Frame 318E 		0
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2s.t13.io/setuid?bidder=sovrn&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&f=b&uid=Gx0oSQZHp0TGjVC4TkWPbU8_&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=1---&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:06 GMT
via
1.1 google
content-type
text/html
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0
ae12848777b41970a5f2
s.amazon-adsystem.com/x/ Frame 318E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/x/ae12848777b41970a5f2?gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=1---&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers
merge
ce.lijit.com/ Frame 318E
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://ce.lijit.com/merge?pid=85&3pid=AANsPk7JAikAACFAbFObtA&gdpr=0
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=85&3pid=AANsPk7JAikAACFAbFObtA&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=1---&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
HTTP/1.1
Server
69.175.41.15 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
sovrn-193627-chi03-placeholder
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 07 Jun 2023 23:36:08 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ord1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=85&3pid=AANsPk7JAikAACFAbFObtA&gdpr=0
Date
Wed, 07 Jun 2023 23:36:08 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
merge
ce.lijit.com/ Frame 318E
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=sovrn&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1506031410
  • https://sync.1rx.io/usersync/tradedesk/58f19e0b-0c54-4c75-92e1-bfa769476430
  • https://sync.targeting.unrulymedia.com/csync/RX-af6c42ef-39ec-431c-b6ee-8b3073063fee-004?redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D97%263pid%3DRX-af6c42ef-39ec-431c-b6ee-8b3073063fee-004
  • https://ce.lijit.com/merge?pid=97&3pid=RX-af6c42ef-39ec-431c-b6ee-8b3073063fee-004
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=97&3pid=RX-af6c42ef-39ec-431c-b6ee-8b3073063fee-004
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=1---&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
HTTP/1.1
Server
69.175.41.15 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
sovrn-193627-chi03-placeholder
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 07 Jun 2023 23:36:08 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ord1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=97&3pid=RX-af6c42ef-39ec-431c-b6ee-8b3073063fee-004
date
Wed, 07 Jun 2023 23:36:07 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXaf6c42ef39ec431cb6ee8b3073063fee004
content-type
text/html
merge
ce.lijit.com/ Frame 318E
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=80&3pid=LIMCLUXN-28-LG0C&gdpr=0
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=80&3pid=LIMCLUXN-28-LG0C&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=1---&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
HTTP/1.1
Server
69.175.41.15 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
sovrn-193627-chi03-placeholder
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 07 Jun 2023 23:36:09 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ord1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ce.lijit.com/merge?pid=80&3pid=LIMCLUXN-28-LG0C&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
7d24643e640b7b50906469aa87bfb2ce
Expires
0
merge
ce.lijit.com/ Frame 318E
Redirect Chain
  • https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=27&3pid=58f19e0b-0c54-4c75-92e1-bfa769476430&gdpr=0&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=27&3pid=58f19e0b-0c54-4c75-92e1-bfa769476430&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=1---&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
HTTP/1.1
Server
69.175.41.15 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
sovrn-193627-chi03-placeholder
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 07 Jun 2023 23:36:07 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ord1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:06 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ce.lijit.com/merge?pid=27&3pid=58f19e0b-0c54-4c75-92e1-bfa769476430&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
223
merge
ce.lijit.com/ Frame 318E
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=83&3pid=LIMCLUXN-28-LG0C&gdpr=0
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=83&3pid=LIMCLUXN-28-LG0C&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=1---&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
HTTP/1.1
Server
69.175.41.15 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
sovrn-193627-chi03-placeholder
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 07 Jun 2023 23:36:08 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ord1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ce.lijit.com/merge?pid=83&3pid=LIMCLUXN-28-LG0C&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e06182bf224d96e6550f4595601cdb0b
Expires
0
merge
ce.lijit.com/ Frame 318E
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D92%263pid%3D%24UID&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=92&3pid=1731213324646008949&gdpr=0&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=92&3pid=1731213324646008949&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=1---&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
HTTP/1.1
Server
69.175.41.15 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
sovrn-193627-chi03-placeholder
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 07 Jun 2023 23:36:07 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ord1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Date
Wed, 07 Jun 2023 23:36:06 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
66.203.112.162; 66.203.112.162; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
18f9cceb-1414-4258-910f-789c4a965143
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://ce.lijit.com/merge?pid=92&3pid=1731213324646008949&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame 49DC 		661 B
417 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=1---&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
a555823107bc6017c4e13df642b17ae7744314e6de998457d51242be5d742947

Request headers

Referer
https://ce.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
398
content-type
text/html
date
Wed, 07 Jun 2023 23:36:06 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 5E41 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=1---&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.65.228.208 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-65-228-208.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://ce.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=45533
content-encoding
gzip
content-length
5554
content-type
text/html
date
Wed, 07 Jun 2023 23:36:06 GMT
expires
Thu, 08 Jun 2023 12:14:59 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
server-timing
ak_p; desc="1686180966927_390796573_64049998_20_456_336_0_255";dur=1
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C3B3 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=1---&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.65.228.208 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-65-228-208.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://ce.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=45533
content-encoding
gzip
content-length
5554
content-type
text/html
date
Wed, 07 Jun 2023 23:36:06 GMT
expires
Thu, 08 Jun 2023 12:14:59 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
server-timing
ak_p; desc="1686180966927_390796573_64049999_14_337_336_0_255";dur=1
vary
Accept-Encoding
merge
ce.lijit.com/ Frame 49DC 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=76&3pid=5cbbbfc7-cfea-4c7d-b6a1-84c6f3dd1da4
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.175.41.15 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
sovrn-193627-chi03-placeholder
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 07 Jun 2023 23:36:07 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ord1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
redirect
match.rundsp.com/ Frame 49DC 		0
0
19cb1bfc173dcb98ccec
s.amazon-adsystem.com/x/ Frame 49DC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/x/19cb1bfc173dcb98ccec
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers
sd
us-u.openx.net/w/1.0/ Frame 49DC
Redirect Chain
  • https://i.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://us-u.openx.net/w/1.0/sd?id=537072979&val=uPD9hfEq1Q72He5
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072979&val=uPD9hfEq1Q72He5
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:09 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 07 Jun 2023 23:36:07 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-778-gc59cb35#rel-ec2-master i-000c46b183365119d@ap-southeast-1a@dxedge-app-ap-southeast-1-prod-asg
Location
https://us-u.openx.net/w/1.0/sd?id=537072979&val=uPD9hfEq1Q72He5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 49DC
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZIEUZAAQCTiUGABL
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZIEUZAAQCTiUGABL
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:07 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by
cache-bfi-kbfi7400027-BFI
pragma
no-cache
date
Wed, 07 Jun 2023 23:36:07 GMT
via
1.1 varnish
server
Varnish
x-timer
S1686180967.184124,VS0,VE0
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZIEUZAAQCTiUGABL
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
openx
tr.blismedia.com/v1/api/sync/ Frame 49DC 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/openx
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:36:07 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
sd
jp-u.openx.net/w/1.0/ Frame 49DC
Redirect Chain
  • https://bk.r-ad.ne.jp/3/cs
  • https://jp-u.openx.net/w/1.0/sd?id=537097918&val=54lNa2018BDDa007LKE9
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537097918&val=54lNa2018BDDa007LKE9
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:08 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-store, no-cache
Date
Wed, 07 Jun 2023 23:36:08 GMT
Server
nginx
P3P
CP="NON DSP COR CURa ADMa DEVa CUSo TAIa PSDo OUR BUS UNI COM NAV STA"
location
//jp-u.openx.net/w/1.0/sd?id=537097918&val=54lNa2018BDDa007LKE9
cache-control
private, no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
X-SID
159f32b0
212.json
id5-sync.com/g/v2/ Frame 525D 		600 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/212.json
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_9.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
d14b42d1554f1533617534ed5c4428f5a156d6601eb2f0ddfb9ca75a70243815
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.themarysue.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 07 Jun 2023 23:36:07 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.themarysue.com
p3p
CP="CAO PSA OUR"
access-control-allow-credentials
true
PugMaster
image6.pubmatic.com/AdServer/ Frame 6ECD 		47 B
222 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=62206748&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=1---&predirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Wed, 07 Jun 2023 23:36:07 GMT
content-length
47
content-type
text/html; charset=UTF-8
setuid
s2s.t13.io/ Frame B539 		0
14 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s2s.t13.io/setuid?bidder=pubmatic&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&f=b&uid=65B55241-7913-40F1-9841-6178CE8D0BA2
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=1---&predirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html
date
Wed, 07 Jun 2023 23:36:07 GMT
expires
0
pragma
no-cache
via
1.1 google
chunklist_1280.m3u8
video.primis.tech/uploads/cn23/video/users/hls/29267/video_5f2a756fed840275155721/vid62548fcf4b57b123420659.mp4/ 		5 KB
873 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn23/video/users/hls/29267/video_5f2a756fed840275155721/vid62548fcf4b57b123420659.mp4/chunklist_1280.m3u8
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.18.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-18-43.hkg62.r.cloudfront.net
Software
nginx /
Resource Hash
884bdaf96274b018bf30d2c8229d58038b47fbd093c70014bd39471e11771978

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:36:03 GMT
via
1.1 ee71fcaa8d3fdbddee74740dbbf20dc2.cloudfront.net (CloudFront), 1.1 1a70506ef88d5d28a7d133d7ccac4682.cloudfront.net (CloudFront)
content-encoding
br
x-amz-cf-pop
IAH50-P2, HKG62-C2
age
5
x-cache
Hit from cloudfront
last-modified
Tue, 12 Apr 2022 01:14:29 GMT
server
nginx
etag
W/"7b163877d67774f0b7bae8b728e43ca3"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
cache-control
max-age=86400
vary
Accept-Encoding
x-amz-cf-id
SaU3RljHb4UguF_oc83c2xc9bHImVFFinvcjqGj6ax0hWQwieQCwvA==
expires
Thu, 08 Jun 2023 23:36:03 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 6547 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156696&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.85 , Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:36:08 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
w_1280_00000.ts
video.primis.tech/uploads/cn23/video/users/hls/29267/video_5f2a756fed840275155721/vid62548fcf4b57b123420659.mp4/ 		750 KB
752 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn23/video/users/hls/29267/video_5f2a756fed840275155721/vid62548fcf4b57b123420659.mp4/w_1280_00000.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.18.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-18-43.hkg62.r.cloudfront.net
Software
nginx /
Resource Hash
e4652142ac6c845f6c2a46716340a3079411bdec085c9f942eefcb0c07d38c3e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:36:03 GMT
via
1.1 1ad4f21710c30c86f0c2c6495ab30228.cloudfront.net (CloudFront), 1.1 1a70506ef88d5d28a7d133d7ccac4682.cloudfront.net (CloudFront)
x-amz-cf-pop
IAH50-P2, HKG62-C2
age
5
x-cache
Hit from cloudfront
content-length
768356
last-modified
Tue, 12 Apr 2022 01:14:29 GMT
server
nginx
etag
"b138bec9410588d39bf39123de9dab2f"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
8OIdgkbl0qbx_K8TN1M38iwdJEOSgu8941JpwSYyfXjlmGJJgPlsaA==
expires
Wed, 21 Jun 2023 23:36:03 GMT
3ec9e1ad-e1d5-493a-93d9-e430ac304da0
https://www.themarysue.com/ 		67 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.themarysue.com/3ec9e1ad-e1d5-493a-93d9-e430ac304da0
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b3e57eb372e8b405c816875571e184854b2846261c7477c6c9bdb7782faa1a30

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Length
68465
Content-Type
text/javascript
liveView.php
live.primis.tech/live/ 		0
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTI1JaNypaZypyRcoWU9MTY4NwE4MDx1NlZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTEjMwx1JaN0YT0jJat9MmAjJax9MTY5JaZcZF9jYXNmRG9gYWyhPXq3ql50nGVgYXJ5p3VyLzNioSZmqWJJZD13q3phqGuyoWFlrXN1ZS5wo20zZGVvqWqJozZipz1uqGyiow0znXNBpHA9MCZmZGg2PSZ1p2VlSXBBZGRlPTY2LwIjMl4kMTIhMTYlJaVmZXJVQT1No3ccoGkuJTJGNS4jJTIjJTI4V2yhZG93plUlME5UJTIjMTAhMCUmQvUlMFqcowY0JTNCJTIjrDY0JTI5JTIjQXBjoGVXZWJLnXQyMxY1MmphMmYyMwAyMwuLSFRNTCUlQlUlMGkcn2UyMwBHZWNeolUlOSUlMENbpz9gZSUlRwEkNC4jLwU3MmUhMTA2JTIjU2FzYXJcJTJGNTM3LwM2JzNmqXVcZD02NDtkMTQ1NmyvZDUkJzNioaRyoaRGnWkySWQ9MCZgZWRcYVBfYXyMnXN0SWQ9MCZgZWRcYUkcp3RJZD0jJzR1pw04MDAzZ2Rjpw0jJzqxpHJDo25mZW50PSZcp1qyUGFmp0qxpHI9MSZwY3BuPTAzY2NjYUNioaNyoaQ9JzNvqXN0ZXI9MTY4NwE4MDx2OTIjNlZ1nWQ9U2VenW5xo1NQoGF5ZXI2NDtkMTQ1ZDyvMzZuJaB1YyVloD1bqHRjplUmQSUlRvUlRaq3ql50nGVgYXJ5p3VyLzNioSUlRvZzoG9uqFN0YXR1pm1zYWkmZSZynWRmpD1cnXE=
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.167.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-167-7.hkg54.r.cloudfront.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:18 GMT
content-encoding
gzip
via
1.1 52c5ddb029eae46cd9dad0cfd50b5b8e.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
HKG54-C1
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
x-amz-cf-id
6b6MNtRnem062-CeX08VRrKO3vK_6nZeI0NGgyWMc5gAOThAXIoGmA==
w_1280_00001.ts
video.primis.tech/uploads/cn23/video/users/hls/29267/video_5f2a756fed840275155721/vid62548fcf4b57b123420659.mp4/ 		884 KB
885 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn23/video/users/hls/29267/video_5f2a756fed840275155721/vid62548fcf4b57b123420659.mp4/w_1280_00001.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.18.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-18-43.hkg62.r.cloudfront.net
Software
nginx /
Resource Hash
baf5b344817ef171fc66610b9c71234a846d1d6478f104d0e1c99648dc704732

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:36:06 GMT
via
1.1 55429f2d64d86ac51a104a1c84030e14.cloudfront.net (CloudFront), 1.1 1a70506ef88d5d28a7d133d7ccac4682.cloudfront.net (CloudFront)
x-amz-cf-pop
SFO5-C1, HKG62-C2
age
3
x-cache
Hit from cloudfront
content-length
904844
last-modified
Tue, 12 Apr 2022 01:14:29 GMT
server
nginx
etag
"b96840865d0c74ea206069cf2e97abef"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
LlZy8FHRirrWGIgVmlYApDzIIK-sc1F92hXik2X4dmLOn0A_M82iGQ==
expires
Wed, 21 Jun 2023 23:36:06 GMT
collect
v.clarity.ms/ 		0
298 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.8/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.189.135 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.themarysue.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.themarysue.com
Date
Wed, 07 Jun 2023 23:36:10 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
merge
ce.lijit.com/ Frame C135 		43 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=58&3pid=65B55241-7913-40F1-9841-6178CE8D0BA2
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.175.41.15 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
sovrn-193627-chi03-placeholder
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
43
Content-Type
image/gif
Date
Wed, 07 Jun 2023 23:36:10 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap2ord1
merge
ce.lijit.com/ Frame D40A 		43 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=71&3pid=65B55241-7913-40F1-9841-6178CE8D0BA2
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.175.41.15 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
sovrn-193627-chi03-placeholder
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
43
Content-Type
image/gif
Date
Wed, 07 Jun 2023 23:36:10 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap2ord1
w_1280_00002.ts
video.primis.tech/uploads/cn23/video/users/hls/29267/video_5f2a756fed840275155721/vid62548fcf4b57b123420659.mp4/ 		920 KB
922 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn23/video/users/hls/29267/video_5f2a756fed840275155721/vid62548fcf4b57b123420659.mp4/w_1280_00002.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.18.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-18-43.hkg62.r.cloudfront.net
Software
nginx /
Resource Hash
43e6486fb6fd2c4044bb2282bd4a64bb6d70754a96564a94a6937c0ca9f4c85c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:36:10 GMT
via
1.1 46e204a489342e831ee06d482c0e4bae.cloudfront.net (CloudFront), 1.1 1a70506ef88d5d28a7d133d7ccac4682.cloudfront.net (CloudFront)
x-amz-cf-pop
LAX3-C4, HKG62-C2
x-cache
Miss from cloudfront
content-length
941692
last-modified
Tue, 12 Apr 2022 01:14:29 GMT
server
nginx
etag
"aedd43f38718176007f3b665a99a36b7"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
Vp0H03x_JJWk2sBosfX_AV3fD7LWODYo9LSjhHDA5L8ti3gBW3xDDA==
expires
Wed, 21 Jun 2023 23:36:10 GMT
perf
ch-trc-events.taboola.com/skimlinks-publishers/log/3/ 		0
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ch-trc-events.taboola.com/skimlinks-publishers/log/3/perf?route=US%3ACH%3AV&lti=rbox-loader-clean-test_var
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230605-13_b1-PR-57411-DEV-105123-remove-unused-features-from-loader-js-21bd1c7f52d.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.themarysue.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.themarysue.com
pragma
no-cache
date
Wed, 07 Jun 2023 23:36:11 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
w_1280_00003.ts
video.primis.tech/uploads/cn23/video/users/hls/29267/video_5f2a756fed840275155721/vid62548fcf4b57b123420659.mp4/ 		874 KB
876 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn23/video/users/hls/29267/video_5f2a756fed840275155721/vid62548fcf4b57b123420659.mp4/w_1280_00003.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.18.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-18-43.hkg62.r.cloudfront.net
Software
nginx /
Resource Hash
c4ff817554e681ecd03bebacdfbf468b2b9f551e75ac0d3dc95f4b813debcc87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:36:12 GMT
via
1.1 5d364edd2927236ece76b1ef58ec87da.cloudfront.net (CloudFront), 1.1 1a70506ef88d5d28a7d133d7ccac4682.cloudfront.net (CloudFront)
x-amz-cf-pop
LAX3-C4, HKG62-C2
x-cache
Miss from cloudfront
content-length
895444
last-modified
Tue, 12 Apr 2022 01:14:29 GMT
server
nginx
etag
"b6076a709682236e153215040f6151b0"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
zFgLVMCh-vplNn4pkVR-ioJwA5n1yBag-lPAAvqTAFNQPAXmuAKimg==
expires
Wed, 21 Jun 2023 23:36:12 GMT
/
pips.taboola.com/ 		4 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-served-by
cache-bfi-krnt7300029-BFI
date
Wed, 07 Jun 2023 23:36:13 GMT
via
1.1 varnish
server
Varnish
access-control-allow-methods
GET
x-cache
HIT
access-control-allow-origin
https://www.themarysue.com
cache-control
no-store
accept-ranges
bytes
content-length
4
retry-after
0
x-cache-hits
0
w_1280_00004.ts
video.primis.tech/uploads/cn23/video/users/hls/29267/video_5f2a756fed840275155721/vid62548fcf4b57b123420659.mp4/ 		789 KB
791 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn23/video/users/hls/29267/video_5f2a756fed840275155721/vid62548fcf4b57b123420659.mp4/w_1280_00004.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.18.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-18-43.hkg62.r.cloudfront.net
Software
nginx /
Resource Hash
2d3954c57cf0a57df9be762e14392c00928723fe3f09d90474869dc6a557170b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:36:13 GMT
via
1.1 c05b92533bb05b06cb6ce1b3ba4ff604.cloudfront.net (CloudFront), 1.1 1a70506ef88d5d28a7d133d7ccac4682.cloudfront.net (CloudFront)
x-amz-cf-pop
LAX3-C4, HKG62-C2
x-cache
Miss from cloudfront
content-length
808400
last-modified
Tue, 12 Apr 2022 01:14:29 GMT
server
nginx
etag
"2b01ef36237f757e0e017c66ebbb5fb5"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
ph9BZkXcLref80DDxRycvbHj5u4d6FjLbn7AB5p91s1h0QNHtGNGgA==
expires
Wed, 21 Jun 2023 23:36:13 GMT
/
cds.taboola.com/ 		0
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=19fd43c0-aab5-47d2-9549-7e0050dccabe-tuctb7a99da&mbl=ZmFsc2U=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 07 Jun 2023 23:36:14 GMT
cache-control
no-store
server
nginx
rules-p-UeXruRVtZz7w6.js
rules.quantcount.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-UeXruRVtZz7w6.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.167.49 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a7b5f5f96f81dea4efc53e1d4dae8b37c28bec27a45b42ccf604ee759e20caec

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:24:10 GMT
content-encoding
gzip
via
1.1 0cfddac687b0e42e0853cfa412519154.cloudfront.net (CloudFront)
x-amz-cf-pop
HKG54-C1
age
731
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Thu, 07 Dec 2017 17:06:25 GMT
server
AmazonS3
etag
W/"cbc97d16c77ea1fcbbf42d246001e982"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-id
7o9hniNrxyzBU5BTS2VCOnkpOECYNqbhBw8c53ot1afhs4KnbOVGwA==
esp
oajs.openx.net/ 		85 B
326 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.themarysue.com%2F&rid=esp
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.107.143 -, , ASN (),
Reverse DNS
Software
/ Express
Resource Hash
847c0e8023ee775b9b8c37696a6142eefd845e85ed79b3e8792488428918fb7d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:36:15 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-oU4aIHARHWqc7E5Ai0T+/7oD/Lk"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.themarysue.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85
increment
id5-sync.com/api/esp/ 		0
327 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.themarysue.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.themarysue.com
date
Wed, 07 Jun 2023 23:36:15 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
encrypt
esp.rtbhouse.com/ 		221 B
315 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://esp.rtbhouse.com/encrypt
Requested by
Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.111 -, , ASN (),
Reverse DNS
Software
Google Frontend /
Resource Hash
6098eddfb09532d928ec2db39825491011b6962805ab11bfc71efbc82a00a0ad

Request headers

Referer
https://www.themarysue.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 07 Jun 2023 23:36:16 GMT
via
1.1 google, 1.1 google
server
Google Frontend
content-type
application/json
access-control-allow-origin
*
x-cloud-trace-context
507fb9207dc8ff5928867dc3076825da
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
221
encrypt
esp.rtbhouse.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://esp.rtbhouse.com/encrypt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.111 -, , ASN (),
Reverse DNS
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.themarysue.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST, GET
access-control-allow-origin
https://www.themarysue.com
access-control-max-age
600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
content-type
text/plain; charset=utf-8
date
Wed, 07 Jun 2023 23:36:16 GMT
server
Google Frontend
vary
Origin
via
1.1 google, 1.1 google
x-cloud-trace-context
82f0c1d81e7df1f96276120454252b3f
w_1280_00005.ts
video.primis.tech/uploads/cn23/video/users/hls/29267/video_5f2a756fed840275155721/vid62548fcf4b57b123420659.mp4/ 		688 KB
689 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn23/video/users/hls/29267/video_5f2a756fed840275155721/vid62548fcf4b57b123420659.mp4/w_1280_00005.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.18.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-18-43.hkg62.r.cloudfront.net
Software
nginx /
Resource Hash
0023fe796f876b200853150cea24da176e1c678bace4f57f2b6441f1a48b9a01

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:36:15 GMT
via
1.1 c9fc8eca0b2b3a083a77fd1cf662c1a8.cloudfront.net (CloudFront), 1.1 1a70506ef88d5d28a7d133d7ccac4682.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C1, HKG62-C2
x-cache
Miss from cloudfront
content-length
704436
last-modified
Tue, 12 Apr 2022 01:14:29 GMT
server
nginx
etag
"8cd58f98ee0e4987e310234cd870c1bf"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
om8KlFiEI4y4zmpkIVeB3g2NfVUpVb7DScMIIrLAaiL2s5srE6QK3w==
expires
Wed, 21 Jun 2023 23:36:15 GMT
pd
google-bidout-d.openx.net/w/1.0/ Frame 2902 		449 B
637 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
ccd86a7f3034f6800e6ff69b4a3fb5d625b12eefdb5e86b9bbfc19348ffb3e57

Request headers

Referer
https://www.themarysue.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
305
content-type
text/html
date
Wed, 07 Jun 2023 23:36:15 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
syncframe
gum.criteo.com/ Frame 4C1E 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.themarysue.com&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
a6a542faa22889d6a38c8d2afc411f3779236afc8733c87d9e82428ecfb0928f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.themarysue.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 07 Jun 2023 23:36:16 GMT
server
Kestrel
server-processing-duration-in-ticks
1399377
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 525D 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.153.155 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 03:11:25 GMT
x-amz-version-id
Zm_tZQQ808JKRizBfXGgSN2OWn8Z6JUU
content-encoding
gzip
via
1.1 e74ae1ee8d87215b42aa8a1c59137a48.cloudfront.net (CloudFront)
x-amz-cf-pop
HKG54-C1
age
73492
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Fri, 26 May 2023 01:35:48 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
eI7-RDJnht2RKDBtzjaS5qDEBmPI_eqixSpBVravfZVMqEb7zPi_5g==
sd
us-u.openx.net/w/1.0/ Frame 2902
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=openx
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_custom_parameter=4f0664f5-7787-47d1-8469-677d4e269b7e
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_custom_parameter=4f0664f5-7787-47d1-8469-677d4e269b7e
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=9eef2c2f-4801-45e2-8444-5fa52f09b984&user_group=1&ssp=openx&bsw_param=4f0664f5-7787-47d1-8469-677d4e269b7e
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=4f0664f5-7787-47d1-8469-677d4e269b7e&gdpr=&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072968&val=4f0664f5-7787-47d1-8469-677d4e269b7e&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:18 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
//us-u.openx.net/w/1.0/sd?id=537072968&val=4f0664f5-7787-47d1-8469-677d4e269b7e&gdpr=&gdpr_consent=&us_privacy=
Date
Wed, 07 Jun 2023 23:36:17 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
/
apsoutheast-match.deepintent.com/usersync/108/ Frame 2902 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apsoutheast-match.deepintent.com/usersync/108/
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.18.47.7 Miami, United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:36:15 GMT
content-length
0
server
b
sd
us-u.openx.net/w/1.0/ Frame 2902
Redirect Chain
  • https://openx2-match.dotomi.com/match/bounce/current?networkId=15900&version=1&nuid={OX_USER_ID}
  • https://openx2-match.dotomi.com/match/bounce/current?DotomiTest=2c879f5fa215228d&is_secure=true&networkId=15900&version=1&nuid=%7BOX_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAALenmBkdIgyQM2WdfIAAAAAAA&expiration=1686267376&nuid={OX_USER_ID}&is_secure=true
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAALenmBkdIgyQM2WdfIAAAAAAA&expiration=1686267376&nuid={OX_USER_ID}&is_secure=true
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:16 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:16 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAALenmBkdIgyQM2WdfIAAAAAAA&expiration=1686267376&nuid={OX_USER_ID}&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
sync
ups.analytics.yahoo.com/ups/58294/ Frame 2902 		0
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&gdpr=0&uid=1e91e28e-fd34-4c39-a23a-f36a1ccfd69f
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.228.126.19 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-228-126-19.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:36:16 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sd
us-u.openx.net/w/1.0/ Frame 2902
Redirect Chain
  • https://um.simpli.fi/ox_match
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=6D58E35949B24D2789C3A33390EAEA17
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072966&val=6D58E35949B24D2789C3A33390EAEA17
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:16 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Wed, 07 Jun 2023 23:36:16 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://us-u.openx.net/w/1.0/sd?id=537072966&val=6D58E35949B24D2789C3A33390EAEA17
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Tue, 06 Jun 2023 23:36:16 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		94 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
bc82310d2b82f3aa74a269e8f679359bda827c649adb41486fd1af268a026ac1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:36:17 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 31 May 2023 13:09:50 GMT
server
nginx
etag
W/"6477471e-176eb"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 08 Jun 2023 23:36:17 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.themarysue.com&pubid=0ab198dd-b265-462a-ae36-74e163ad6159
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.153.155 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
e3f5130c846dd2b8362310a320f23c7f7969ac5cc50143e5d39ec4355a498597

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:36:15 GMT
via
1.1 000be6a6f55d3278e3e48047baa61246.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
HKG54-C1
x-cache
Miss from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.themarysue.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
1037
x-amz-cf-id
aBbBjVRlLvDoygr6OSQXkLgZNWhF4UYJcqwg4YShdC6AQON26b4p2w==
bid
aax.amazon-adsystem.com/e/dtb/ 		732 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.themarysue.com%2F&pid=KHsk6mV3Pozvo&cb=0&ws=1600x1200&v=23.517.1921&t=1000&slots=%5B%7B%22sd%22%3A%22themarysuecom_sticky_footer%22%2C%22s%22%3A%5B%221x1%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F15184186%2C143457427%2Fthemarysuecom_sticky_footer%22%7D%5D&schain=1.0%2C1!freestar.com%2C1570%2C1%2C%2C%2C&pubid=0ab198dd-b265-462a-ae36-74e163ad6159&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.87.112 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
7c5f155e922a4d87965c4fe27e22d49eaf27db97becc7fbce288fd01390c651e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:36:17 GMT
via
1.1 94db66e0b13cce35d9db0c342571f976.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
HKG62-C2
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.themarysue.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
732
x-amz-cf-id
l2oXS-CHgFw2g4U8_63qCREs8O7fd_8lDYvu-FBcNYrlS-902PkQqA==
bid
aax.amazon-adsystem.com/e/dtb/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.themarysue.com%2F&pid=KHsk6mV3Pozvo&cb=1&ws=1600x1200&v=23.517.1921&t=1000&slots=%5B%7B%22sd%22%3A%22themarysuecom_right_sidebar_atf_sticky%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%2C%22300x300%22%5D%2C%22sn%22%3A%22%2F15184186%2C143457427%2Fthemarysuecom_right_sidebar_atf_sticky%22%7D%2C%7B%22sd%22%3A%22themarysuecom_right_sidebar_btf_sticky_2%22%2C%22s%22%3A%5B%22120x200%22%2C%22200x200%22%2C%22300x200%22%2C%22250x250%22%2C%22300x250%22%2C%22336x280%22%2C%22300x300%22%2C%22300x333%22%2C%22250x360%22%2C%22120x400%22%2C%22240x400%22%2C%22300x400%22%2C%22300x420%22%2C%22120x600%22%2C%22160x600%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F15184186%2C143457427%2Fthemarysuecom_right_sidebar_btf_sticky%22%7D%2C%7B%22sd%22%3A%22themarysuecom_right_sidebar_btf_sticky_3%22%2C%22s%22%3A%5B%22120x200%22%2C%22200x200%22%2C%22300x200%22%2C%22250x250%22%2C%22300x250%22%2C%22336x280%22%2C%22300x300%22%2C%22300x333%22%2C%22250x360%22%2C%22120x400%22%2C%22240x400%22%2C%22300x400%22%2C%22300x420%22%2C%22120x600%22%2C%22160x600%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F15184186%2C143457427%2Fthemarysuecom_right_sidebar_btf_sticky%22%7D%5D&schain=1.0%2C1!freestar.com%2C1570%2C1%2C%2C%2C&pubid=0ab198dd-b265-462a-ae36-74e163ad6159&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.87.112 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
b8dd39c40d4ea73bbd62534ea9d62f841178a98fdcdc2414054aefc6eedb0671

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:36:16 GMT
via
1.1 94db66e0b13cce35d9db0c342571f976.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
HKG62-C2
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.themarysue.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
1501
x-amz-cf-id
dV5z_8wW0DMlBFgSeNqFjWsnZN5s7J9Be8m-jOe757bcbzpfXSIK1g==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.153.155 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 03:11:25 GMT
x-amz-version-id
Zm_tZQQ808JKRizBfXGgSN2OWn8Z6JUU
content-encoding
gzip
via
1.1 e74ae1ee8d87215b42aa8a1c59137a48.cloudfront.net (CloudFront)
x-amz-cf-pop
HKG54-C1
age
73492
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Fri, 26 May 2023 01:35:48 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
PhPezTiecBqJWp53T0GJdABJrkt11HyY2zNQ1z4MP-9DtccHZEfgpw==
collect
v.clarity.ms/ 		0
298 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.8/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.189.135 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.themarysue.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.themarysue.com
Date
Wed, 07 Jun 2023 23:36:16 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
ice.js
resources.infolinks.com/js/1867.003-3.027/ 		186 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/1867.003-3.027/ice.js
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1867.003-3.027/frame_content.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d640c052242a5bc13404627dd9d603d7b416a519eff053c2d00613ad85362e0c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:36:19 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 23 May 2023 10:54:53 GMT
server
cloudflare
age
11795
etag
W/"2e87a-5fc5a379ec0f4"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
7d3cb7701f3fa826-SYD
expires
Fri, 07 Jul 2023 20:19:44 GMT
frame_inplace.js
resources.infolinks.com/js/1867.003-3.027/ Frame 1623 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/1867.003-3.027/frame_inplace.js
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1867.003-3.027/frame_content.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2d85ed824caa2d8cae5f67a7a53e65307cde09a44f5b971b16446a159ae2dc3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:36:19 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 23 May 2023 10:54:53 GMT
server
cloudflare
age
9110
etag
W/"b77-5fc5a379ed47c"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
7d3cb770afd0a826-SYD
expires
Fri, 07 Jul 2023 21:04:29 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305310101/ Frame 9524 		351 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305310101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9356934496955375
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.177.97.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tm-in-f154.1e100.net
Software
cafe /
Resource Hash
61ee6ba688bebe173692917d9474e35c90079186a0d8c46378d90a9df922b01b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:36:19 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
120640
x-xss-protection
0
server
cafe
etag
15464024940563367107
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 07 Jun 2023 23:36:19 GMT
recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.96.191 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.themarysue.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Wed, 07 Jun 2023 23:36:17 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.202.140.104 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:36:20 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
server-timing
ak_p; desc="1686180980498_1611772956_42055195_13_339_339_397_146";dur=1
accept-ranges
bytes
content-length
17407
expires
Wed, 07 Jun 2023 23:51:20 GMT
id5-api.js
cdn.id5-sync.com/api/1.0/ 		58 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.52.86 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
2ffd682978600218b840e3c6f9aeee91c676f7867e43723056e5873043332cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:36:20 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 06 Jun 2023 14:15:50 GMT
server
cloudflare
x-amz-request-id
TSR0DAQ1A6502G6K
age
182
etag
W/"bd84c027369eea0cf742a8ca6f03b75c"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7d3cb7758d3aab0b-SYD
x-amz-id-2
XCgDZNsx2NsdOMCcCmNW8njQIiDROw7U55jfiKcmn12a/4Oemf2fcGs5JXIDlvy4g/xypEzaYIM=
recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ 		0
459 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.96.191 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.themarysue.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Wed, 07 Jun 2023 23:36:18 GMT
content-length
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
json
gum.criteo.com/sid/ Frame 4C1E 		441 B
553 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=publishertagids&domain=themarysue.com&sn=ChromeSyncframe&so=3&topUrl=www.themarysue.com&bundle=D51u4V9SZ2tSSSUyQlRxd1RRUDkwNVIlMkZlN05waVloRDduc0c5ZXNENkN2VDg4SkNKdVlybm1QenV6NWtLN01jJTJGM3ZkWTZmTldYdnhLQmpUa2Z3MEVHOUZIaCUyRmI3NjBhVmZ2NlpzQmlSbWFxWjdZOHJ5TjN4M2Z1UzdnZ1UwSlolMkYxNDdHVVM&cw=1&lsw=1&topicsavail=0&fledgeavail=0
Requested by
Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.themarysue.com&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
2ced95a0c01b2b2aaecf85d4b87f4889d2fa7dfba19529f2ab1e3a595baa6615
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.themarysue.com&gdpr=0&gdpr_consent=&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:16 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1046306
expires
0
ping
ping.chartbeat.net/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=themarysue.com&p=%2F&u=Bk6PxfBBtijSC_JcPD&d=themarysue.com&g=66987&g0=No%20Section&g1=No%20Author&n=1&f=00001&c=0.5&x=0&m=0&y=8189&o=1600&w=1200&j=45&R=0&W=0&I=1&E=5&e=0&r=&PA=https%3A%2F%2Fwww.themarysue.com%2F&b=4833&t=fBnkJD1A_8ICVfMBHPMyIrBHgsMl&V=139&tz=0&sn=3&sv=DWO7GuDcqI2VCvA4tWBj30QnDmFtmC&sd=1&im=067b0fff&_
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.222.109.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-109-236.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 07 Jun 2023 23:36:20 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
liveView.php
live.primis.tech/live/ 		0
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTI1JaNypaZypyRcoWU9MTY4NwE4MDx1NlZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTEjMwx1JaN0YT0jJat9MmAjJax9MTY5JaZcZF9jYXNmRG9gYWyhPXq3ql50nGVgYXJ5p3VyLzNioSZmqWJJZD13q3phqGuyoWFlrXN1ZS5wo20zZGVvqWqJozZipz1uqGyiow0znXNBpHA9MCZmZGg2PSZ1p2VlSXBBZGRlPTY2LwIjMl4kMTIhMTYlJaVmZXJVQT1No3ccoGkuJTJGNS4jJTIjJTI4V2yhZG93plUlME5UJTIjMTAhMCUmQvUlMFqcowY0JTNCJTIjrDY0JTI5JTIjQXBjoGVXZWJLnXQyMxY1MmphMmYyMwAyMwuLSFRNTCUlQlUlMGkcn2UyMwBHZWNeolUlOSUlMENbpz9gZSUlRwEkNC4jLwU3MmUhMTA2JTIjU2FzYXJcJTJGNTM3LwM2JzNmqXVcZD02NDtkMTQ1NmyvZDUkJzNioaRyoaRGnWkySWQ9MCZgZWRcYVBfYXyMnXN0SWQ9MCZgZWRcYUkcp3RJZD0jJzR1pw04MDAzZ2Rjpw0jJzqxpHJDo25mZW50PSZcp1qyUGFmp0qxpHI9MSZwY3BuPTAzY2NjYUNioaNyoaQ9JzNvqXN0ZXI9MTY4NwE4MDx3NmIjNlZ1nWQ9U2VenW5xo1NQoGF5ZXI2NDtkMTQ1ZDyvMzZuJaB1YyVloD1bqHRjplUmQSUlRvUlRaq3ql50nGVgYXJ5p3VyLzNioSUlRvZzoG9uqFN0YXR1pm1zYWkmZSZynWRmpD1cnXE=
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.167.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-167-7.hkg54.r.cloudfront.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:20 GMT
content-encoding
gzip
via
1.1 52c5ddb029eae46cd9dad0cfd50b5b8e.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
HKG54-C1
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
x-amz-cf-id
v80hqHArAi1YUZeSZK3UL-uXtV_vFk4smunwPP8qY9PJTVfdnzZjOA==
iu3
s.amazon-adsystem.com/ Frame 9CBE 		375 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-mediagrid_n-index_n-LoopMe_n-MediaNet_n-Beeswax_ox-db5_n-inmobi_pm-db5_ym_rbd_an-db5_3lift_n-Outbrain
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
45985eaab0c2d85583037e7a36179979093d58837c387191f70df57eeb0f4436
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://www.themarysue.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
375
Content-Type
text/html;charset=ISO-8859-1
Date
Wed, 07 Jun 2023 23:36:18 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
JAZYXA314BCSZ09YJFDN
pr
s.amazon-adsystem.com/v3/ Frame 502B 		3 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_n-MediaNet_n-Beeswax_ox-db5_n-inmobi_pm-db5_ym_rbd_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-mediagrid_n-index_n-LoopMe_n-MediaNet_n-Beeswax_ox-db5_n-inmobi_pm-db5_ym_rbd_an-db5_3lift_n-Outbrain
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
837991c3f4e1d70598da8342bc7c977d8c51b7312986911c52ab17168d9c6978
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-mediagrid_n-index_n-LoopMe_n-MediaNet_n-Beeswax_ox-db5_n-inmobi_pm-db5_ym_rbd_an-db5_3lift_n-Outbrain
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
3178
Content-Type
text/html;charset=ISO-8859-1
Date
Wed, 07 Jun 2023 23:36:19 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
B46PXS5KXNNBJS3ZS1BH
ecm3
s.amazon-adsystem.com/ Frame 502B
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D?gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=4f0664f5-7787-47d1-8469-677d4e269b7e
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=4f0664f5-7787-47d1-8469-677d4e269b7e
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_n-MediaNet_n-Beeswax_ox-db5_n-inmobi_pm-db5_ym_rbd_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 07 Jun 2023 23:36:19 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
3GF5ESZT3JGDGXTG3PZA
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=4f0664f5-7787-47d1-8469-677d4e269b7e
Date
Wed, 07 Jun 2023 23:36:19 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
ecm3
s.amazon-adsystem.com/ Frame 502B
Redirect Chain
  • https://csync.loopme.me/?pubid=11405&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dloopme.com%26id%3D%7Bviewer_token%7D&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=loopme.com&id=3aabb0b3-b5e1-493d-8e7d-d4ae08ad6ab3&gdpr=0
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=loopme.com&id=3aabb0b3-b5e1-493d-8e7d-d4ae08ad6ab3&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_n-MediaNet_n-Beeswax_ox-db5_n-inmobi_pm-db5_ym_rbd_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 07 Jun 2023 23:36:20 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
AZ2BNRFFJ1ZM9HFJEA8G
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=loopme.com&id=3aabb0b3-b5e1-493d-8e7d-d4ae08ad6ab3&gdpr=0
date
Wed, 07 Jun 2023 23:36:20 GMT
server
_
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 502B
Redirect Chain
  • https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3291825772889834000V10
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3291825772889834000V10
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_n-MediaNet_n-Beeswax_ox-db5_n-inmobi_pm-db5_ym_rbd_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 07 Jun 2023 23:36:20 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
4WBYX3F3JY394GRKVHVQ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 07 Jun 2023 23:36:19 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
Location
https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3291825772889834000V10
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Server-Timing
ak_p; desc="1686180979477_387980639_71415813_10_239_331_0_-";dur=1
Content-Length
154
x-mnet-hl2
E
Expires
Wed, 07 Jun 2023 23:36:19 GMT
ecm3
s.amazon-adsystem.com/ Frame 502B
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?id=AANsPk7JAikAACFAbFObtA&ex=beeswax.com
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=AANsPk7JAikAACFAbFObtA&ex=beeswax.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_n-MediaNet_n-Beeswax_ox-db5_n-inmobi_pm-db5_ym_rbd_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 07 Jun 2023 23:36:20 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
JYA6RCP7HS9M6733YVMF
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?id=AANsPk7JAikAACFAbFObtA&ex=beeswax.com
Date
Wed, 07 Jun 2023 23:36:20 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
ecm3
s.amazon-adsystem.com/ Frame 502B
Redirect Chain
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=TEgykCnCr3EAGYbxX1zk&gdpr=0
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=TEgykCnCr3EAGYbxX1zk&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_n-MediaNet_n-Beeswax_ox-db5_n-inmobi_pm-db5_ym_rbd_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 07 Jun 2023 23:36:20 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
R0HTKW96RMHJX2ZDPMA8
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 07 Jun 2023 23:36:20 GMT
Content-Type
text/html; charset=utf-8
Location
https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=TEgykCnCr3EAGYbxX1zk&gdpr=0
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
112
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 4BA0 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_n-MediaNet_n-Beeswax_ox-db5_n-inmobi_pm-db5_ym_rbd_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
139.5.84.243 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
4d8b2734636064d1da77981f467e1130e72b6da8ae9b0321c164eb2931c93bf8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1767
Content-Type
text/html
Date
Wed, 07 Jun 2023 23:36:20 GMT
Expires
0
Keep-Alive
timeout=1, max=500
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
cm
u.openx.net/w/1.0/ Frame 400C 		589 B
405 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_n-MediaNet_n-Beeswax_ox-db5_n-inmobi_pm-db5_ym_rbd_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
b9d5bc0cac630a6709cbd15b428c473e70c841e3a8f153fe56ad5bf8e44f089c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
386
content-type
text/html
date
Wed, 07 Jun 2023 23:36:19 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
ecm3
s.amazon-adsystem.com/ Frame 0962
Redirect Chain
  • https://sync.inmobi.com/TAM?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D&gdpr=0
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D
  • https://s.amazon-adsystem.com/ecm3?ex=inmobi.com&id=ID5-7aebbdsga1nctBFnyOEudPyYGURARFSJurc0GDAI2Q
0
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B3A7 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_n-MediaNet_n-Beeswax_ox-db5_n-inmobi_pm-db5_ym_rbd_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.65.228.208 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-65-228-208.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=45520
content-encoding
gzip
content-length
5554
content-type
text/html
date
Wed, 07 Jun 2023 23:36:19 GMT
expires
Thu, 08 Jun 2023 12:14:59 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
server-timing
ak_p; desc="1686180979489_390796573_64064952_13_332_333_0_255";dur=1
vary
Accept-Encoding
tamptsync
sync-amz.ads.yieldmo.com/ Frame E6D5 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_n-MediaNet_n-Beeswax_ox-db5_n-inmobi_pm-db5_ym_rbd_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.169.214.108 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
587e445d456151f894f68dfdfebe48658a830033aeed3c33aa2ed32c802add0e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html;charset=utf-8
date
Wed, 07 Jun 2023 23:36:20 GMT
pragma
no-cache
vary
accept-encoding
usync.html
eus.rubiconproject.com/ Frame 4193 		281 B
637 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_n-MediaNet_n-Beeswax_ox-db5_n-inmobi_pm-db5_ym_rbd_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.39.5.30 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-5-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 07 Jun 2023 23:36:19 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Server-Timing
ak_p; desc="1686180979491_1611772950_13936399_7_332_331_0_-";dur=1
Vary
Accept-Encoding
ecm3
s.amazon-adsystem.com/ Frame 8B1D
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid=%24UID&ex=appnexus.com&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?id=1731213324646008949&ex=appnexus.com&gdpr=0
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?id=1731213324646008949&ex=appnexus.com&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_n-MediaNet_n-Beeswax_ox-db5_n-inmobi_pm-db5_ym_rbd_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 07 Jun 2023 23:36:20 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
2EKT9WJ2S71VRGDNSTRF

Redirect headers

AN-X-Request-Uuid
832987ff-b215-4eb6-a4ce-fc37baa5c61e
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Wed, 07 Jun 2023 23:36:19 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://s.amazon-adsystem.com/ecm3?id=1731213324646008949&ex=appnexus.com&gdpr=0
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
66.203.112.162; 66.203.112.162; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
X-XSS-Protection
0
ecm3
s.amazon-adsystem.com/ Frame 1598
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=3981345439935967684362
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=3981345439935967684362
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_n-MediaNet_n-Beeswax_ox-db5_n-inmobi_pm-db5_ym_rbd_an-db5_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 07 Jun 2023 23:36:20 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
4094GXQYWW9G2E0BB546

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Wed, 07 Jun 2023 23:36:19 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=3981345439935967684362
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
c
c.pub.network/v2/ 		36 B
53 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/analytics/1.1.1/analytics.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
8062317f6f2f91e260868f04ff72ca4a157a0205e9d15d4a89ef6885ab85f313

Request headers

Referer
https://www.themarysue.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 07 Jun 2023 23:36:19 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://www.themarysue.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
c
c.pub.network/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.themarysue.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.themarysue.com
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Wed, 07 Jun 2023 23:36:19 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
via
1.1 google
manage
router.infolinks.com/usync/ Frame 7327 		10 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://router.infolinks.com/usync/manage?pid=3197718&wsid=0&pdom=www.themarysue.com&purl=https%3A%2F%2Fwww.themarysue.com%2F&usprivacy=1---
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1867.003-3.027/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfcd9204a747a9511c39523465ce83fec9493969ccf85ff9bbe08135a8f13610

Request headers

Referer
https://www.themarysue.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store
cf-cache-status
DYNAMIC
cf-ray
7d3cb7729a10a826-SYD
content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Wed, 07 Jun 2023 23:36:19 GMT
p3p
CP="NON DSP NID OUR COR"
server
cloudflare
via
1.1 google
lcmanage
router.infolinks.com/usync/ 		283 B
306 B 		Script
General
Check archive.org
Download Go to
Full URL
https://router.infolinks.com/usync/lcmanage?pid=3197718&wsid=0&pdom=www.themarysue.com&purl=https%3A%2F%2Fwww.themarysue.com%2F&usprivacy=1---
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1867.003-3.027/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8173b15a0f6219d6cf1a08f275371486a000fdecaff281eff56775acbadd7d4c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:36:20 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/javascript;charset=ISO-8859-1
p3p
CP="NON DSP NID OUR COR"
cache-control
no-store
cf-ray
7d3cb776cf34a826-SYD
gsd
router.infolinks.com/ 		315 B
493 B 		Script
General
Check archive.org
Download Go to
Full URL
https://router.infolinks.com/gsd?evt=afterGSD&pid=3197718&pdom=www.themarysue.com&purl=https%3A%2F%2Fwww.themarysue.com%2F&jsv=1867.003-3.027&_cb=16861809795340
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1867.003-3.027/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5bd1afe48badcdaa4aa7fd4d677fe66d7707de0f893cc21f060364f8f783ebda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:21 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
content-type
text/javascript;charset=UTF-8
p3p
CP="NON DSP NID OUR COR"
cache-control
max-age=0
cf-ray
7d3cb77aebeea826-SYD
expires
Thu, 01 Jan 1970 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 1623 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu3NnfIouVNj6AKkPsos2Mgwo92m_879utKzNO3hi7HQknzz6gwRLMDdRHfp13NSrZP0uLRoxttQxXXFe7C1jJBdUlO9tt1sJ3mMiVOF2AVIE-vDu3DxH-RW6uP25iuu3P94dfhP87qoQiLs7L6cDtP3ttEO40DGmjXJsa1lvbK3pXaRl3t6_iJnkRqKuFRSBS9MwXIZawDR74CeCH64unqof10qJujr6ssD7cGa5LfuFZprdsOPom9T32vHwzg5PX6EWIQ_zDGPOpgWQiQIsQ2veBkd8jk-ZordDpglg7gqiRTd9Et-Lu3HekXxIbroaMBE3wXoIaKmw2Wg3KqhZfcZ9bUDMaqXv-06A&sai=AMfl-YTu-PnxxVtKxytlxPfXbnM5sdQbM5MAZYTj6lhpYziZg5u8WRkrme-aXVyOnpnIlmC-hq7grxJpaIKmaJkKG518-pzo64KUwxK8Xiboya1oa9MWkL4gyMCGV0RrSb4&sig=Cg0ArKJSzCWULFa2LvDFEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.8.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tb-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:36:19 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 07 Jun 2023 23:36:19 GMT
ecm3
s.amazon-adsystem.com/ Frame 400C 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=68831d7a-39f4-cd8a-3113-b0f7e35fe916
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 07 Jun 2023 23:36:19 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
QNB6BB91YH4N0ZZZ1Z30
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
openxjp
e-jp.cmcd1.com/usersync/ Frame 400C 		0
0
sd
us-u.openx.net/w/1.0/ Frame 400C
Redirect Chain
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=qdljka7ZbZSy227E_ot2maiPPsSyjz7Cq496QeCt
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=qdljka7ZbZSy227E_ot2maiPPsSyjz7Cq496QeCt
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:20 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:19 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=qdljka7ZbZSy227E_ot2maiPPsSyjz7Cq496QeCt
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
c.html
j.mrpdata.net/ Frame 400C
Redirect Chain
  • https://j.mrpdata.net/c.html?ex=OpenX
  • https://j.mrpdata.net/c.html?ac=1&test=1&pd=IiJDEhk64oNJNGE8hhJnLaIH&ex=OpenX
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://j.mrpdata.net/c.html?ac=1&test=1&pd=IiJDEhk64oNJNGE8hhJnLaIH&ex=OpenX
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol
HTTP/1.1
Server
52.59.86.212 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Redirect headers

location
https://j.mrpdata.net/c.html?ac=1&test=1&pd=IiJDEhk64oNJNGE8hhJnLaIH&ex=OpenX
pragma
no-cache
cache-control
no-cache
x-deviceid
e73d4292-9124-f870-3829-c974ee570cb1
x-backend
dmc_hitServer_4_d@j4mrpdatanet
Connection
keep-alive
Content-Length
0
sd
us-u.openx.net/w/1.0/ Frame 400C
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=2c43c52b-8016-462a-a7c8-b819e09b1d64-6481146d-5553&gdpr=0&gdpr_consent=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072977&val=2c43c52b-8016-462a-a7c8-b819e09b1d64-6481146d-5553&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:20 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:19 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://us-u.openx.net/w/1.0/sd?id=537072977&val=2c43c52b-8016-462a-a7c8-b819e09b1d64-6481146d-5553&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
sd
eu-u.openx.net/w/1.0/ Frame 400C
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D539270434%26val%3D%7Bdevice_id%7D
  • https://eu-u.openx.net/w/1.0/sd?id=539270434&val=3aabb0b3-b5e1-493d-8e7d-d4ae08ad6ab3
43 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=539270434&val=3aabb0b3-b5e1-493d-8e7d-d4ae08ad6ab3
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:20 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://eu-u.openx.net/w/1.0/sd?id=539270434&val=3aabb0b3-b5e1-493d-8e7d-d4ae08ad6ab3
date
Wed, 07 Jun 2023 23:36:20 GMT
server
_
content-length
0
usync.js
eus.rubiconproject.com/ Frame 4193 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.39.5.30 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-5-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
9e60c758712370d1339592fdbc4596bb067a52cd5f0b91f2f9ff07a447dd6839

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Wed, 07 Jun 2023 23:36:19 GMT
Content-Encoding
gzip
Last-Modified
Wed, 07 Jun 2023 02:02:59 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=8775
Connection
keep-alive
Server-Timing
ak_p; desc="1686180979826_1611772950_14034250_16_463_331_0_-";dur=1
Content-Length
10112
Expires
Thu, 08 Jun 2023 02:02:34 GMT
ecm3
s.amazon-adsystem.com/ Frame BCC0 		43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID65B55241-7913-40F1-9841-6178CE8D0BA2
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 07 Jun 2023 23:36:20 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
ZMR6N1ZP48ACE198F08S
/
hde.tynt.com/deb/ Frame 3307
Redirect Chain
  • https://de.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV
  • https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3197718&wsid=0&pdom=www.themarysue.com&purl=https%3A%2F%2Fwww.themarysue.com%2F&usprivacy=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.32 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
b3428115ed91c7b00cb2556fe74795d845888f8d062a8ef09ed91eec8fe53fa1

Request headers

Referer
https://router.infolinks.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
2016
content-type
text/html
date
Wed, 07 Jun 2023 23:36:20 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
0
date
Wed, 07 Jun 2023 23:36:20 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
location
https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url
usermatch
ssum-sec.casalemedia.com/ Frame 68C6 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3197718&wsid=0&pdom=www.themarysue.com&purl=https%3A%2F%2Fwww.themarysue.com%2F&usprivacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
139.5.84.243 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
10b47b8eeca38f6f6bf0c112214328af5dfd8eba80267eb67752309e1ea538f9

Request headers

Referer
https://router.infolinks.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1782
Content-Type
text/html
Date
Wed, 07 Jun 2023 23:36:20 GMT
Expires
0
Keep-Alive
timeout=1, max=499
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
/
onetag-sys.com/usync/ Frame EA40 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=598ce3ddaee8c90
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3197718&wsid=0&pdom=www.themarysue.com&purl=https%3A%2F%2Fwww.themarysue.com%2F&usprivacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
03abfd076212cebce56f4412b7ead27ebe8cee717ee1b1e1874536e4863a0dfd
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://router.infolinks.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1401
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
getuid
secure.adnxs.com/ Frame 7327
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infoli...
  • https://image4.pubmatic.com/AdServer/SPug?p=156872&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fpbm-usync%3Fuid%3D65B55241-7913-40F1-9841-6178CE8D0BA2
  • https://router.infolinks.com/dyn/pbm-usync?uid=65B55241-7913-40F1-9841-6178CE8D0BA2
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3356&partner_device_id=65B55241-7913-40F1-9841-6178CE8D0BA2
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D09e8f016-6ae2-4e9a-8e19-e40c6bba65b9%252C%252C
0
0
apn-usync
router.infolinks.com/dyn/ Frame 7327
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fapn-usync%3Fuser_id%3D%24UID
  • https://router.infolinks.com/dyn/apn-usync?user_id=1731213324646008949
35 B
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/apn-usync?user_id=1731213324646008949
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3197718&wsid=0&pdom=www.themarysue.com&purl=https%3A%2F%2Fwww.themarysue.com%2F&usprivacy=1---
Protocol
H2
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:20 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
7d3cb776df3da826-SYD
content-length
35
expires
Tue, 07 Jun 2022 23:36:20 GMT

Redirect headers

Date
Wed, 07 Jun 2023 23:36:20 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
66.203.112.162; 66.203.112.162; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
bd9701ef-0f90-46c6-a1e2-10a25ad5c447
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://router.infolinks.com/dyn/apn-usync?user_id=1731213324646008949
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ox-usync
router.infolinks.com/dyn/ Frame 7327
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=9b5994f2-035d-46de-8c12-bc0e9a4e66c2&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fox-usync%3Fuid%3D
  • https://router.infolinks.com/dyn/ox-usync?uid=1bc24396-368a-41fc-b0d2-059273cb8763
35 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/ox-usync?uid=1bc24396-368a-41fc-b0d2-059273cb8763
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3197718&wsid=0&pdom=www.themarysue.com&purl=https%3A%2F%2Fwww.themarysue.com%2F&usprivacy=1---
Protocol
H2
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:20 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
7d3cb7769ef0a826-SYD
content-length
35
expires
Tue, 07 Jun 2022 23:36:20 GMT

Redirect headers

date
Wed, 07 Jun 2023 23:36:20 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://router.infolinks.com/dyn/ox-usync?uid=1bc24396-368a-41fc-b0d2-059273cb8763
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
receive
pixel.tapad.com/idsync/ex/ Frame 7327
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58786/sync?redir=true
  • https://router.infolinks.com/dyn/VR-usync?uid=y-5E6Z5QFE2uJ8fgp3lT3BVNBO7X22uRcV~A
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3399&partner_device_id=y-5E6Z5QFE2uJ8fgp3lT3BVNBO7X22uRcV~A
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D09e8f016-6ae2-4e9a-8e19-e40c6bba65b9%252C%252C
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=1731213324646008949&pt=09e8f016-6ae2-4e9a-8e19-e40c6bba65b9%2C%2C
0
0
r1-usync
router.infolinks.com/dyn/ Frame 7327
Redirect Chain
  • https://sync.1rx.io/usersync2/infolinks
  • https://pr-bh.ybp.yahoo.com/sync/unruly?rndcb=4616120629
  • https://usermatch.targeting.unrulymedia.com/usermatch/oath/y-fS.HTM9E2oUz8kQGXx6D3zgGDEuHaJ0JOGAr~A
  • https://sync.1rx.io/usersync/verizon/y-fS.HTM9E2oUz8kQGXx6D3zgGDEuHaJ0JOGAr~A
  • https://sync.targeting.unrulymedia.com/csync/RX-af6c42ef-39ec-431c-b6ee-8b3073063fee-004?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fr1-usync%3Fuid%3DRX-af6c42ef-39ec-431c-b6ee-8b3073063fee-004
  • https://router.infolinks.com/dyn/r1-usync?uid=RX-af6c42ef-39ec-431c-b6ee-8b3073063fee-004
35 B
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/r1-usync?uid=RX-af6c42ef-39ec-431c-b6ee-8b3073063fee-004
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3197718&wsid=0&pdom=www.themarysue.com&purl=https%3A%2F%2Fwww.themarysue.com%2F&usprivacy=1---
Protocol
H2
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:21 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
7d3cb77ffa0ca826-SYD
content-length
35
expires
Tue, 07 Jun 2022 23:36:21 GMT

Redirect headers

location
https://router.infolinks.com/dyn/r1-usync?uid=RX-af6c42ef-39ec-431c-b6ee-8b3073063fee-004
date
Wed, 07 Jun 2023 23:36:21 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXaf6c42ef39ec431cb6ee8b3073063fee004
content-type
text/html
/
b1sync.zemanta.com/usersync/bluekai/callback/ Frame 7327
Redirect Chain
  • https://b1sync.zemanta.com/usersync/infolinks/?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fzmn-usync%3Fuid%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=TEgykCnCr3EAGYbxX1zk&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TPOV2GK4RONFXGM33MNFXGW4ZOMNXW2L3EPFXC66TN...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TPOV2GK4RONFXGM33MNFXGW4ZOMNXW2L3EPFXC66TNNYWXK43ZNZRT6ZLYMNUGC3THMU6WS3TGN5WGS3TLOMTHK2LEHVKEKZ3ZNNBW4Q3SGNCUCR2ZMJ4FQML2NM
0
0
tplift
router.infolinks.com/dyn/ Frame 7327
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Ftplift%3Fuid%3D%24UID
  • https://router.infolinks.com/dyn/tplift?uid=3981345439935967684362
35 B
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/tplift?uid=3981345439935967684362
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3197718&wsid=0&pdom=www.themarysue.com&purl=https%3A%2F%2Fwww.themarysue.com%2F&usprivacy=1---
Protocol
H2
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:20 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
7d3cb7769eeba826-SYD
content-length
35
expires
Tue, 07 Jun 2022 23:36:20 GMT

Redirect headers

location
https://router.infolinks.com/dyn/tplift?uid=3981345439935967684362
date
Wed, 07 Jun 2023 23:36:20 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sonobi-usync
router.infolinks.com/dyn/ Frame 7327
Redirect Chain
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsonobi-usync%3Fuid%3D%5BUID%5D
  • https://router.infolinks.com/dyn/sonobi-usync?uid=5529cc7d-5ff6-4d00-a899-0335194408dd
35 B
202 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/sonobi-usync?uid=5529cc7d-5ff6-4d00-a899-0335194408dd
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3197718&wsid=0&pdom=www.themarysue.com&purl=https%3A%2F%2Fwww.themarysue.com%2F&usprivacy=1---
Protocol
H2
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:21 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
7d3cb77cde5da826-SYD
content-length
35
expires
Tue, 07 Jun 2022 23:36:21 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 07 Jun 2023 23:36:21 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-lax-1-5-21
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://router.infolinks.com/dyn/sonobi-usync?uid=5529cc7d-5ff6-4d00-a899-0335194408dd
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
server_match
ad.360yield.com/ul_cb/ Frame 7327
Redirect Chain
  • https://ad.360yield.com/server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531
  • https://ad.360yield.com/ul_cb/server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531
0
0
outh-usync
router.infolinks.com/dyn/ Frame 7327
Redirect Chain
  • https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true
  • https://ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true
  • https://router.infolinks.com/dyn/outh-usync?uid=y-Bxua.GpE2uHPtv00oSAIEz4YrFVnGH6k~A
35 B
204 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/outh-usync?uid=y-Bxua.GpE2uHPtv00oSAIEz4YrFVnGH6k~A
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3197718&wsid=0&pdom=www.themarysue.com&purl=https%3A%2F%2Fwww.themarysue.com%2F&usprivacy=1---
Protocol
H2
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:21 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
7d3cb77e1fc0a826-SYD
content-length
35
expires
Tue, 07 Jun 2022 23:36:21 GMT

Redirect headers

location
https://router.infolinks.com/dyn/outh-usync?uid=y-Bxua.GpE2uHPtv00oSAIEz4YrFVnGH6k~A
date
Wed, 07 Jun 2023 23:36:21 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sovrn-usync
router.infolinks.com/dyn/ Frame 7327
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID
  • https://router.infolinks.com/dyn/sovrn-usync?uid=Gx0oSQZHp0TGjVC4TkWPbU8_
35 B
195 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/sovrn-usync?uid=Gx0oSQZHp0TGjVC4TkWPbU8_
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3197718&wsid=0&pdom=www.themarysue.com&purl=https%3A%2F%2Fwww.themarysue.com%2F&usprivacy=1---
Protocol
H2
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:21 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
7d3cb77ec883a826-SYD
content-length
35
expires
Tue, 07 Jun 2022 23:36:21 GMT

Redirect headers

Date
Wed, 07 Jun 2023 23:36:21 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://router.infolinks.com/dyn/sovrn-usync?uid=Gx0oSQZHp0TGjVC4TkWPbU8_
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
SPug
image4.pubmatic.com/AdServer/ Frame 7327
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolink...
  • https://image4.pubmatic.com/AdServer/SPug?p=60809&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fusersync%3Fpmuservalue%3D65B55241-7913-40F1-9841-6178CE8D0BA2
0
0
cksync
cs.media.net/ Frame 7327 		0
0
rmpssp
sync.1rx.io/usersync2/ Frame 7327 		0
0
p-u1vdacBMXAcfT.gif
cms.quantserve.com/pixel/ Frame 7327 		0
0
cm
p.rfihub.com/ Frame 7327 		0
0
redirectuser
ssp.disqus.com/ Frame 7327 		0
0
/
ssc-cms.33across.com/ps/ Frame 7327 		0
0
iq-usync
router.infolinks.com/dyn/ Frame 7327 		0
0
ecm3
s.amazon-adsystem.com/ Frame 4193
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&gdpr=0&gdpr=0&us_privacy=1---&khaos=LIMCLUXN-28-LG0C
  • https://s.amazon-adsystem.com/ecm3?id=LIMCLUXN-28-LG0C&ex=d-rubiconproject.com&status=ok&gdpr=0&us_privacy=1---
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LIMCLUXN-28-LG0C&ex=d-rubiconproject.com&status=ok&gdpr=0&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 07 Jun 2023 23:36:20 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
EJB2BFQ226NH7Q6V8NH6
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LIMCLUXN-28-LG0C&ex=d-rubiconproject.com&status=ok&gdpr=0&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
7d24643e640b7b50906469aa87bfb2ce
Expires
0
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
405 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
be899b7417db0f9825de178ff0c0b87ef18aa0e0d0eeb36932edf51b5522e2eb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.themarysue.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.themarysue.com
date
Wed, 07 Jun 2023 23:36:20 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
view
securepubads.g.doubleclick.net/pcs/ Frame 9524 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuukOt2aLt56pjluti7MPWkgSEanYNeZgV21v8vTWNBls4IKu2cO676i9iIROUhYMmXNbA7rpNFEyzHfOg3O0NgYTLuTlVBs3236YlSIqMY3n1Jblt0yxnqwYp3vwhRkPQ6Dy5rt8oI5nNhphGUu6GYZw2Vx-b2xTGp4asR8XLC4vPI8R0c8N-3rX1Xh0cYbRwWdH9DuBKPIa0hGBc600ZwsLlox_T5aoP9TVTvJPkyIlM4pkCYWtVPTW093Q0OsAOdmLeRLEWOAxikk32BIMg2OP0SvBQ5J_xFuiLy007969wWnK0WCjmDc86OEcfBwWCs0kfZjtDTLd3M-0KTGefmaIGRf-UJI-hOtDslvrHI9QI2Yxo&sai=AMfl-YTRAiVbJP941Rp-2_nf0EZRqt5sf4dJQGCv8cWPxs3tB53nV2utbffdNO_PTEmVs_bS8fGJSJUhIKV2BevMU-6rhedaeP31OHoQ2SBg3EDZH7XKra3vX8ZWZ4XXC10&sig=Cg0ArKJSzMdAwbK2i6OEEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.8.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tb-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:36:20 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 07 Jun 2023 23:36:20 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame 9524 		12 B
100 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.themarysue.com&callback=_gfp_s_&client=ca-pub-9356934496955375&cookie=ID%3D9372269f8aff243a-22b402b1d6e10025%3AT%3D1686180955%3ART%3D1686180955%3AS%3DALNI_MZEC4oGgdvfpuZbQtiJ291Z7Cd_1A&gpic=UID%3D00000c454dcfe687%3AT%3D1686180955%3ART%3D1686180955%3AS%3DALNI_MYF8Gt8GeVMjgxLKZo4mtkGhzLZqA
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305310101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.177.97.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tm-in-f154.1e100.net
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:36:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/ Frame 9524 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=www.themarysue.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305310101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.188.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tk-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:36:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 9524 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.themarysue.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305310101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.23.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tg-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:36:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9524 		0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=fs-slot-footer-wrapper&cls=fs-sticky-parent%20fs-sticky-wrapper&ign=false&pw=1600&ph=1200&x=0&y=1130.4
Requested by
Host: www.themarysue.com
URL: https://www.themarysue.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.177.97.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tm-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 4619 		0
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-9356934496955375&output=html&adk=1812271804&adf=2751417937&lmt=1686180980&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x945_l%7C236x945_r&format=0x0&url=https%3A%2F%2Fwww.themarysue.com%2F&ea=0&pra=5&wgl=1&easpi=1&easai=1&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=1000&asna=5&asnd=5&asnp=5&asns=5&asro=0&easct=1&easppi=1&asbu=1&aseb=1&aslmt=0.4&asamt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686180976662&bpp=2&bdt=15524&idt=3553&shv=r20230601&mjsv=m202305310101&ptt=9&saldr=aa&cookie=ID%3D9372269f8aff243a-22b402b1d6e10025%3AT%3D1686180955%3ART%3D1686180955%3AS%3DALNI_MZEC4oGgdvfpuZbQtiJ291Z7Cd_1A&gpic=UID%3D00000c454dcfe687%3AT%3D1686180955%3ART%3D1686180955%3AS%3DALNI_MYF8Gt8GeVMjgxLKZo4mtkGhzLZqA&nras=1&correlator=7112081316901&frm=23&ife=4&pv=1&ga_vid=2003950130.1686180950&ga_sid=1686180980&ga_hid=2007351435&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=300&ish=250&ifk=3434346959&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071258%2C31071755%2C44788442%2C44794375&oid=2&pvsid=995294395710725&tmod=2071209052&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&ifi=1&uci=1.nf5jn5knfrvd&btvi=1&fsb=1&dtd=3596
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305310101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.187.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tj-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themarysue.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 07 Jun 2023 23:36:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 9524 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230601&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305310101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.177.97.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tm-in-f154.1e100.net
Software
cafe /
Resource Hash
ea042591aa1928ceb6f83aed96f62e0d9846b522d0b480020a6465dc49eac285
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:36:20 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11161
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 1784 		34 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-9356934496955375&output=html&h=250&slotname=1390583964&adk=19767928&adf=776186317&pi=t.ma~as.1390583964&w=300&lmt=1686180980&format=300x250&url=https%3A%2F%2Fwww.themarysue.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686180976662&bpp=2&bdt=15523&idt=3562&shv=r20230601&mjsv=m202305310101&ptt=9&saldr=aa&cookie=ID%3D9372269f8aff243a-22b402b1d6e10025%3AT%3D1686180955%3ART%3D1686180955%3AS%3DALNI_MZEC4oGgdvfpuZbQtiJ291Z7Cd_1A&gpic=UID%3D00000c454dcfe687%3AT%3D1686180955%3ART%3D1686180955%3AS%3DALNI_MYF8Gt8GeVMjgxLKZo4mtkGhzLZqA&prev_fmts=0x0&nras=1&correlator=7112081316901&frm=23&ife=4&pv=1&ga_vid=2003950130.1686180950&ga_sid=1686180980&ga_hid=2007351435&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=4943&biw=1600&bih=1200&isw=300&ish=250&ifk=3434346959&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071258%2C31071755%2C44788442%2C44794375&oid=2&pvsid=995294395710725&tmod=2071209052&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.3hueh2c2rnx2&btvi=2&fsb=1&dtd=3609
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305310101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.187.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tj-in-f156.1e100.net
Software
cafe /
Resource Hash
77b14edfb6060130031fd81bebd44be6a5627dfe1c33b929841a8eeed15de12e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themarysue.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
15474
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 07 Jun 2023 23:36:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
usermatchredir
ssum-sec.casalemedia.com/ Frame 4BA0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZIEUcXZ2pldwTJa_8DxXoQAAEzoAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELlKjCT5s5f270wFplWqQ5I&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELlKjCT5s5f270wFplWqQ5I&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0
Protocol
HTTP/1.1
Server
139.5.84.243 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 07 Jun 2023 23:36:20 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:20 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELlKjCT5s5f270wFplWqQ5I&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 4BA0
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=58f19e0b-0c54-4c75-92e1-bfa769476430&expiration=1688772980&gdpr=0&gdpr_consent=
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=58f19e0b-0c54-4c75-92e1-bfa769476430&expiration=1688772980&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0
Protocol
HTTP/1.1
Server
139.5.84.243 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 07 Jun 2023 23:36:21 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:20 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=58f19e0b-0c54-4c75-92e1-bfa769476430&expiration=1688772980&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
crum
dsum-sec.casalemedia.com/ Frame 4BA0
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZIEUcXZ2pldwTJa-8DxXoQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBnvFWKZpg_cyJK7qCgZn1o&google_cver=1
0
0
dcm
s.amazon-adsystem.com/ Frame 4BA0 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZIEUcXZ2pldwTJa_8DxXoQAAEzoAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 07 Jun 2023 23:36:20 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
MZCE76VTGPBS9TQCDVAF
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 4BA0
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=4686802647549585227&gdpr=0&gdpr_consent=
0
0
crum
dsum.casalemedia.com/ Frame 4BA0
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=1731213324646008949
0
0
/
b1sync.zemanta.com/usersync/bluekai/callback/ Frame 4BA0
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://stags.bluekai.com/site/23178?id=TEgykCnCr3EAGYbxX1zk&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3S...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2VCFM54WW...
0
0
rum
dsum-sec.casalemedia.com/ Frame 4BA0
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=R1GtikBRo49cU6DfEAO4gkYH8N9cB_DZRQfLtdr2
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=R1GtikBRo49cU6DfEAO4gkYH8N9cB_DZRQfLtdr2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0
Protocol
HTTP/1.1
Server
139.5.84.243 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 07 Jun 2023 23:36:21 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:20 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=R1GtikBRo49cU6DfEAO4gkYH8N9cB_DZRQfLtdr2
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 4BA0 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=index.com&id=ZIEUcXZ2pldwTJa_8DxXoQAAEzoAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 07 Jun 2023 23:36:20 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
V9K11Q8STZGDVHMJTXFM
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
iqusync-1.25.min.js
resources.infolinks.com/static/usync/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/static/usync/iqusync-1.25.min.js
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/lcmanage?pid=3197718&wsid=0&pdom=www.themarysue.com&purl=https%3A%2F%2Fwww.themarysue.com%2F&usprivacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e035885f253b73836d41088415cc8c467e43385ca3452b111431e6ab76f990b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:36:21 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 22 May 2023 09:55:02 GMT
server
cloudflare
age
2755
etag
W/"8e7-5fc4543b98748"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
7d3cb77cee71a826-SYD
expires
Fri, 07 Jul 2023 22:50:26 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 1623 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst3xmh1iwBzSi86c_n1NF8ScITk2tHx6Ov3fYm8Ssfg8RKuEByWP1Ihr6sGRPX4wPxgkoiSNAIype_tTQFG_XA1IWH3NdmNTgwCjK5zvW_k_7fwVm24&sig=Cg0ArKJSzE_C9Gc3tMhyEAE&id=lidar2&mcvt=1000&p=1110,236,1200,964&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230605&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=422699176&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1686180960667&rpt=18885&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.177.97.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tm-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame E6D5 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=ym.com&id=3haKaqqnn7qBvSfBmBEa&gdpr=0
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 07 Jun 2023 23:36:20 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
JJYPYXQJQ7HZ56G7SR16
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E6D5 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_hm=M2hhS2FxcW5uN3FCdlNmQm1CRWE=
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.174.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
td-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
sync-pm.ads.yieldmo.com/ Frame E6D5
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160648&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.y...
  • https://image4.pubmatic.com/AdServer/SPug?p=160648&pmc=1&pr=https%3A%2F%2Fsync-pm.ads.yieldmo.com%2Fsync%3Fpn_id%3Dpub%26id%3D65B55241-7913-40F1-9841-6178CE8D0BA2%26gdpr%3D-1%26gdpr_consent%3D
  • https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=65B55241-7913-40F1-9841-6178CE8D0BA2&gdpr=-1&gdpr_consent=
43 B
587 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=65B55241-7913-40F1-9841-6178CE8D0BA2&gdpr=-1&gdpr_consent=
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
54.169.214.108 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:21 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

location
https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=65B55241-7913-40F1-9841-6178CE8D0BA2&gdpr=-1&gdpr_consent=
date
Wed, 07 Jun 2023 23:36:21 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sync.php
pixel-us-apac.rubiconproject.com/exchange/ Frame E6D5 		0
0
sync
ads.yieldmo.com/ Frame E6D5
Redirect Chain
  • https://yieldmo-match.dotomi.com/match/bounce/current?networkId=42851&version=1
  • https://yieldmo-match.dotomi.com/match/bounce/current?DotomiTest=5e60c907cdf22075&is_secure=true&networkId=42851&version=1
  • https://ads.yieldmo.com/sync?pn_id=eps&id=AAALh_mWA5xfjwNDlfnHAAAAAAA&expiration=1686267381&is_secure=true
43 B
582 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/sync?pn_id=eps&id=AAALh_mWA5xfjwNDlfnHAAAAAAA&expiration=1686267381&is_secure=true
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
18.142.188.55 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-142-188-55.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:21 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:21 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://ads.yieldmo.com/sync?pn_id=eps&id=AAALh_mWA5xfjwNDlfnHAAAAAAA&expiration=1686267381&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
sync
ads.yieldmo.com/ Frame E6D5
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=21
  • https://ads.yieldmo.com/sync?pn_id=stk&userid=KvtX7RgxWNRFeu4KcKUQBkLLcKI&gdpr=&gdpr_consent=
0
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 9524 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305310101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.8.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tb-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.themarysue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:36:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 07 Jun 2023 23:36:21 GMT
rum
dsum-sec.casalemedia.com/ Frame 68C6
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=58f19e0b-0c54-4c75-92e1-bfa769476430&expiration=1688772981&gdpr=0&gdpr_consent=
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=58f19e0b-0c54-4c75-92e1-bfa769476430&expiration=1688772981&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 07 Jun 2023 23:36:21 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:21 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=58f19e0b-0c54-4c75-92e1-bfa769476430&expiration=1688772981&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
usermatchredir
ssum-sec.casalemedia.com/ Frame 68C6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZIEUcXZ2pldwTJa_8DxXoQAAEzoAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELlKjCT5s5f270wFplWqQ5I&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELlKjCT5s5f270wFplWqQ5I&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 07 Jun 2023 23:36:21 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:20 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELlKjCT5s5f270wFplWqQ5I&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 68C6 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZIEUcXZ2pldwTJa_8DxXoQAAEzoAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 07 Jun 2023 23:36:20 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
RCJ4NEAT0CKR98Y62WNX
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 68C6
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZIEUcXZ2pldwTJa-8DxXoQAA
0
0
crum
dsum-sec.casalemedia.com/ Frame 68C6
Redirect Chain
  • https://dynalyst-sync.adtdp.com/cookie/sync?pid=43
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=216&external_user_id=AYiYN6KtCF9aiN1fMnU
0
0
indexexchange
sync.adotmob.com/cookie/ Frame 68C6 		0
0
crum
dsum.casalemedia.com/ Frame 68C6
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=81b19d05-6cb8-7530-6a394c70
0
0
rum
dsum-sec.casalemedia.com/ Frame 68C6
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7398971242702350507
0
0
ix-usync
router.infolinks.com/dyn/ Frame 68C6 		35 B
236 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/ix-usync?uid=ZIEUcXZ2pldwTJa-8DxXoQAA%264922
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:21 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
7d3cb77cbe35a826-SYD
content-length
35
expires
Tue, 07 Jun 2022 23:36:21 GMT
pixel;r=280851556;labels=title.The%20Mary%20Sue;rf=0;a=p-UeXruRVtZz7w6;url=https%3A%2F%2Fwww.themarysue.com%2F;uht=2;fpan=1;fpa=P0-1760858485-1686180974518;pbc=;ns=0;ce=1;qjs=1;qv=c818c8ec-20230509...
pixel.quantserve.com/ 		0
0
doq.htm
rt3006.infolinks.com/action/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rt3006.infolinks.com/action/doq.htm?pcode=utf-8&r=16861809811941
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1867.003-3.027/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12906c08b2ab7235c4db60f8f6ce9d99d8e1a7c015fbe421da46ee8036a5dc88

Request headers

Referer
https://www.themarysue.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:21 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
text/html;charset=UTF-8
access-control-allow-origin
https://www.themarysue.com
p3p
CP="NON DSP NID OUR COR"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-language
en-AU
cf-ray
7d3cb77f2b4ca81a-SYD
x-application-context
application:prod
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
onetag-sys.com/match/ Frame EA40
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://onetag-sys.com/match/?int_id=1&uid=8aa96481-1462-4400-8d93-3f57fee2e878&gdpr=1&gdpr_consent=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=1&uid=8aa96481-1462-4400-8d93-3f57fee2e878&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=598ce3ddaee8c90
Protocol
H2
Server
51.89.9.253 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Wed, 07 Jun 2023 23:36:21 GMT
Server
MT3 933 7933424 master hkg-pixel-x25 config_version:"1021"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://onetag-sys.com/match/?int_id=1&uid=8aa96481-1462-4400-8d93-3f57fee2e878&gdpr=1&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 07 Jun 2023 23:36:20 GMT
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame EA40 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=598ce3ddaee8c90
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
e06182bf224d96e6550f4595601cdb0b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
getuid
ib.adnxs.com/ Frame EA40 		0
0
tap.php
pixel.rubiconproject.com/ Frame EA40 		42 B
721 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=vXKx5dNkIMXrl9paM3JdxbfpkUXaUoz_MilNevHi1G8
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=598ce3ddaee8c90
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
030b4ddd4a4f3e9891a065664f20c4bb
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame EA40
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABiJg36vRMXvavdLfMJKKaaiz6DS72ii9cNw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABiJg36vRMXvavdLfMJKKaaiz6DS72ii9cNw
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=598ce3ddaee8c90
Protocol
H3
Server
173.194.174.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
td-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 23:36:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABiJg36vRMXvavdLfMJKKaaiz6DS72ii9cNw
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
sync
ssbsync-global.smartadserver.com/api/ Frame EA40 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=598ce3ddaee8c90
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.39 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:36:21 GMT
content-length
0
/
onetag-sys.com/match/ Frame EA40
Redirect Chain
  • https://id.rlcdn.com/711916.gif?ct=4&cv=
  • https://onetag-sys.com/match/?int_id=110&uid=
0
0
ecm3
s.amazon-adsystem.com/ Frame EA40
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=vXKx5dNkIMXrl9paM3JdxbfpkUXaUoz_MilNevHi1G8
0
0
ImgSync
image8.pubmatic.com/AdServer/ Frame EA40 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=598ce3ddaee8c90
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.82 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:36:21 GMT
content-length
0
/
onetag-sys.com/match/ Frame EA40
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEIc_fLkkBieaHAbGKCfWla0&google_cver=1
0
0
occ
ups.analytics.yahoo.com/ups/58488/ Frame EA40 		0
0
generic
match.adsrvr.org/track/cmf/ Frame EA40 		0
0
sync
x.bidswitch.net/ Frame EA40 		0
0
onetag-usync
router.infolinks.com/dyn/ Frame EA40 		0
0
perf
ch-trc-events.taboola.com/skimlinks-publishers/log/3/ 		0
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ch-trc-events.taboola.com/skimlinks-publishers/log/3/perf?route=US%3ACH%3AV&lti=rbox-loader-clean-test_var
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230605-13_b1-PR-57411-DEV-105123-remove-unused-features-from-loader-js-21bd1c7f52d.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.themarysue.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.themarysue.com
pragma
no-cache
date
Wed, 07 Jun 2023 23:36:21 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
adview
googleads.g.doubleclick.net/pagead/ Frame 1784 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Cx_audBSBZM_vGt-us8IP95-zuAn6gNyrXLqBoaKJAcCNtwEQASAAYKX4kYCQAYIBF2NhLXB1Yi05MzU2OTM0NDk2OTU1Mzc1yAEJqAMBqgTMAU_QZEnAhZb8tdvN9tOhUbCyN2VnfwQXXi1soxWXSGSvlqA_sXA3ETknWdqBD5XqnqWS7r6oPPOWFUezf_-bFT7KLjPx04p3opp7pY1M0N2tMAUohMcRLjMNOUz-_c7TY2WzHyyzogUVrHigZ3pMz0i5EtSCzukvGIRnM2Ek7fSOlp3PI-O8SAvDPPXym3Nlt_W5FjltM11oic4BHLjGi1XfIIfLbPgbhCBTZ3IVukcjIUonyvzck1fxlKOBIxQSwut37rE5zEOyLkWRXoAGhMPG2dDi-NjJAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTkzNTY5MzQ0OTY5NTUzNzUYAA&sigh=_CTRGOY0wRw&uach_m=[UACH]&cid=CAQSPABygQiDw5W7o4oA9c_ozuPHEm7VQ-2jN9VIrPBzyVTZEI4392yCSGq1ynEOyzk1zU5bEG4HCiHd0NCMOhgB&tpd=AGWhJmu6py95PeK2DtgXKVcMMxtinTI539z_lj-TLSh_uo_nbcrDwTr2p_PnNPdtyHFGvMOX5EuO_aWqV0tu3wKMLFiq-BqXpVxH-W6atmEmJBFoM_4nkZEZhJNA_JFZJvnExnX6-dpKiIOIsDFhYxAD90ZHPRULqyPX8KrGnHsnRA1iaGPhHRJ-65iAwE--fO3JDrS3Rddo50k8s-qTeas92uuqNw-dWv4jvQiSJts0CQimYOQ9bB46A4rZB10TsZtmPrvOxUREJNX_kAqn6975tmQz9uaWytDgRBnqysxnsvp0bzRH-T-lgYd4gNDeWmtDlORwXzay3d3FmhghU_mCQxJaS5DC8qGTh0ScDu6bx7_eLQrGnPWkdUGjskiyhs6XierBeSPp70sylFtbBPHawOhKcaL16g_M1Pl28L1C7rjC1HSRkj9NA9OTz2TT9mV7-MqtkCQCCAITMcNzyV2ScpXOVzPsNXkZEKS14W1nq7Mp9iyv_J2fgJdURuFcQT-xBL_x-cWbtFH6GktF-MO7bbe_5hm0gBwExV-DgkvHFdTxdwi2OkPYJYm2rK4Hgi9vYQIz3yg_Sm_nIcnEpSt1vNWPGLtT3KVBha-VvpTheCSurAP-ChwH6yQlQh3RFaKuVCxdPabAh7J5VjAQf0xaEmp8XDTQo-jZ5bivk4O28ty4YR3Ogk2CqyPzx1VRFiBXUOPZdqy92kiPWg13T6VvaXCR876hGhOLrsT3TCbPFb7jk-4JIdZ7yHLrFAYkFLEZzvvqBD_WbzuaPNRx7Vxd_Jzfrgt_qFtEttYZ9QWQrI_5LkVjXPMC9XICiEUPnd4yHXALInbqMgDja_BYHfYWvchKeYKzK9bjCEPUMuu5rUajf11MTi3uZ4LoC6h6-I2xaIBErgnBTCGiKfIu0All4WaEwHV5scFopgzEq8VIKZerrYWtsGcvEqBOgxan5pAN2z2eShImp79C7ET7kP0ZuH3_YQ8eex0WhNf8R5qD4zJvnlzPrk6KNdFPnySxvcroJLgbaJDZfYS7goT7I0rTFwNrDKILLRKu9S3tUdLXhmHp-X42w4oVegcXwaVlKqmcBdeh1ZCfQkmJDjJR1hokSLnhnnR2CP6a8delUuS9q3TpXCOQklIQ4COoiySYTf10h5iK2O7OEhkGXAKohVScyKyfycQq4VcXmHOcKGCWcC_0sM27gvGuKmsirYT-AwpNZKQNb1fuLce3gtRpQRbUjcrAr1jJcfxRUMhgldWD_T6pgw2a_HUlnSLk2Rh7slh7MEbowZHlpF-XaebogfI9fHjPW2WVCvSR_-kqaM3hg1YSiBf8kWGjbN5p51Qv6Fkug84Y2EPIkLPa8tb4Y2jW0YV_NqMe8ywf4ukGvNZkWjDSyegY9_OHTPAHCIvGO9xwUFFDgIM_IwGyF4jbu17dMNfcb31rWgi9cPq4wSHh0LnoAZXPwIiHNRX69Lc5ZPkTkrZVEpWu1XQlB4VYBH45pqMC19OJkkMo58avjYnpR3bpgP51UUO0xZGJZoDt9PIDH9JCTNj88Vlg-y2e_bWomTI-6p3E8kayOGmw5vRDCecal-m8DNQUcOaQmByLAcdHIaBQj4JT3ZES-UkeZXtJygIBV9npu4u75_MnBw9OjDs0vopYH7A5YddCQjU2e7xpa0BtCory7cAj81Jk70c2dBY5sMMLphbk7k2YlJHsnmuPzAhJRii2_PY1HsexXvbAvZ2sd906CmjdLGXJPd-sx_AJjYtvTI-wnkNDMsfFDJiszV-tr8R7ncwUg33lpvpdJMxaizYu5EYGdXevHoQIOIi4DzVu-tmBeEWtwoZM4ZRBPOomuBiLGV9pDo4_iiavQdXT14nmAIB_KWMXqS7h16qChUdgiytnDv_CGianJLk2eGxWvR9ZoEN0JNbnnWaTNW_iOT0vkgTz3JVh6oUaEb43E6ZOkeh92pYXLbE7cW91q51WaGWTK9svdPlAyw5Oi-Sh3ledntmdMaFxZvjBg_8PG7Pmb6pU3c1QlVefiZcKODnQko2_1JD6pi0OJKymRciwNmo1X-FYBQhU6mXti7ZWAn3M38Hr7k6g9P1lyhJfRCTs1hqJAY6vekRZGwIit0Gmsx8o3Z9M1ay8kRqyOEBwfTiV5AU2I8whvIZO2RqK-dsL5sDoG0o5jbwGVczneBtm
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-9356934496955375&output=html&h=250&slotname=1390583964&adk=19767928&adf=776186317&pi=t.ma~as.1390583964&w=300&lmt=1686180980&format=300x250&url=https%3A%2F%2Fwww.themarysue.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686180976662&bpp=2&bdt=15523&idt=3562&shv=r20230601&mjsv=m202305310101&ptt=9&saldr=aa&cookie=ID%3D9372269f8aff243a-22b402b1d6e10025%3AT%3D1686180955%3ART%3D1686180955%3AS%3DALNI_MZEC4oGgdvfpuZbQtiJ291Z7Cd_1A&gpic=UID%3D00000c454dcfe687%3AT%3D1686180955%3ART%3D1686180955%3AS%3DALNI_MYF8Gt8GeVMjgxLKZo4mtkGhzLZqA&prev_fmts=0x0&nras=1&correlator=7112081316901&frm=23&ife=4&pv=1&ga_vid=2003950130.1686180950&ga_sid=1686180980&ga_hid=2007351435&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=4943&biw=1600&bih=1200&isw=300&ish=250&ifk=3434346959&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071258%2C31071755%2C44788442%2C44794375&oid=2&pvsid=995294395710725&tmod=2071209052&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.3hueh2c2rnx2&btvi=2&fsb=1&dtd=3609
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.187.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tj-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-9356934496955375&output=html&h=250&slotname=1390583964&adk=19767928&adf=776186317&pi=t.ma~as.1390583964&w=300&lmt=1686180980&format=300x250&url=https%3A%2F%2Fwww.themarysue.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686180976662&bpp=2&bdt=15523&idt=3562&shv=r20230601&mjsv=m202305310101&ptt=9&saldr=aa&cookie=ID%3D9372269f8aff243a-22b402b1d6e10025%3AT%3D1686180955%3ART%3D1686180955%3AS%3DALNI_MZEC4oGgdvfpuZbQtiJ291Z7Cd_1A&gpic=UID%3D00000c454dcfe687%3AT%3D1686180955%3ART%3D1686180955%3AS%3DALNI_MYF8Gt8GeVMjgxLKZo4mtkGhzLZqA&prev_fmts=0x0&nras=1&correlator=7112081316901&frm=23&ife=4&pv=1&ga_vid=2003950130.1686180950&ga_sid=1686180980&ga_hid=2007351435&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=4943&biw=1600&bih=1200&isw=300&ish=250&ifk=3434346959&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071258%2C31071755%2C44788442%2C44794375&oid=2&pvsid=995294395710725&tmod=2071209052&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.3hueh2c2rnx2&btvi=2&fsb=1&dtd=3609
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 07 Jun 2023 23:36:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
aclk
pn.ybp.yahoo.com/ab/secure/true/imp/He9CumvyRwL73B-0zvOPO4_CMWCBylxuFNBwkNBn0bphocxFL3TdTlNCNq-PhEm1c9cb5P385BxQlZUpDrKOyLAXu6EZ9Yd_ZlwXRQcE0v84N0YHd26juFkPz8HVMQ1HOWYbe0A71aWqQa3oPtOxcbfPnjWMkfWOk... Frame 1784 		0
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230601/r20110914/client/ Frame 1784 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230601/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-9356934496955375&output=html&h=250&slotname=1390583964&adk=19767928&adf=776186317&pi=t.ma~as.1390583964&w=300&lmt=1686180980&format=300x250&url=https%3A%2F%2Fwww.themarysue.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686180976662&bpp=2&bdt=15523&idt=3562&shv=r20230601&mjsv=m202305310101&ptt=9&saldr=aa&cookie=ID%3D9372269f8aff243a-22b402b1d6e10025%3AT%3D1686180955%3ART%3D1686180955%3AS%3DALNI_MZEC4oGgdvfpuZbQtiJ291Z7Cd_1A&gpic=UID%3D00000c454dcfe687%3AT%3D1686180955%3ART%3D1686180955%3AS%3DALNI_MYF8Gt8GeVMjgxLKZo4mtkGhzLZqA&prev_fmts=0x0&nras=1&correlator=7112081316901&frm=23&ife=4&pv=1&ga_vid=2003950130.1686180950&ga_sid=1686180980&ga_hid=2007351435&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=4943&biw=1600&bih=1200&isw=300&ish=250&ifk=3434346959&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071258%2C31071755%2C44788442%2C44794375&oid=2&pvsid=995294395710725&tmod=2071209052&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.3hueh2c2rnx2&btvi=2&fsb=1&dtd=3609
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.8.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tb-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 21:45:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
6679
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 21 Jun 2023 21:45:02 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230601/r20110914/client/ Frame 1784 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230601/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-9356934496955375&output=html&h=250&slotname=1390583964&adk=19767928&adf=776186317&pi=t.ma~as.1390583964&w=300&lmt=1686180980&format=300x250&url=https%3A%2F%2Fwww.themarysue.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686180976662&bpp=2&bdt=15523&idt=3562&shv=r20230601&mjsv=m202305310101&ptt=9&saldr=aa&cookie=ID%3D9372269f8aff243a-22b402b1d6e10025%3AT%3D1686180955%3ART%3D1686180955%3AS%3DALNI_MZEC4oGgdvfpuZbQtiJ291Z7Cd_1A&gpic=UID%3D00000c454dcfe687%3AT%3D1686180955%3ART%3D1686180955%3AS%3DALNI_MYF8Gt8GeVMjgxLKZo4mtkGhzLZqA&prev_fmts=0x0&nras=1&correlator=7112081316901&frm=23&ife=4&pv=1&ga_vid=2003950130.1686180950&ga_sid=1686180980&ga_hid=2007351435&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=4943&biw=1600&bih=1200&isw=300&ish=250&ifk=3434346959&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071258%2C31071755%2C44788442%2C44794375&oid=2&pvsid=995294395710725&tmod=2071209052&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.3hueh2c2rnx2&btvi=2&fsb=1&dtd=3609
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.8.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tb-in-f132.1e100.net
Software
cafe /
Resource Hash
6803cee2f4dc388c4b4b7919a46731c73ac178a7f1f1e8c561bc7b10419edfc4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 21:45:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
6679
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7969
x-xss-protection
0
server
cafe
etag
12322974680428514663
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 21 Jun 2023 21:45:02 GMT
l
www.google.com/ads/measurement/ Frame 1784 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRn2xd-vAV-D2xCK35fZ98zKET_zS226ruHpCrTg8b4rJw6MYhxdhs4uI3crwzzmCrc1SQsD2xTd2NHCDHZ377LWykyuQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-9356934496955375&output=html&h=250&slotname=1390583964&adk=19767928&adf=776186317&pi=t.ma~as.1390583964&w=300&lmt=1686180980&format=300x250&url=https%3A%2F%2Fwww.themarysue.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686180976662&bpp=2&bdt=15523&idt=3562&shv=r20230601&mjsv=m202305310101&ptt=9&saldr=aa&cookie=ID%3D9372269f8aff243a-22b402b1d6e10025%3AT%3D1686180955%3ART%3D1686180955%3AS%3DALNI_MZEC4oGgdvfpuZbQtiJ291Z7Cd_1A&gpic=UID%3D00000c454dcfe687%3AT%3D1686180955%3ART%3D1686180955%3AS%3DALNI_MYF8Gt8GeVMjgxLKZo4mtkGhzLZqA&prev_fmts=0x0&nras=1&correlator=7112081316901&frm=23&ife=4&pv=1&ga_vid=2003950130.1686180950&ga_sid=1686180980&ga_hid=2007351435&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=4943&biw=1600&bih=1200&isw=300&ish=250&ifk=3434346959&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071258%2C31071755%2C44788442%2C44794375&oid=2&pvsid=995294395710725&tmod=2071209052&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.3hueh2c2rnx2&btvi=2&fsb=1&dtd=3609
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f103.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1784 		173 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-9356934496955375&output=html&h=250&slotname=1390583964&adk=19767928&adf=776186317&pi=t.ma~as.1390583964&w=300&lmt=1686180980&format=300x250&url=https%3A%2F%2Fwww.themarysue.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686180976662&bpp=2&bdt=15523&idt=3562&shv=r20230601&mjsv=m202305310101&ptt=9&saldr=aa&cookie=ID%3D9372269f8aff243a-22b402b1d6e10025%3AT%3D1686180955%3ART%3D1686180955%3AS%3DALNI_MZEC4oGgdvfpuZbQtiJ291Z7Cd_1A&gpic=UID%3D00000c454dcfe687%3AT%3D1686180955%3ART%3D1686180955%3AS%3DALNI_MYF8Gt8GeVMjgxLKZo4mtkGhzLZqA&prev_fmts=0x0&nras=1&correlator=7112081316901&frm=23&ife=4&pv=1&ga_vid=2003950130.1686180950&ga_sid=1686180980&ga_hid=2007351435&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=4943&biw=1600&bih=1200&isw=300&ish=250&ifk=3434346959&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071258%2C31071755%2C44788442%2C44794375&oid=2&pvsid=995294395710725&tmod=2071209052&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.3hueh2c2rnx2&btvi=2&fsb=1&dtd=3609
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.203.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
th-in-f155.1e100.net
Software
sffe /
Resource Hash
c61b54fb4bbf7083918be7066e50126d1a95e56ccc9be9fafd69deb50ac7424b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 23:36:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55245
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1685965250302189"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 Jun 2023 23:36:21 GMT
multi-sync.html
secure-assets.rubiconproject.com/utils/xapi/ Frame CAF0 		0
0
/
ssc-cms.33across.com/ps/ Frame 7164 		0
0
/
ssc-cms.33across.com/ps/ Frame 119D 		0
0
/
ssc-cms.33across.com/ps/ Frame 3307
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=the33across&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=93&user_id=58f19e0b-0c54-4c75-92e1-bfa769476430&expires=30&ssp=the33across&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_21}
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=4f0664f5-7787-47d1-8469-677d4e269b7e
0
0
/
ssc-cms.33across.com/ps/ Frame 3307 		0
0
/
ssc-cms.33across.com/ps/ Frame 3307
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=104&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D45%26xu%3D%7BuserId%7D
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=45&xu=2c43c52b-8016-462a-a7c8-b819e09b1d64-6481146d-5553
0
0
iquid.js
resources.infolinks.com/static/ 		0
0
ima.js
cdn-ima.33across.com/ 		0
0
id5.js
resources.infolinks.com/static/ 		0
0
882.json
id5-sync.com/g/v2/ 		0
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 93F0 		0
0
aframe
www.google.com/recaptcha/api2/ Frame E773 		0
0
bubble.js
resources.infolinks.com/js/1867.003-3.027/ 		0
0
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		0
0
container-2.0.html
resources.infolinks.com/static/ Frame 4662 		0
0
in_place.js
resources.infolinks.com/js/1867.003-3.027/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
mab.chartbeat.com
URL
https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=themarysue.com&domain=themarysue.com&path=%2F
Domain
analytics.google.com
URL
https://analytics.google.com/g/collect?v=2&tid=G-7PGVNEX4L0&gtm=45je3650&_p=552143194&cid=2003950130.1686180950&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1686180950&sct=1&seg=0&dl=https%3A%2F%2Fwww.themarysue.com%2F&dt=The%20Mary%20Sue%20-%20The%20Nexus%20of%20Pop%20Culture%20and%20the%20Uncharted%20Universe&en=Allowed&_ee=1&ep.event_category=Ad%20Block&ep.non_interaction=true&_et=3
Domain
uipglob.semasio.net
URL
https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F112%2F1%2F7.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
Domain
s2s.t13.io
URL
https://s2s.t13.io/openrtb2/auction
Domain
hbopenbid.pubmatic.com
URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Domain
g2.gumgum.com
URL
https://g2.gumgum.com/hbid/imp?lt=1686180959270&to=0&aun=themarysuecom_sticky_footer&hadronId=060d6eg8cahecdaclh6fk8gkl7cfebkiil8k0mq4iesmikei0s0oy4qy02iomgyuu&pubcid=7496775f-fce7-45f3-a89d-75ac79907d07&gpid=%2F15184186%2Fthemarysuecom_sticky_footer%2Fthemarysuecom_sticky_footer&maxw=728&maxh=90&si=14287&pi=3&bf=728x90%2C1x1&uspConsent=1---&schain=1.0%2C1!freestar.com%2C1570%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.themarysue.com%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.48.0%22%7D&ogu=https%3A%2F%2Fwww.themarysue.com%2F&ns=10240
Domain
g2.gumgum.com
URL
https://g2.gumgum.com/hbid/imp?lt=1686180959271&to=0&aun=themarysuecom_sticky_footer&hadronId=060d6eg8cahecdaclh6fk8gkl7cfebkiil8k0mq4iesmikei0s0oy4qy02iomgyuu&pubcid=7496775f-fce7-45f3-a89d-75ac79907d07&gpid=%2F15184186%2Fthemarysuecom_sticky_footer%2Fthemarysuecom_sticky_footer&t=ikg7mqd8&pi=2&uspConsent=1---&schain=1.0%2C1!freestar.com%2C1570%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.themarysue.com%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.48.0%22%7D&ogu=https%3A%2F%2Fwww.themarysue.com%2F&ns=10240
Domain
grid.bidswitch.net
URL
https://grid.bidswitch.net/hbjson
Domain
prebid.media.net
URL
https://prebid.media.net/rtb/prebid?cid=8CUJ8GUQF
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Domain
tlx.3lift.com
URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.48.0&referrer=https%3A%2F%2Fwww.themarysue.com%2F&tmax=634&us_privacy=1---
Domain
htlb.casalemedia.com
URL
https://htlb.casalemedia.com/openrtb/pbjs?s=676941
Domain
ap.lijit.com
URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.48.0
Domain
bidder.criteo.com
URL
https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.48.0&cb=69263120758&lsavail=0
Domain
apex.go.sonobi.com
URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22302b37275b228c%22%3A%221374b2b838cb3c97488f%7C728x90%2C1x1%7Cgpid%3D%2F15184186%2Fthemarysuecom_sticky_footer%2Fthemarysuecom_sticky_footer%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.themarysue.com%2F&s=29c7e513-d9d6-4698-8492-a105f9dc8861&pv=3558df74-659d-4461-9f12-5310c0f8b4ae&vp=desktop&lib_name=prebid&lib_v=7.48.0&us=3&iqid=null&fpd=%7B%22site%22%3A%7B%22domain%22%3A%22themarysue.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22themarysue.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.themarysue.com%2F%22%2C%22name%22%3A%22themarysue-com%22%2C%22cat%22%3A%5B%5D%2C%22sectioncat%22%3A%5B%5D%2C%22pagecat%22%3A%5B%5D%2C%22ref%22%3A%22%22%2C%22content%22%3A%7B%22data%22%3A%5B%7B%22name%22%3A%22www.freestar.com%22%2C%22ext%22%3A%7B%22taxonomyname%22%3A%22iab_content_taxonomy%22%7D%2C%22segment%22%3A%5B%5D%7D%5D%7D%2C%22ext%22%3A%7B%22data%22%3A%7B%22fs_optimized%22%3Afalse%7D%7D%7D%2C%22user%22%3A%7B%22id%22%3A%22ae62389e-2fe2-4349-92fc-8445510c89e2%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F114.0.5735.106%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22geo%22%3A%7B%22region%22%3A%22NSW%22%2C%22country%22%3A%22AU%22%2C%22ext%22%3A%7B%7D%7D%2C%22devicetype%22%3A2%2C%22make%22%3A%22%22%2C%22model%22%3A%22%22%2C%22os%22%3A%22Windows%22%2C%22osv%22%3A%2210%22%7D%2C%22geo%22%3A%7B%22region%22%3A%22NSW%22%2C%22country%22%3A%22AU%22%2C%22ext%22%3A%7B%7D%7D%2C%22ext%22%3A%7B%22prebid%22%3A%7B%22storedrequest%22%3A%7B%22id%22%3A%22f20a6258-ed38-48d5-9cef-ec48c9438341%22%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.com%22%2C%22sid%22%3A%221570%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22audigent.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22060d6eg8cahecdaclh6fk8gkl7cfebkiil8k0mq4iesmikei0s0oy4qy02iomgyuu%22%2C%22atype%22%3A1%7D%5D%7D%2C%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%227496775f-fce7-45f3-a89d-75ac79907d07%22%2C%22atype%22%3A1%7D%5D%7D%5D&us_privacy=1---&coppa=0
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/ut/v3/prebid
Domain
tlx.3lift.com
URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.48.0&referrer=https%3A%2F%2Fwww.themarysue.com%2F&tmax=634&us_privacy=1---
Domain
ap.lijit.com
URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.48.0
Domain
htlb.casalemedia.com
URL
https://htlb.casalemedia.com/openrtb/pbjs?s=676941
Domain
g2.gumgum.com
URL
https://g2.gumgum.com/hbid/imp?lt=1686180959912&to=0&aun=themarysuecom_right_sidebar_btf_sticky_2&hadronId=060d6eg8cahecdaclh6fk8gkl7cfebkiil8k0mq4iesmikei0s0oy4qy02iomgyuu&pubcid=7496775f-fce7-45f3-a89d-75ac79907d07&gpid=%2F15184186%2Fthemarysuecom_right_sidebar_btf_sticky%2Fthemarysuecom_right_sidebar_btf_sticky_2&maxw=300&maxh=600&si=14285&pi=3&bf=300x600%2C160x600%2C120x600%2C336x280%2C300x250&uspConsent=1---&schain=1.0%2C1!freestar.com%2C1570%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.themarysue.com%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.48.0%22%7D&ogu=https%3A%2F%2Fwww.themarysue.com%2F&ns=10240
Domain
g2.gumgum.com
URL
https://g2.gumgum.com/hbid/imp?lt=1686180959912&to=0&aun=themarysuecom_right_sidebar_btf_sticky_2&hadronId=060d6eg8cahecdaclh6fk8gkl7cfebkiil8k0mq4iesmikei0s0oy4qy02iomgyuu&pubcid=7496775f-fce7-45f3-a89d-75ac79907d07&gpid=%2F15184186%2Fthemarysuecom_right_sidebar_btf_sticky%2Fthemarysuecom_right_sidebar_btf_sticky_2&maxw=300&maxh=600&si=14290&pi=3&bf=300x600%2C160x600%2C120x600%2C336x280%2C300x250&uspConsent=1---&schain=1.0%2C1!freestar.com%2C1570%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.themarysue.com%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.48.0%22%7D&ogu=https%3A%2F%2Fwww.themarysue.com%2F&ns=10240
Domain
g2.gumgum.com
URL
https://g2.gumgum.com/hbid/imp?lt=1686180959912&to=0&aun=themarysuecom_right_sidebar_btf_sticky_3&hadronId=060d6eg8cahecdaclh6fk8gkl7cfebkiil8k0mq4iesmikei0s0oy4qy02iomgyuu&pubcid=7496775f-fce7-45f3-a89d-75ac79907d07&gpid=%2F15184186%2Fthemarysuecom_right_sidebar_btf_sticky%2Fthemarysuecom_right_sidebar_btf_sticky_3&maxw=300&maxh=600&si=14285&pi=3&bf=300x600%2C160x600%2C120x600%2C336x280%2C300x250&uspConsent=1---&schain=1.0%2C1!freestar.com%2C1570%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.themarysue.com%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.48.0%22%7D&ogu=https%3A%2F%2Fwww.themarysue.com%2F&ns=10240
Domain
bidder.criteo.com
URL
https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.48.0&cb=40364668533&lsavail=0
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/ut/v3/prebid
Domain
cs.nex8.net
URL
https://cs.nex8.net/cs/openx
Domain
uipglob.semasio.net
URL
https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=65B55241-7913-40F1-9841-6178CE8D0BA2&sInitiator=external&gdpr=0&gdpr_consent=
Domain
lexicon.33across.com
URL
https://lexicon.33across.com/v1/envelope?pid=0015a00002l61KYAAY&gdpr=0&us_privacy=1---
Domain
match.rundsp.com
URL
https://match.rundsp.com/redirect?ex=openx
Domain
s.amazon-adsystem.com
URL
https://s.amazon-adsystem.com/ecm3?ex=inmobi.com&id=ID5-7aebbdsga1nctBFnyOEudPyYGURARFSJurc0GDAI2Q
Domain
e-jp.cmcd1.com
URL
https://e-jp.cmcd1.com/usersync/openxjp?id=2ed6b7bc-446e-49c4-af39-a1cab0c86922
Domain
secure.adnxs.com
URL
https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D09e8f016-6ae2-4e9a-8e19-e40c6bba65b9%252C%252C
Domain
pixel.tapad.com
URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=1731213324646008949&pt=09e8f016-6ae2-4e9a-8e19-e40c6bba65b9%2C%2C
Domain
b1sync.zemanta.com
URL
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TPOV2GK4RONFXGM33MNFXGW4ZOMNXW2L3EPFXC66TNNYWXK43ZNZRT6ZLYMNUGC3THMU6WS3TGN5WGS3TLOMTHK2LEHVKEKZ3ZNNBW4Q3SGNCUCR2ZMJ4FQML2NM
Domain
ad.360yield.com
URL
https://ad.360yield.com/ul_cb/server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531
Domain
image4.pubmatic.com
URL
https://image4.pubmatic.com/AdServer/SPug?p=60809&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fusersync%3Fpmuservalue%3D65B55241-7913-40F1-9841-6178CE8D0BA2
Domain
cs.media.net
URL
https://cs.media.net/cksync?cs=41&ovsid=setstatuscode&type=inf&redirect=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fmnet-usync%3Fuid%3D%3Cvsid%3E
Domain
sync.1rx.io
URL
https://sync.1rx.io/usersync2/rmpssp?sub=infolinks
Domain
cms.quantserve.com
URL
https://cms.quantserve.com/pixel/p-u1vdacBMXAcfT.gif?idmatch=0
Domain
p.rfihub.com
URL
https://p.rfihub.com/cm?pub=43153&in=1
Domain
ssp.disqus.com
URL
https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fdisus%3Fuid%3D%24UID&partner=infolinks
Domain
ssc-cms.33across.com
URL
https://ssc-cms.33across.com/ps/?ri=0010b00002CpYhEAAV&ru=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2F33a-usync%3Fuid%3D33XUSERID33X
Domain
router.infolinks.com
URL
https://router.infolinks.com/dyn/iq-usync
Domain
dsum-sec.casalemedia.com
URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBnvFWKZpg_cyJK7qCgZn1o&google_cver=1
Domain
dsum-sec.casalemedia.com
URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=4686802647549585227&gdpr=0&gdpr_consent=
Domain
dsum.casalemedia.com
URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=1731213324646008949
Domain
b1sync.zemanta.com
URL
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2VCFM54WWQ3OINZDGRKBI5MWE6CYGF5GW
Domain
pixel-us-apac.rubiconproject.com
URL
https://pixel-us-apac.rubiconproject.com/exchange/sync.php?p=yieldmo
Domain
ads.yieldmo.com
URL
https://ads.yieldmo.com/sync?pn_id=stk&userid=KvtX7RgxWNRFeu4KcKUQBkLLcKI&gdpr=&gdpr_consent=
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZIEUcXZ2pldwTJa-8DxXoQAA
Domain
dsum-sec.casalemedia.com
URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=216&external_user_id=AYiYN6KtCF9aiN1fMnU
Domain
sync.adotmob.com
URL
https://sync.adotmob.com/cookie/indexexchange?gdpr=&gdpr_consent=&r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7Bamob_user_id%7D%26expiration%3D%5BEXPIRATION%5D&gpp=&gpp_sid=
Domain
dsum.casalemedia.com
URL
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=81b19d05-6cb8-7530-6a394c70
Domain
dsum-sec.casalemedia.com
URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7398971242702350507
Domain
pixel.quantserve.com
URL
https://pixel.quantserve.com/pixel;r=280851556;labels=title.The%20Mary%20Sue;rf=0;a=p-UeXruRVtZz7w6;url=https%3A%2F%2Fwww.themarysue.com%2F;uht=2;fpan=1;fpa=P0-1760858485-1686180974518;pbc=;ns=0;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;us_privacy=1---;ref=;d=themarysue.com;dst=0;et=1686180980765;tzo=0;ogl=locale.en_US%2Ctype.website%2Ctitle.The%20Mary%20Sue%2Cdescription.The%20Mary%20Sue%20is%20the%20premier%20destination%20for%20entertainment%20geeks%252C%20female%20or%20other%2Curl.https%3A%2F%2Fwww%252Ethemarysue%252Ecom%2F%2Csite_name.The%20Mary%20Sue%2Cimage.https%3A%2F%2Fwww%252Ethemarysue%252Ecom%2Fwp-content%2Fuploads%2F2018%2F05%2FNewTMSlogo%252Ejpg%3Ffit%3D1200%252C%2Cimage%3Awidth.1200%2Cimage%3Aheight.656%2Cimage%3Atype.image%2Fjpeg;ses=5b55b6d2-797e-4bc2-b525-71b28e26616c;mdl=
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
Domain
onetag-sys.com
URL
https://onetag-sys.com/match/?int_id=110&uid=
Domain
s.amazon-adsystem.com
URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=vXKx5dNkIMXrl9paM3JdxbfpkUXaUoz_MilNevHi1G8
Domain
onetag-sys.com
URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEIc_fLkkBieaHAbGKCfWla0&google_cver=1
Domain
ups.analytics.yahoo.com
URL
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=
Domain
match.adsrvr.org
URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Domain
router.infolinks.com
URL
https://router.infolinks.com/dyn/onetag-usync?uid=vXKx5dNkIMXrl9paM3JdxbfpkUXaUoz_MilNevHi1G8
Domain
pn.ybp.yahoo.com
URL
https://pn.ybp.yahoo.com/ab/secure/true/imp/He9CumvyRwL73B-0zvOPO4_CMWCBylxuFNBwkNBn0bphocxFL3TdTlNCNq-PhEm1c9cb5P385BxQlZUpDrKOyLAXu6EZ9Yd_ZlwXRQcE0v84N0YHd26juFkPz8HVMQ1HOWYbe0A71aWqQa3oPtOxcbfPnjWMkfWOkGUycVUKfgPAlvFutrG67l1zMjrG84AwSRBnHwf3GBFCoSORG0EJh3MdbeyDcgbT3HeC2qRFrehMjNPuXeAL8ycdG40iUFtde8mxzOTH1XU10ndIYAKpT3CR_bDDglS-jCZWINx4ri7rSSQMK2OLNzVYzGcxIFeK9YHTzHZ29WMj0nN-1cZ_V9gTuxnnP3WyfpC4-50radgQlMOKXnGH25E9KTdXFKmFyeVS-TwZNljABvGF-T1lNe1ppV2fu903mNt2P7GXOGdnHSyuGA7KHzdXosVOne4AWpSXghH9UT3oqLvHYPYe7VYi_XDWJ4L3nBhyKPxPxb-WtaHfnmn7xCcNH06bEcF2EvwKyP4GAjrxx-U9HHHfJV-C_X_hxbypnk6nX5pkoHasc4NjN0iMBHgCiNa2LnYwQGk9kcNrrwkhhNziMOptdvooVRUeELdOF0ZZjVqAqGRSZVhtjIFvOV1ZXkYB74BSERfmFS7ppshx_tZXrYHJzl0IqB7tc10C4HOuBVmmps2aUGySuqzX1VtvgnjLCr6uKBRCg4uTlLIWlzogtB2ye83dlJsJDaklWMMrKhF2Xeedg7o4iil_-7Pvts5sbgRla0iBBSUwjBtqtQ7tHt6V6YZeY-MuRuOpFsxdc6WZgmazrgM_DBcITPyKW0cE-pHkg_IfVTW00L-NOmlkMhPVK__YaS__lzSodmTvLRKL2AWBA346b64Alt5eyydvLPLEd5-lLtQOA-b-yUlGMlLqp_cnBafmVLhmDlnXTAp5TcTS7rEwiyvJodlAWgHcp84yF53ZAmayxvjaGZzcZOAIO4eiGF6fLdhBAbxCjsXynUURBGzTbcMn15wahzrj_G8Zi6Wr8YEO477on0bskBK-1JXJ6dcyK--rpLETdtXirr1k_XFILro4_xyWcShaVuSgVYQalySQ8rMQwN8wauW6fwoTXbpn8pgz4_KoLGxMU6eb8pEKwdajN2fyqD_a8JL5stFgxzbW5veXp_PDNUK8wWLdJDzL533tLFfBoaQyQ1c5WU_WZlll2lj7DSvIc1GuJIEwIA8tvGtgBwdifDlQrYrHksKLd8dw3vagCmOfCCCVnnPfuXaSZIgNMtVhG3d05jrLu4R8uqyqDoyHz_Ib7qBXziGRUya6RR4Qa43YHlzCDvG6nXn5I_VGDKw_xooJU7T3sjFyzzEmwyfqmgCqIbxZoI0Ln4oNSohTY93QRfWzTUHieO5I5gZzaLUOhV_YnhR-F7ml0q_WFvV4JQPuiCsAVQakZfMgY0_JvaKObMWTA6EXOTrbQ27KJoXieC9Ytyfyuuy1DZcHAPK1XLFwAdtL55dxlV2S19Tg5j1WuJE/wp/ZIEUdAAGt88CTNdfAAzP9wnppp36H2AdRZOFqw/pclick/https://adclick.g.doubleclick.net/aclk?sa=L&ai=C0M6idBSBZM_vGt-us8IP95-zuAn6gNyrXLqBoaKJAcCNtwEQASAAYKX4kYCQAYIBF2NhLXB1Yi05MzU2OTM0NDk2OTU1Mzc1yAEJqAMBqgTPAU_QZEnAhZb8tdvN9tOhUbCyN2VnfwQXXi1soxWXSGSvlqA_sXA3ETknWdqBD5XqnqWS7r6oPPOWFUezf_-bFT7KLjPx04p3opp7pY1M0N2tMAUohMcRLjMNOUz-_c7TY2WzHyyzogUVrHigZ3pMz0i5EtSCzukvGIRnM2Ek7fSOlp3PI-O8SAvDPPXym3Nlt_W5FjltM11oic4BHLjGi1XfIIfLbPgbxiJz9eyjYBul-yrNeucyC-XNvKqvO7TuavCZfAon4FsuvIfN2F_4fIAGhMPG2dDi-NjJAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE&num=1&sig=AOD64_2jwnfSgT94zWYNWToMCg6VX_dO4A&client=ca-pub-9356934496955375&adurl=
Domain
secure-assets.rubiconproject.com
URL
https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=
Domain
ssc-cms.33across.com
URL
https://ssc-cms.33across.com/ps/?us_privacy=&ts=1686180981146.4&ri=25&ru=https%3A%2F%2Fads.pubmatic.com%2FAdServer%2Fjs%2Fuser_sync.html%3F%26p%3D156423%26us_privacy%3D%24%7BUS_PRIVACY%7D%26predirect%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D25%2526external_user_id%253D
Domain
ssc-cms.33across.com
URL
https://ssc-cms.33across.com/ps/?us_privacy=&ts=1686180981146.6&ri=70&ru=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fcm%3Fid%3Dc6a5ba0d-ce02-41bd-a1ea-842c68bd5108%26ph%3D8f5ed5d4-642c-4222-968a-d709c87ac3c8%26us_privacy%3D%24%7BUS_PRIVACY%7D%26r%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D70%2526external_user_id%253D
Domain
ssc-cms.33across.com
URL
https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=4f0664f5-7787-47d1-8469-677d4e269b7e
Domain
ssc-cms.33across.com
URL
https://ssc-cms.33across.com/ps/?us_privacy=&ts=1686180981146.3&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D1%2526external_user_id%253D%255BMM_UUID%255D
Domain
ssc-cms.33across.com
URL
https://ssc-cms.33across.com/ps/?us_privacy=&xi=45&xu=2c43c52b-8016-462a-a7c8-b819e09b1d64-6481146d-5553
Domain
resources.infolinks.com
URL
https://resources.infolinks.com/static/iquid.js
Domain
cdn-ima.33across.com
URL
https://cdn-ima.33across.com/ima.js
Domain
resources.infolinks.com
URL
https://resources.infolinks.com/static/id5.js
Domain
id5-sync.com
URL
https://id5-sync.com/g/v2/882.json
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Domain
www.google.com
URL
https://www.google.com/recaptcha/api2/aframe
Domain
resources.infolinks.com
URL
https://resources.infolinks.com/js/1867.003-3.027/bubble.js
Domain
imasdk.googleapis.com
URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Domain
resources.infolinks.com
URL
https://resources.infolinks.com/static/container-2.0.html
Domain
resources.infolinks.com
URL
https://resources.infolinks.com/js/1867.003-3.027/in_place.js

Verdicts & Comments Add Verdict or Comment

177 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 boolean| credentialless object| onbeforetoggle object| onscrollend string| gtm4wp_datalayer_name object| dataLayer undefined| $ function| jQuery object| _sf_async_config object| GlobalSnowplowNamespace function| snowplow object| dataLayer_content object| phpProps object| Cookies function| admiral object| googletag function| __uspapi object| _comscore function| gtag boolean| haveWeGotAds object| freestar string| disqus_shortname function| hj object| _hjSettings object| countVars object| themeMyLogin object| _stq object| regeneratorRuntime object| fsdata function| __tcfapi object| fsprebid function| get_real_link object| __SKIM_JS_GLOBAL__ object| skimlinksAPI function| convertToGeoRiotLinks function| extractItunesLinkFromAffiliateUrl function| getLinkType object| Georiot object| Genius function| st_go function| linktracker_init object| wpcom object| _cb_shared object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter object| google_tag_manager string| google_user_agent_client_hint string| GoogleAnalyticsObject function| ga object| pSUPERFLY_mab object| _cbq object| pSUPERFLY object| _taboola function| clarity object| webVitals function| 4dm1r11545242527 object| gtmDataLayer function| load_script object| confiant function| _hadron object| DISQUSWIDGETS undefined| disqus_domain object| FB object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| COMSCORE object| ns_p function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData object| TRC object| _tblConsole undefined| msg object| fsprebidChunk object| _pbjsGlobals object| mnet object| hadron boolean| __halo_loaded__ object| paramMatch object| viewPortSize object| debugIp object| debugId number| sekindoDisplayedPlacement object| PrimisApiConfig function| constructsekindoParent668 function| google_sa_impl object| googleToken object| googleIMState object| __bt_tag_d object| __bt_tag_am object| __bt_intrnl object| __bt object| au function| __tcfapiui boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl number| taboola_view_id object| placementData object| __buffer boolean| __bt_already_invoked string| nam object| apstag object| _qevents object| Criteo boolean| sekindoFlowingPlayerOn number| measureInterval function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray

229 Cookies

Domain/Path Name / Value
.taboola.com/skimlinks-publishers/ Name: taboola_session_id
Value: v2_57a1282352395d197226e2e274d00cd7_19fd43c0-aab5-47d2-9549-7e0050dccabe-tuctb7a99da_1686180954_1686180954_CNawjgYQsJRZGOKE3sGJMSABKAEw4QE4kaQOQPG-DkihqNwDUJAFWABgAGj___vfgcH-_wlwAQ
.3lift.com/sync Name: sync
Value: CgoIoQEQpsvewYkxCgoI4gEQpsvewYkxCgoI5gEQpsvewYkxCgoIhwIQpsvewYkxCgkICRCmy97BiTEKCQg6EKbL3sGJMQoJCAsQpsvewYkxCgoIjAIQpsvewYkxCgkIXxCmy97BiTEKCQgfEKbL3sGJMQ==
www.themarysue.com/ Name: pmpro_visit
Value: 1
.pub.network/ Name: _fsuid
Value: ae62389e-2fe2-4349-92fc-8445510c89e2
www.themarysue.com/ Name: _sp_ses.8cf7
Value: *
www.themarysue.com/ Name: _sp_id.8cf7
Value: 9cc68e83-7abc-49ed-9263-3d723a37bee8.1686180947.1.1686180947..3059791b-84a8-4e11-b2c8-fe63d24da7b6..91b6c8a1-55e2-4a76-a300-41a3294dad0f.1686180946550.1
.themarysue.com/ Name: _cb
Value: Bk6PxfBBtijSC_JcPD
.themarysue.com/ Name: _chartbeat2
Value: .1686180947082.1686180947082.1.DWO7GuDcqI2VCvA4tWBj30QnDmFtmC.1
.themarysue.com/ Name: _cb_svref
Value: null
.themarysue.com/ Name: usprivacy
Value: 1---
.themarysue.com/ Name: _sp_cookie
Value: 9204f61e-f813-401a-8f3e-91b8ee44d55c
.themarysue.com/ Name: _ga_7PGVNEX4L0
Value: GS1.1.1686180950.1.0.1686180950.60.0.0
cdn.taboola.com/ Name: abLdr
Value: 10
www.clarity.ms/ Name: CLID
Value: bbfde0fa2d3a4975b944639e6579a8dd.20230607.20240606
.themarysue.com/ Name: _ga
Value: GA1.2.2003950130.1686180950
.themarysue.com/ Name: _gid
Value: GA1.2.1302078483.1686180951
.themarysue.com/ Name: _gat_gtag_UA_21433528_1
Value: 1
.primis.tech/ Name: csuuid
Value: 648114579bd51
.themarysue.com/ Name: _awl
Value: 2.1686180952.5-7a733ad6c17dce89de42fce5aae91e22-6763652d617369612d6561737431-0
.themarysue.com/ Name: _clck
Value: 4sv4jo|2|fc9|0|1253
.scorecardresearch.com/ Name: UID
Value: 1401b003affec6faa78f9171686180953
.taboola.com/ Name: t_gid
Value: 19fd43c0-aab5-47d2-9549-7e0050dccabe-tuctb7a99da
.themarysue.com/ Name: _hjSessionUser_3006819
Value: eyJpZCI6ImNiNTQwMmQ4LWI4NzgtNTY4ZC05MDE1LTk2ZGVkNTAwMGQyMyIsImNyZWF0ZWQiOjE2ODYxODA5NTUxMDcsImV4aXN0aW5nIjpmYWxzZX0=
.themarysue.com/ Name: _hjFirstSeen
Value: 1
.themarysue.com/ Name: _hjIncludedInSessionSample_3006819
Value: 0
.themarysue.com/ Name: _hjSession_3006819
Value: eyJpZCI6IjIxZjNlYjAwLWQ2ZTItNGM2Yy05MGEwLWE0YTQ0ZjkyZWIxOCIsImNyZWF0ZWQiOjE2ODYxODA5NTUxMTYsImluU2FtcGxlIjpmYWxzZX0=
.themarysue.com/ Name: _hjAbsoluteSessionInProgress
Value: 0
www.themarysue.com/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3D19fd43c0-aab5-47d2-9549-7e0050dccabe-tuctb7a99da
.themarysue.com/ Name: _clsk
Value: llstrc|1686180955468|1|1|v.clarity.ms/collect
.themarysue.com/ Name: __gads
Value: ID=9372269f8aff243a-22b402b1d6e10025:T=1686180955:RT=1686180955:S=ALNI_MZEC4oGgdvfpuZbQtiJ291Z7Cd_1A
.themarysue.com/ Name: __gpi
Value: UID=00000c454dcfe687:T=1686180955:RT=1686180955:S=ALNI_MYF8Gt8GeVMjgxLKZo4mtkGhzLZqA
.socdm.com/ Name: SOC
Value: ZIEUXsCo8X4AACKnetcAAAAA
.adscale.de/ Name: uu
Value: 6fe3c5d1fb4f4e9ab8d0dd230f4d14f9
www.themarysue.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.themarysue.com/ Name: cookie
Value: 7496775f-fce7-45f3-a89d-75ac79907d07
.smartadserver.com/ Name: pid
Value: 4686802647549585227
.adscale.de/ Name: cct
Value: 1686180959038
.rubiconproject.com/ Name: khaos
Value: LIMCLUXN-28-LG0C
.adsrvr.org/ Name: TDID
Value: 58f19e0b-0c54-4c75-92e1-bfa769476430
.yahoo.com/ Name: A3
Value: d=AQABBF8UgWQCEMN8yuSUlk-s5rCkQkV8TIMFEgEBAQFlgmSKZAAAAAAA_eMAAA&S=AQAAAgZ83r2JbyQdAYK-Di6DuIM
.gumgum.com/ Name: cs
Value: true
.gumgum.com/ Name: loc
Value: 4s_EXaH7BxiJh0SLuhurd0iC4DbXpgN4tpEZleey06vQ4srg9dqkyOKmezEpJiCdRLfYcg-5PNIeGtUEBUQy44BYr7LPeQwSx-Yt4TIcWDGmQHqOFTwVvtaEbS0CE4yA
.gumgum.com/ Name: vst
Value: a_4db7c07a-c686-4aaf-9c46-bdc6b3e3d842
.go.sonobi.com/ Name: __uis
Value: 5529cc7d-5ff6-4d00-a899-0335194408dd
.go.sonobi.com/ Name: _usd_themarysue.com
Value: 3558df74-659d-4461-9f12-5310c0f8b4ae
.go.sonobi.com/ Name: __uih
Value: 1
.go.sonobi.com/ Name: __uir_bw
Value: 58609810929629520
.go.sonobi.com/ Name: __uir_mm
Value: 58609810929629520
.go.sonobi.com/ Name: __uir_td
Value: 58609810929629520
.go.sonobi.com/ Name: HAPLB3A
Value: s3583|ZIEUY
.themarysue.com/ Name: cto_bundle
Value: D51u4V9SZ2tSSSUyQlRxd1RRUDkwNVIlMkZlN05waVloRDduc0c5ZXNENkN2VDg4SkNKdVlybm1QenV6NWtLN01jJTJGM3ZkWTZmTldYdnhLQmpUa2Z3MEVHOUZIaCUyRmI3NjBhVmZ2NlpzQmlSbWFxWjdZOHJ5TjN4M2Z1UzdnZ1UwSlolMkYxNDdHVVM
.themarysue.com/ Name: cto_bidid
Value: WYRLe183MHlHY3JzT3RPRlVpNHMlMkJ1S0lvQ05xRXlwVXgwNDdQbTB2SHBlbk1rRllSWGtwRTZrJTJGbyUyQnFuR29jWktia3U5RzdGUVlLbjl0VlZUVTNYczdqUEE5USUzRCUzRA
.doubleclick.net/ Name: IDE
Value: AHWqTUkjqLcIibyxhl9H6Uz9Dw7j_CjGjnqgUWJnKhfAnKrjr7kjZUUHI9-Xib8QHOA
.intentiq.com/ Name: intentIQ
Value: NGqRdLD0mE
.intentiq.com/ Name: IQver
Value: 1.9
.openx.net/ Name: i
Value: e3f95e5e-8cd9-4987-abcb-fa88ef4b110b|1686180961
.intentiq.com/ Name: intentIQCDate
Value: 1686180961387
.intentiq.com/ Name: ASDT
Value: 0
.socdm.com/ Name: SOSYNC
Value: anNvbjp7Im9wZW54IjoxNjg2MTgwOTYxfQ
.openx.net/ Name: univ_id
Value: 537072971|58f19e0b-0c54-4c75-92e1-bfa769476430|1686180962126711
.bidswitch.net/ Name: c
Value: 1686180962
.bidswitch.net/ Name: tuuid_lu
Value: 1686180962
.bidswitch.net/ Name: tuuid
Value: 4f0664f5-7787-47d1-8469-677d4e269b7e
.mathtag.com/ Name: uuid
Value: 8aa96481-1462-4400-8d93-3f57fee2e878
.mathtag.com/ Name: mt_mop
Value: 4:1686180962
.r-ad.ne.jp/ Name: r_ad_token
Value: 54lNa2018BDDa007LKE9
fksnk.com/ Name: AWSALBCORS
Value: JFM1N3Q7wOAI/2MGg54w6P8V5jhSL3hL/SsyMPqoLs8ymQojvOlUcT2eC6VO/qddTxBTId4QDjowUuRWS4si/fjc20dWz6ZJUnq2LxgEzhr86lciDs57T852ALkK
.fksnk.com/ Name: f_001
Value: 41E373609418F20C
.fksnk.com/ Name: g_001
Value: 1
.bidswitch.net/ Name: google_push
Value: ATf1kGOtR-KPQcAmxAXAj1zOUGS54oiShoBwhiYipePhCAF9hiCJvAsOIswfmP_tOdmsK-h-WYJPduXuzV3ofG7ZWvgiwMuNnn6e
.c.appier.net/ Name: _auid
Value: cocU6rIfDxKupdjaYhSBZA
.c.appier.net/ Name: _gu
Value: CAESEPr1Fm_LKwtbPYSo0jrBCkc
.ladsp.com/ Name: cr
Value: 1
.adtdp.com/ Name: uid
Value: AYiYN6KtCF9aiN1fMnU
.adtdp.com/ Name: dynid
Value: AYiYN6KtCF9aiN1fMnU
.teads.tv/ Name: tt_viewer
Value: 64dcff9c-d161-4c7b-a117-f25f59d9d9f4
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 65B55241-7913-40F1-9841-6178CE8D0BA2
.smaato.net/ Name: SCM
Value: 221b0855
.smaato.net/ Name: SCMg
Value: 221b0855
.ladsp.com/ Name: smn_uid
Value: 2VXILn98qi25SjHX-dHXLA-zDp9pShw
.ladsp.com/ Name: lum
Value: CKjI3sGJMRIFCAMQ0AU
.adnxs.com/ Name: uuid2
Value: 1731213324646008949
.3lift.com/ Name: tluid
Value: 3981345439935967684362
.turn.com/ Name: uid
Value: 7398971242702350507
.ctnsnet.com/ Name: cid_507b4a1560ac45569e1386c5bcba5576
Value: 1
.ctnsnet.com/ Name: cid_2bebe3db9cfd47a8ac2b8aa57dfbc642
Value: 1
.tapad.com/ Name: TapAd_TS
Value: 1686180963782
.tapad.com/ Name: TapAd_DID
Value: 09e8f016-6ae2-4e9a-8e19-e40c6bba65b9
.yieldmo.com/ Name: yieldmo_id
Value: 3haKaqqnn7qBvSfBmBEa%7C1686096000000%7C0
.ads.yieldmo.com/ Name: re_sync
Value: unl%3D1171799%7Cc%3D1171799%7Ct%3D1171799%7Ctapad%3D1171799%7Can%3D1171799
.simpli.fi/ Name: suid
Value: 6D58E35949B24D2789C3A33390EAEA17
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZIEUZAAQCTiUGABL
.intentiq.com/ Name: CSDT
Value: UEQ6MTUxMDZfMCZUZ1hiVFRBIzI0XzAmVGdYYlVDSiMxNTExNV8wJlRnWGJUbmo
.intentiq.com/ Name: IQPData
Value: 1120628898#1686180964185#0#1686180961386
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-58f19e0b-0c54-4c75-92e1-bfa769476430&KRTB&22918-58f19e0b-0c54-4c75-92e1-bfa769476430&KRTB&23031-58f19e0b-0c54-4c75-92e1-bfa769476430
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-1731213324646008949&KRTB&23339-1731213324646008949
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:8aa96481-1462-4400-8d93-3f57fee2e878&KRTB&16736-uid:8aa96481-1462-4400-8d93-3f57fee2e878&KRTB&23019-uid:8aa96481-1462-4400-8d93-3f57fee2e878&KRTB&23114-uid:8aa96481-1462-4400-8d93-3f57fee2e878
.pubmatic.com/ Name: KRTBCOOKIE_1159
Value: 23138-2bebe3db9cfd47a8ac2b8aa57dfbc642&KRTB&23328-2bebe3db9cfd47a8ac2b8aa57dfbc642&KRTB&23427-2bebe3db9cfd47a8ac2b8aa57dfbc642&KRTB&23445-2bebe3db9cfd47a8ac2b8aa57dfbc642
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNrQ0NzM2MDO0NDI0MzAyNDEzMBbiM9R1jyov8DRxyiz3CcgHAPpND7wlAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_9vEyGtoZmFmaGFgaWZibGoJADPOBXAQAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNrQ0NzM2MDO0NDI0MzAyNDEzMBbiM9R1jyov8DRxyiz3CcgHAPpND7wlAAAA
.ambientdsp.com/ Name: _aGeoIp
Value: AU-Sydney
.ambientdsp.com/ Name: _aUID
Value: 10cwc1q2awmq
.gammaplatform.com/ Name: _aGeoIp
Value: GB|Lancaster
.gammaplatform.com/ Name: _aUID
Value: 1btffw02l5x9
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 16514-CAESEJR5m0TcmJTjhhmbbbWS22M&KRTB&22987-CAESEJR5m0TcmJTjhhmbbbWS22M&KRTB&23025-CAESEJR5m0TcmJTjhhmbbbWS22M&KRTB&23386-CAESEJR5m0TcmJTjhhmbbbWS22M
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:6D58E35949B24D2789C3A33390EAEA17&KRTB&23489-uid:6D58E35949B24D2789C3A33390EAEA17
.quantserve.com/ Name: d
Value: EP8BCwGWKfijAA
.quantserve.com/ Name: mc
Value: 64811464-65daf-97bed-beb4b
www.themarysue.com/ Name: _lr_retry_request
Value: true
www.themarysue.com/ Name: _lr_env_src_ats
Value: false
.tribalfusion.com/ Name: ANON_ID
Value: alnseFtZdPuem7SpBnA8strisMuVhZcdRe724EnBpbXspHuGMrulrZdOP1YZaxnBSZdZcPKeckPAXixQVRFUNZatY6U
.csync.loopme.me/ Name: viewer_token
Value: 3aabb0b3-b5e1-493d-8e7d-d4ae08ad6ab3
.crwdcntrl.net/ Name: _cc_dc
Value: 2
.crwdcntrl.net/ Name: _cc_id
Value: 73f524a5caad317d406213e19abdaaa2
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-2afb57ed-1831-58d4-457a-ee0a70a51006.9%2B4dslblU%2F10yFviDDAq561eImM9zXc%2BMfbuDNTzNAE
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AKvtX7RgxWNRFeu4KcKUQBkLLcKI.E8%2BIs%2BOaIzTjlmfCbOG3WLczy5TWTRn6JL7pOdRfvy0
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AKvtX7RgxWNRFeu4KcKUQBkLLcKI.E8%2BIs%2BOaIzTjlmfCbOG3WLczy5TWTRn6JL7pOdRfvy0
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!3815
.ads.yieldmo.com/ Name: ptrt
Value: 58f19e0b-0c54-4c75-92e1-bfa769476430
www.themarysue.com/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%2258f19e0b-0c54-4c75-92e1-bfa769476430%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222023-05-07T23%3A36%3A04%22%7D
www.themarysue.com/ Name: pbjs-unifiedid_last
Value: Wed%2C%2007%20Jun%202023%2023%3A36%3A04%20GMT
.adgrx.com/ Name: ADGRX_UID
Value: 11bd5a78-058c-11ee-88ea-707b7631d09d
.pubmatic.com/ Name: KRTBCOOKIE_904
Value: 16787-cocU6rIfDxKupdjaYhSBZA
.bing.com/ Name: MUID
Value: 2B63332DE496670A15FB2004E5066677
.c.bing.com/ Name: MR
Value: 0
.criteo.com/ Name: uid
Value: daaff8da-6b31-46f1-b8e1-bec0601bf249
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-1976306192160214603
.pubmatic.com/ Name: KRTBCOOKIE_1290
Value: 23368-10cwc1q2awmq
.pubmatic.com/ Name: KRTBCOOKIE_1310
Value: 23431-1btffw02l5x9&KRTB&23446-1btffw02l5x9&KRTB&23465-1btffw02l5x9
.ads.yieldmo.com/ Name: ptrc
Value: CAESEDvLVLenCEaIvygX6csP0s4
.linkedin.com/ Name: li_sugr
Value: f08b1a86-e233-4950-aa0c-3bfce69b4067
.linkedin.com/ Name: bcookie
Value: "v=2&21b75e94-9ef9-43a5-8a60-f89f0d0fa707"
.linkedin.com/ Name: lidc
Value: "b=TGST06:s=T:r=T:a=T:p=T:g=2657:u=1:x=1:i=1686180964:t=1686267364:v=2:sig=AQFKco16EIKx5Lq1PWXu6RuyHioexwY6"
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-dXFIYnJxRmduc0U3IiNdanQnFTduJxUxdyd-efm_&KRTB&19420-dXFIYnJxRmduc0U3IiNdanQnFTduJxUxdyd-efm_&KRTB&22979-dXFIYnJxRmduc0U3IiNdanQnFTduJxUxdyd-efm_&KRTB&23462-dXFIYnJxRmduc0U3IiNdanQnFTduJxUxdyd-efm_
.ads.yieldmo.com/ Name: ptran
Value: 1731213324646008949
.sportradarserving.com/ Name: zuuid
Value: a31de76f-be4b-49d5-bbc9-fdbcaeb58eb3
.sportradarserving.com/ Name: c
Value: 1686180964
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-KvtX7RgxWNRFeu4KcKUQBkLLcKI&KRTB&23334-KvtX7RgxWNRFeu4KcKUQBkLLcKI&KRTB&23417-KvtX7RgxWNRFeu4KcKUQBkLLcKI&KRTB&23426-KvtX7RgxWNRFeu4KcKUQBkLLcKI
ads.playground.xyz/ Name: connect.sid
Value: s%3ABJqKCBQJUCy1CUuBY9IBZY6_UtgrqLL8.QAcAPUnyCM8LTyR4ttf0sSiSVGOmC6LnLe2%2B9RpULeU
.adgrx.com/ Name: ADGRX_CM_PUBMATIC_BRIDGED
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-7398971242702350507&KRTB&23150-7398971242702350507
.sportradarserving.com/ Name: zuuid_lu
Value: 1686180965
.sportradarserving.com/ Name: zuuid_k
Value: 1
.sportradarserving.com/ Name: zuuid_k_lu
Value: 1686180965
.lijit.com/ Name: ljt_reader
Value: Gx0oSQZHp0TGjVC4TkWPbU8_
.contextweb.com/ Name: V
Value: 1A8yxgyTLSBG
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1l16|5Ql.0.19fd43c0-aab5-47d2-9549-7e0050dccabe-tuctb7a99da
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: ef1629747c99e215
.pubmatic.com/ Name: KRTBCOOKIE_1003
Value: 22761-11bd5a78-058c-11ee-88ea-707b7631d09d&KRTB&23275-11bd5a78-058c-11ee-88ea-707b7631d09d
.lijit.com/ Name: _ljtrtb_42
Value: 19fd43c0-aab5-47d2-9549-7e0050dccabe-tuctb7a99da
.zemanta.com/ Name: zuid
Value: TEgykCnCr3EAGYbxX1zk
.analytics.yahoo.com/ Name: IDSYNC
Value: 18z8~2c3b
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQMDdOMzUySTRNTkxMMTY0TzExMDMyNE41tExMSklMTDRiAIKURpFUEA0FAFRhCoM%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBIaRRJBVJQAAARXgFf"
.themarysue.com/ Name: panoramaId_expiry
Value: 1686267365681
.themarysue.com/ Name: _cc_id
Value: 73f524a5caad317d406213e19abdaaa2
.themarysue.com/ Name: panoramaId
Value: 6dffec24893774f457d9e9136661a9fb927a8492cbb17d19d8a60140b56c96fa
.nrich.ai/ Name: _nauid
Value: 712bd63c-cb28-4d7d-ad31-63c1faf80437
.smartadserver.com/ Name: csync
Value: 107:19fd43c0-aab5-47d2-9549-7e0050dccabe-tuctb7a99da
.adform.net/ Name: C
Value: 1
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-4f0664f5-7787-47d1-8469-677d4e269b7e
.adform.net/ Name: uid
Value: 7694876445673813675
.pubmatic.com/ Name: DPSync3
Value: 1687305600%3A226_201_245_197%7C1686700800%3A248_164
.pubmatic.com/ Name: SyncRTB3
Value: 1687392000%3A35%7C1686960000%3A63%7C1691280000%3A69%7C1687305600%3A254_8_214_209_46_3_176_71_107_231_179_56_54_238_5_247_234_165_233_204_99_7_13_96_220_21_22%7C1686700800%3A223_2_15
.lijit.com/ Name: ljtrtbexp
Value: eJxdzjEOwDAIA8C%2FMHcIUGzo16r%2BPWrahYwnWbZvySGXIuk1Ajik2J2%2BObqp3ZHLMDv1tX19YAZXHt1l2379D2CgA88EeaMg4A%3D%3D
.dotomi.com/ Name: DotomiTest
Value: 1ec747a0fe53209c
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-7694876445673813675&KRTB&23263-7694876445673813675&KRTB&23481-7694876445673813675
.bluekai.com/ Name: bku
Value: ikG99sRDQVEOyxQ6
.bluekai.com/ Name: bkpa
Value: KJyWyB+rQM9R9mY73jzbdTgrhi0toSURz3yg2/8EcWsj9D0ZEf2F1d5n+ysXwUhI2KlHIB4UxWzbR4XA0F3FtnbcN5uNdUEXVjqcMw9J9D49bIlXsoFNrf+UTNv+Z2Xf9FbzrtkIMx6YU+IKlPeNYcCElV8NNxy/m1vXHjCaO9v8R0SxHq8liQoj1/aj3OlxURZEba/D3S5Y7HbLheMV7CU7HwAbEW6SsobxpvSkigVUsdORcFaukWfoiJ+9CiqxVH7TujMbp+gzWD2/RaGEAHYyruwKmS1tliLkGX/UrXp/f21k+GGZHembBtoNqHdEXKBd9clhPL6=
.openx.net/ Name: pd
Value: v2|1686180961.2.3|lYvOiajEiuhI.uIjIvGlQkalU.vysnrAkqvHsP
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-af6c42ef-39ec-431c-b6ee-8b3073063fee-004%22%7D
.lijit.com/ Name: _ljtrtb_27
Value: 58f19e0b-0c54-4c75-92e1-bfa769476430
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-af6c42ef-39ec-431c-b6ee-8b3073063fee-004%22%2C%22nxtrdr%22%3Afalse%7D
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAAMRmaAg88z8gNT5AVIAAAAAAA&KRTB&22713-AAAMRmaAg88z8gNT5AVIAAAAAAA&KRTB&22715-AAAMRmaAg88z8gNT5AVIAAAAAAA
.ads.yieldmo.com/ Name: ptrunl
Value: RX-af6c42ef-39ec-431c-b6ee-8b3073063fee-004
.blismedia.com/ Name: b
Value: 648114676D5BD1093727CB27BLIS
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 3
.ads.pubmatic.com/ Name: pubsyncexp
Value: 1686202567653
.lijit.com/ Name: _ljtrtb_76
Value: 5cbbbfc7-cfea-4c7d-b6a1-84c6f3dd1da4
.rlcdn.com/ Name: pxrc
Value: COeohKQGEgUI6AcQABIFCOhHEAA=
.amazon-adsystem.com/ Name: ad-id
Value: Azh5hBEG4E3-prujQn3Fdpo
s2s.t13.io/ Name: uids
Value: eyJ1aWRzIjp7fSwidGVtcFVJRHMiOnsicHVibWF0aWMiOnsidWlkIjoiNjVCNTUyNDEtNzkxMy00MEYxLTk4NDEtNjE3OENFOEQwQkEyIiwiZXhwaXJlcyI6IjIwMjMtMDYtMjFUMjM6MzY6MDcuODEzOTk3NjM2WiJ9LCJvcGVueCI6eyJ1aWQiOiIwOThiZWVjOC05Y2MxLTQ1OTktOWE5MS1mMjc1MGEzN2UwN2IiLCJleHBpcmVzIjoiMjAyMy0wNi0yMVQyMzozNjowMS45NzI1NDk4MzhaIn0sInNvdnJuIjp7InVpZCI6Ikd4MG9TUVpIcDBUR2pWQzRUa1dQYlU4XyIsImV4cGlyZXMiOiIyMDIzLTA2LTIxVDIzOjM2OjA2LjkwNjQzMzg4NVoifX0sImJkYXkiOiIyMDIzLTA2LTA3VDIzOjM2OjAxLjk3MjQyMzMyOFoifQ==
.lijit.com/ Name: _ljtrtb_92
Value: 1731213324646008949
.lijit.com/ Name: _ljtrtb_97
Value: RX-af6c42ef-39ec-431c-b6ee-8b3073063fee-004
.w55c.net/ Name: matchpubmatic
Value: 5
.pippio.com/ Name: did
Value: bq-qs7JGHjLCE-j1
.pippio.com/ Name: didts
Value: 1686180968
.pippio.com/ Name: nnls
Value:
.bidr.io/ Name: bito
Value: AANsPk7JAikAACFAbFObtA
.bidr.io/ Name: bitoIsSecure
Value: ok
.id5-sync.com/ Name: callback
Value: https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:DrvZez1X1Q72Hd5&KRTB&23421-uid:DrvZez1X1Q72Hd5
.pubmatic.com/ Name: PugT
Value: 1686180968
.w55c.net/ Name: wfivefivec
Value: uPD9hfEq1Q72He5
.lijit.com/ Name: _ljtrtb_85
Value: AANsPk7JAikAACFAbFObtA
.rubiconproject.com/ Name: audit
Value: 1|eJhHCwpXIMU+eBiM8DG4kWuer0u07q8XQkuI3MbXMelrLxq/6nQ6FR9sTbwnxfwoT3+mJarFEQokEa5N2k7U1SEEFoCDRlfYBn0LdTvpHNwhd3BJ9Iks+KfGnvA7ZeXhX1vKT1ONdRY=
.pubmatic.com/ Name: SPugT
Value: 1686180968
.admixer.net/ Name: am-uid
Value: dbb997b9a0094362bdaac6a8db9530b9
.w55c.net/ Name: matchopenx
Value: 5
.pippio.com/ Name: pxrc
Value: COiohKQGEgQIAhAAEgYI7OsBEAA=
.lijit.com/ Name: _ljtrtb_83
Value: LIMCLUXN-28-LG0C
.id5-sync.com/ Name: id5
Value: aa3c4797-5a2a-7c43-b92e-99308d88fadb#1686180968420#2
.lijit.com/ Name: _ljtrtb_80
Value: LIMCLUXN-28-LG0C
.linksynergy.com/ Name: rmuid
Value: eaf3497a-e89b-4704-bcd2-9e1feb432b91
.linksynergy.com/ Name: icts
Value: 2023-06-07T23:36:09Z
.rlcdn.com/ Name: rlas3
Value: 8W2K2e6YRPsY8Jh48i5ND1gr5hdfCBhl0mDnU45q60o=
.adsrvr.org/ Name: TDCPM
Value: CAESFwoIcHVibWF0aWMSCwi0rdXXv-7zOxAFEhYKB3N2eDl0NTASCwi62Lndv-7zOxAFEhYKB3J1Ymljb24SCwj82Zniv-7zOxAFGAEgASgCMgsIzoC1w9bu8zsQBTgBWgc4aDl1MTFoYAI.
.mfadsrvr.com/ Name: tuuid
Value: e96e9413-9031-4b8e-879c-7f81656eaa36
.mfadsrvr.com/ Name: c
Value: 1686180970
.mfadsrvr.com/ Name: tuuid_lu
Value: 1686180970
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.lijit.com/ Name: ljtrtb
Value: eJxtj8FKRDEMRf%2BlawNpmzaNu%2FJgRBlHEYTZNmkLMkufK%2FHf7XPtMoec5N5vF9jdu1Sml4EKaImAjBNIGB50Ns5CnCmiu3MF1%2B758Xk7v18vEAqcH3BbXMLinqMPPsZAmTJiEZJDif8rJS1e6%2BXz9cZP9eNW63aqenrRvR4Hj1BvV2gzG4UxIcowoOgNNI8BRSNyxBznGhBpKfSXQWanaAitaQLiHkASCfBATNjNmg7Yv2xXbiK9LY%2Fz0d9UdRqDzdGO%2Fn39aR4KWZ6xd98buZ9fuFVMKQ%3D%3D
.lijit.com/ Name: _ljtrtb_58
Value: 65B55241-7913-40F1-9841-6178CE8D0BA2
.lijit.com/ Name: _ljtrtb_71
Value: 65B55241-7913-40F1-9841-6178CE8D0BA2
.betweendigital.com/ Name: dc
Value: sin1
.betweendigital.com/ Name: tuuid
Value: e1647362-0122-549f-a994-5a0ecd154e64
.betweendigital.com/ Name: ss
Value: 1
.mfadsrvr.com/ Name: ssh
Value: !taboola,1686180970
.betweendigital.com/ Name: ut
Value: ZIEUagAMa7BpGEU9eYU6IOrDRswpFcW19kPl7Q==
.id5-sync.com/ Name: 3pi
Value: 464#1686180968874#355063458#19fd43c0-aab5-47d2-9549-7e0050dccabe-tuctb7a99da|2#1686180972613#1031656633#1731213324646008949|3#1686180969645#-942878648#8aa96481-1462-4400-8d93-3f57fee2e878|264#1686180970266#1571337117#58f19e0b-0c54-4c75-92e1-bfa769476430|10#1686180971108#-773639660#7694876445673813675|108#1686180971861#-1865209670
.adx.opera.com/ Name: UID
Value: OPUf75977200c6f43329a611f24e190fd63
.sitescout.com/ Name: ssi
Value: 2c43c52b-8016-462a-a7c8-b819e09b1d64#1686180973130
.sitescout.com/ Name: _ssuma
Value: eyI3NyI6MTY4NjE4MDk3MzU2NH0

4 Console Messages

Source Level URL
Text
network error URL: https://cs.nex8.net/cs/openx
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://match.rundsp.com/redirect?ex=openx
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTUjJaNypaZypyRcoWU9MTY4NwE4MDx1NlZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTEjMwx1JaN0YT0jJat9MmAjJax9MTY5JaZcZF9jYXNmRG9gYWyhPXq3ql50nGVgYXJ5p3VyLzNioSZmqWJJZD13q3phqGuyoWFlrXN1ZS5wo20zZGVvqWqJozZipz1uqGyiow0znXNBpHA9MCZmZGg2PSZlnT02QmY5NmY2NTUmNmQ2MTp0NmM3QmpmNxImMTqCNTQmMDqEN0I2NDMlMmAmMwMmMxQmMDM2MxQmMDM4NUYmMDMlN0Q3QwpmMmEmNmMkMmYmNmM3MmUmNTqEN0I0MmM3Mmp3RDqCNTM2NDMmNwQmMmRDNxU1MwZGNUE1NmMkNwt2MmZFNxM3QTY0NTp1NTp1NTxmMwM5NmQ3RDqCNwI2MmY4NmI2RwZENwU3RDqCNmE2NDY1NmM2Qwp0NxY3MDqEN0I2Rwp3Nwx2RTY0NxY3NmpmN0Q3QwU4MmYmOTMjN0Q3QwU5MmMmOTMjN0Q3QwY2MmE3RDqCNEMmMTMmMmEmMDMkN0RGRUZFJzRcYWyxPSZ1p2VlSXBBZGRlPTY2LwIjMl4kMTIhMTYlJaVmZXJVQT1No3ccoGkuJTJGNS4jJTIjJTI4V2yhZG93plUlME5UJTIjMTAhMCUmQvUlMFqcowY0JTNCJTIjrDY0JTI5JTIjQXBjoGVXZWJLnXQyMxY1MmphMmYyMwAyMwuLSFRNTCUlQlUlMGkcn2UyMwBHZWNeolUlOSUlMENbpz9gZSUlRwEkNC4jLwU3MmUhMTA2JTIjU2FzYXJcJTJGNTM3LwM2JzNmqXVcZD02NDtkMTQ1NmyvZDUkJzNioaRyoaRGnWkySWQ9MCZgZWRcYVBfYXyMnXN0SWQ9MCZgZWRcYUkcp3RJZD0jJzqxpHI9MCZaZHBlQ29hp2VhqD0znXNXZVBup3NHZHBlPTEzY2NjYT0jJzNwpGFDo25mZW50PSZwYaVmqGVlPTE2ODYkODA5NwEkNmpzqWyxPVNyn2yhZG9TUGkurWVlNwQ4MTE0NWQ5YwJzYSZjqWJVpzj9nHR0pHMyM0EyMxYyMxZ3q3phqGuyoWFlrXN1ZS5wo20yMxYzZzkiYXRTqGF0qXM9ZzFfp2UzZWyxp3A9nWyk
Message:
Failed to load resource: the server responded with a status of 502 ()
network error URL: https://pixel-us-apac.rubiconproject.com/exchange/sync.php?p=yieldmo
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.c.appier.net
a.pub.network
a.sportradarserving.com
a.tribalfusion.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad-delivery.net
ad.360yield.com
ad.doubleclick.net
ad.turn.com
ads.betweendigital.com
ads.playground.xyz
ads.pubmatic.com
ads.stickyadstv.com
ads.yieldmo.com
adservice.google.com
adservice.google.com.au
analytics.google.com
ap.lijit.com
apex.go.sonobi.com
api.btloader.com
api.floors.dev
api.intentiq.com
api.rlcdn.com
apsoutheast-match.deepintent.com
b1sync.zemanta.com
bh.contextweb.com
bidder.criteo.com
bk.r-ad.ne.jp
btloader.com
btlr.sharethrough.com
c.amazon-adsystem.com
c.bing.com
c.pub.network
c1.adform.net
cdn-ima.33across.com
cdn.confiant-integrations.net
cdn.hadronid.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.taboola.com
cds.taboola.com
ce.lijit.com
ch-trc-events.taboola.com
cm-supply-web.gammaplatform.com
cm.adform.net
cm.adgrx.com
cm.ambientdsp.com
cm.g.doubleclick.net
cmp.quantcast.com
cms.quantserve.com
connect.facebook.net
core.iprom.net
cr-p3.ladsp.com
cs.admanmedia.com
cs.media.net
cs.nex8.net
cs.r-ad.ne.jp
csync.loopme.me
d.pub.network
data.adsrvr.org
de.tynt.com
dis.criteo.com
disqus.com
dps.jp.cinarra.com
dsp.nrich.ai
dsum-sec.casalemedia.com
dsum.casalemedia.com
dynalyst-sync.adtdp.com
e-jp.cmcd1.com
eb2.3lift.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
esp.rtbhouse.com
eu-u.openx.net
eus.rubiconproject.com
f54f92aefebc3673d9f8c359769e7dd3.safeframe.googlesyndication.com
fksnk.com
fonts.googleapis.com
fonts.gstatic.com
freestar-io.videoplayerhub.com
g2.gumgum.com
geniuslinkcdn.com
geoip.gamurs.workers.dev
gocm.c.appier.net
google-bidout-d.openx.net
googleads.g.doubleclick.net
grid.bidswitch.net
gum.criteo.com
hb.minutemedia-prebid.com
hbopenbid.pubmatic.com
hde.tynt.com
htlb.casalemedia.com
i.w55c.net
ib.adnxs.com
id.crwdcntrl.net
id.hadron.ad.gt
id5-sync.com
idsync.rlcdn.com
ih.adscale.de
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
imasdk.googleapis.com
inv-nets.admixer.net
invstatic101.creativecdn.com
ipac.ctnsnet.com
j.mrpdata.net
jp-u.openx.net
js-sec.indexww.com
lb.eu-1-id5-sync.com
lexicon.33across.com
live.primis.tech
mab.chartbeat.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.rundsp.com
match.sharethrough.com
match.taboola.com
mb9eo.publishers.tremorhub.com
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
openx2-match.dotomi.com
optimise.net
p.rfihub.com
p.skimresources.com
pagead2.googlesyndication.com
partner.googleadservices.com
ping.chartbeat.net
pippio.com
pips.taboola.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel-us-apac.rubiconproject.com
pixel-us-east.rubiconproject.com
pixel.advertising.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pixel.wp.com
pm.w55c.net
pn.ybp.yahoo.com
pool.admedo.com
pr-bh.ybp.yahoo.com
prebid.media.net
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
pubmatic-match.dotomi.com
px.ads.linkedin.com
qsearch-a.akamaihd.net
r.skimresources.com
resources.infolinks.com
router.infolinks.com
rt3006.infolinks.com
rtb-csync.smartadserver.com
rtb.mfadsrvr.com
rtb.openx.net
rules.quantcount.com
s.ad.smaato.net
s.amazon-adsystem.com
s.skimresources.com
s.tribalfusion.com
s2s.t13.io
sb.scorecardresearch.com
script.hotjar.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.cdn.fastclick.net
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
skisofa.com
spc.themarysue.com
ssbsync-global.smartadserver.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssp.disqus.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.adsafeprotected.com
static.chartbeat.com
static.criteo.net
static.hotjar.com
stats.g.doubleclick.net
stats.wp.com
sync-amz.ads.yieldmo.com
sync-dsp.ad-m.asia
sync-pm.ads.yieldmo.com
sync-t1.taboola.com
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.aralego.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.intentiq.com
sync.mathtag.com
sync.srv.stackadapt.com
sync.taboola.com
sync.targeting.unrulymedia.com
sync.teads.tv
sync1.intentiq.com
t.adx.opera.com
t.skimresources.com
tags.crwdcntrl.net
tags.rd.linksynergy.com
tg.socdm.com
themarysue.disqus.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
trace.mediago.io
trc.taboola.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
unpkg.com
ups.analytics.yahoo.com
us-u.openx.net
usermatch.targeting.unrulymedia.com
v.clarity.ms
v9999.adv.admeme.net
video.primis.tech
www.clarity.ms
www.google-analytics.com
www.google.com
www.google.com.au
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.themarysue.com
x.bidswitch.net
yieldmo-match.dotomi.com
ad.360yield.com
ads.yieldmo.com
analytics.google.com
ap.lijit.com
apex.go.sonobi.com
b1sync.zemanta.com
bidder.criteo.com
btlr.sharethrough.com
cdn-ima.33across.com
cm.g.doubleclick.net
cms.quantserve.com
cs.media.net
cs.nex8.net
dsum-sec.casalemedia.com
dsum.casalemedia.com
e-jp.cmcd1.com
g2.gumgum.com
grid.bidswitch.net
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id5-sync.com
image4.pubmatic.com
imasdk.googleapis.com
lexicon.33across.com
mab.chartbeat.com
match.adsrvr.org
match.rundsp.com
onetag-sys.com
p.rfihub.com
pixel-us-apac.rubiconproject.com
pixel.quantserve.com
pixel.tapad.com
pn.ybp.yahoo.com
prebid.media.net
resources.infolinks.com
router.infolinks.com
s.amazon-adsystem.com
s2s.t13.io
secure-assets.rubiconproject.com
secure.adnxs.com
ssc-cms.33across.com
ssp.disqus.com
sync.1rx.io
sync.adotmob.com
tlx.3lift.com
tpc.googlesyndication.com
uipglob.semasio.net
ups.analytics.yahoo.com
www.google.com
x.bidswitch.net
103.229.10.247
103.229.206.240
103.3.63.48
104.16.123.175
104.18.11.47
104.18.20.206
104.18.21.177
104.18.25.173
104.21.76.254
104.22.4.69
104.22.52.86
104.22.53.173
104.254.148.252
104.254.151.68
104.26.3.70
104.26.9.50
104.65.228.208
104.69.166.9
107.178.254.65
107.23.98.28
108.177.97.100
108.177.97.154
124.146.215.43
13.107.21.200
13.107.213.71
13.107.42.14
13.213.158.5
13.224.153.155
13.224.167.17
13.224.167.49
13.224.167.7
13.226.120.104
13.226.120.66
13.226.121.109
13.228.126.19
13.251.138.231
130.211.23.194
139.180.203.10
139.5.84.243
141.226.124.48
141.226.224.32
141.226.229.48
142.250.157.102
142.250.157.148
142.251.12.103
142.251.8.101
142.251.8.132
142.251.8.157
146.0.227.110
15.197.193.217
151.101.0.134
151.101.1.108
151.101.129.44
151.101.193.44
151.101.194.49
151.101.65.229
151.139.128.10
157.240.235.1
162.19.138.118
162.19.138.120
172.104.45.159
172.217.194.94
172.64.153.246
172.66.42.247
172.67.70.134
173.194.174.154
18.138.18.111
18.142.188.55
18.143.30.9
18.176.234.133
18.177.11.95
18.177.128.84
18.177.86.134
18.182.162.148
182.161.73.129
182.161.73.136
182.161.73.146
184.51.96.11
185.84.60.20
192.0.76.3
195.5.165.20
198.8.71.130
199.232.192.134
20.114.189.135
203.195.121.141
207.65.33.78
207.65.33.83
209.191.163.210
216.239.34.181
220.150.223.50
23.106.127.38
23.106.127.39
23.106.127.53
23.108.98.2
23.202.140.104
23.39.5.30
23.73.13.34
3.0.235.178
3.114.50.162
3.120.3.26
3.120.85.171
3.221.215.100
3.222.109.236
34.102.146.192
34.102.253.54
34.107.140.113
34.111.113.62
34.111.152.239
34.120.107.143
34.120.155.137
34.120.157.206
34.120.63.153
34.160.128.112
34.160.152.31
34.249.124.14
34.96.105.8
34.96.70.87
34.98.64.218
34.98.67.3
35.186.193.173
35.186.253.211
35.190.39.111
35.190.59.101
35.190.60.146
35.190.91.160
35.201.67.47
35.208.249.213
35.213.117.18
35.213.12.39
35.213.93.179
35.214.239.95
35.244.133.240
35.247.47.28
35.74.46.191
37.157.2.234
42.99.140.216
50.116.239.135
50.31.142.159
51.68.39.188
51.89.9.253
52.198.69.30
52.206.38.106
52.206.96.191
52.220.229.2
52.223.2.229
52.46.128.147
52.59.86.212
52.74.118.249
52.77.136.156
52.95.126.160
54.169.214.108
54.192.18.24
54.192.18.43
54.192.18.65
54.192.18.66
54.192.18.68
54.192.18.72
54.192.18.94
54.230.87.112
54.251.167.151
64.233.187.139
64.233.187.156
64.233.188.154
64.233.188.157
64.233.188.94
64.233.189.101
67.199.150.82
67.199.150.85
67.199.150.86
67.202.105.32
69.173.144.139
69.173.158.64
69.175.41.15
72.34.250.75
72.34.250.77
74.118.186.107
74.125.203.132
74.125.203.155
74.125.204.97
74.125.23.155
74.125.23.95
74.214.196.131
8.18.47.7
8.43.72.97
80.77.87.163
82.145.213.8
89.207.22.76
96.17.72.26
98.98.134.242
0023fe796f876b200853150cea24da176e1c678bace4f57f2b6441f1a48b9a01
0200f94555b8f6f1f267dbe099845cf76703edfaa3be2d243e86b28ee5b8d84e
0274073365ee4a4041026472c153663a506dc8089290bb5250381136453b23a2
03abfd076212cebce56f4412b7ead27ebe8cee717ee1b1e1874536e4863a0dfd
0574bfc6752d1e08fa45ab016bd2ed8a1dd4dc7625ee6f93f993f256d8534d4d
06b53a0a001fdccabc7ff5af0ce8aaccbdbb31b9636a1520ffc2efc30cb121c7
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651
0a7468c8590db5b9d0bf5301cbe0f6ab2825cd7425b8afdf0fc1f219cddfea50
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0eb9b1b5acb815d19f73c2983fe9d764d3df184aabd4be90271aa7c4d414f743
0f7c9dd864d72d258d50918e941413675eb7db0e7b6418e8a3b072e2c386885a
102cf10f68199a2015a7df02a3572d9ceed53e9b4cbc59f64e01b7eb036ca161
1056a5fff8f946f9bee4b3a6fc74b97bf16efea6918ec5519284f21c34742407
10b47b8eeca38f6f6bf0c112214328af5dfd8eba80267eb67752309e1ea538f9
11aebad347d3ba414c78cd7a625500531a41752645d7199d8b061aafd7eb3800
12906c08b2ab7235c4db60f8f6ce9d99d8e1a7c015fbe421da46ee8036a5dc88
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d
17b3b02978b6ee0a0686d0d344c8b1ae61167f5d33d177d3b0ac9034b96f08f1
17e89d0e1e11fa204211ce2369bcb6fcf60231dd7b3eebb587e0225865f6aefc
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
18ce73088c3f5ae82204fb7443b1e6c57848d10a19a0f2ba66e1580f7e917df7
1a74a25207b1bd5b449f7215397c1f62f232047e55c489220ab379c3a4fbcf20
1b9b0824b3e8129287b1654c22a44a84231b5f9c0af2f629a34edc59ffa3cf47
1d16d42e33c80a00df5f4c6a514edbfaa985a2cdf0d33b4f76f90a6625b773b7
1f8811e68087a164af866abf95ab58e46f1994a531fdd1436c3c6719af9d52c4
1fb7414684938ff8c8651cbf9d992a611eeb5c4375ea7ae85249f6154a1b3f6b
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
2492bcc7bae107dc5da3fc7321926478ddc8c529af9d39313b47ac3ff5cd0839
24ac4fb5d794709ca627c0d203be04a40e9748c3741a1166352da03dadf357db
25359cb3d49c2e00cb2e97f95643ee30748d54c33daa11c9c6fb0d2b519dfffa
25422741643745e24765c242019a1c262b5ec3835a9b38b58e9168f013127c60
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
271c6f572ec8b76041ea2528755c76657f6549804809eb16665fafce26776125
27e29a5aebbbc2d82b6f7d9dbbf03ced7ecaf592adf68338a02aff332b3e7bd5
28058f974e5807bfbb316a68d4e32b9d891b9a7eefdd834dd8d52f7bdbb7a261
29d5eaa5e682bd83e5be4a891ad375e8fe81430bc624e1781e8b0e18c0d71f84
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2ced95a0c01b2b2aaecf85d4b87f4889d2fa7dfba19529f2ab1e3a595baa6615
2d3954c57cf0a57df9be762e14392c00928723fe3f09d90474869dc6a557170b
2db32246ca38d6c5a7597f3814cca49f36314dbd59f8d76e0faa0e705765b164
2dbe17826f6d28917c939c4536dbabfd21b6ca7cfb7a23243004540318054109
2e9608f86820119f4d9c3a72ac4846a2da964852e907a6d515486505b9c9f109
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2ffd682978600218b840e3c6f9aeee91c676f7867e43723056e5873043332cb7
31366e9c8e93d9f0f45d4a5df46a107f12155eac05a9359f8fb24e93aa520f66
313fd9d24cb57f0ce7025317eac48d7c8eef5d10f51946be7871222d8b31b5b1
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32a4699dd3c9523ded43a1f385da54698cacc6cb4fb723110c3343a36586a478
33c1ab6a01b4049878497c2874d8cbb72e14ee7cf14fafec3c09b45f9874b67e
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
36ca3c7aa04c170cfdec60d7b33ea73c700b1d8c41f949a7f356f1053ca5f2e3
377a07f62e2c691df4f852ed4faa53989b67d68b4b820efd25edf4ce120e6be0
37cec64dd5d422626abbd488519396484861135408333052edd5bb54b42c6e2c
392c32f20b9f867852a946a6ed1c5e21476df9619083548b6585d80a3b5f9bd4
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3b48a96e9d49029a8d30ce34701523882f5e1ef3d5a5c7a39a9de61648c4e27a
3b89401fea631023de67ae75bf8f246b1af109a9a4247c3862016949eacc462b
3cc8113388165e2e9de5f3f654671d060e38b3e9664ce0e3b5462967e49e8f71
3d2c10cf69410c10177fc6e56937d05151b182841fa6aee36f651d587d91fbb8
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
3fefd1d90e917e50ded65a353f957caaf3d0c4004032a5a74cb54330c8f0fb03
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
43e6486fb6fd2c4044bb2282bd4a64bb6d70754a96564a94a6937c0ca9f4c85c
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
45985eaab0c2d85583037e7a36179979093d58837c387191f70df57eeb0f4436
4681d619f677c1b314814309a6f00a5e0ec3f12968e807ee71def1cf42bd7808
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
468cddaa841356f65c872dd19b5c49491a45dcf1298d35e0c44bd44df6309ec7
478d2d27228672fdef97e922667ab897994659a8726f2eb7a1da985a04a9dd4c
479d76daa1f9f5f5c296772971d7ce04c37f14f1f5dd1e4660080df06fedcc7c
488a014ce40c23d8f6dfcebefe00201822f5c61e247a6fdb20a48e9aa9c317a4
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48f0269de5946fa220a87399a38d303442780c041af4edde7d87185a8b6cb630
4b69b365cced8c4dd0064d7a47c1bee3829c55614b85835e2fbd49772961b34e
4d8b2734636064d1da77981f467e1130e72b6da8ae9b0321c164eb2931c93bf8
4db089451cb586a8152e12c08d577bd6c96f8b96332aafe0f2416099ad584147
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
50749f7e20f6a9c3c20081b9e0daf61c2ac73a17f3c33e4ba7ae785b8ab84e19
513aa90db2d234ffd44cc6e4c013b0d8330bfd9d9ce5ea4209f78f354dc1ae9a
51921e697ea16e4fd7897e059618589e8fddf9e809a6feed4e297f4a096d4d71
52a81cc44904eac8d8d3d8aa4d66fa18c2ed0c537a2a170547d94534476cd188
52e69b9024342fbbf28e39a8c5c782e23afe56fbf52ed7cead677f115cb09d03
5389ea3f0c269b93f5d776f5ac7a1d405cff280ac626112f1b5ab57e1a2c7cee
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5567ca4190d1fcb325270d4d0ee731e7844452b8229716befe2f5d3a7ff4dd59
56962bc48f2acb175c71b59298782cc1e841afb9f725986955105139e52078e9
57ba1eaad0ead52d21b87c96d6e6068dd411de7f25644fde41bc9cec67fb36df
587e445d456151f894f68dfdfebe48658a830033aeed3c33aa2ed32c802add0e
58f6577983f9f14ced8a2a6c5cf8451a12e5038052bbae04915e7d28287e8a8b
5a1cebf3da1285ff528af1a8a6e282846bb9a7de1c5426940047558d0eab242a
5bd1afe48badcdaa4aa7fd4d677fe66d7707de0f893cc21f060364f8f783ebda
5ccccd60aaf75f80ee6b89018de71a08c58530ca0beda7d7895f0ba8d43d542f
5da042d5812f163384470df8b5fbca46e8364922c47407a8dbdcf114066fc6ab
5eef148f8a76811b9226ca7e1bb41ce62e6330cc7e47c019cbf4a2829bd95956
5f7a6151c57eca4de0be4459845f26d13a6fde8ea493b3336be8b9de60b01f50
5f81683a6e71deb2fdab7899bae51d7d6a80990ce79732a91f188bc1e2226f81
5fbf392dfa3a16530db69a8c737df22ed13fe8d9a61922f23e8faefae772b63b
6098eddfb09532d928ec2db39825491011b6962805ab11bfc71efbc82a00a0ad
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61ee6ba688bebe173692917d9474e35c90079186a0d8c46378d90a9df922b01b
636f770fef14b2e16ad04545da1c9a975ce772225e9a391752938da85221c490
65feb1fa0bd67920dc1030b8fb8ebff3b6680a861fde3462c37589d820f8e06a
660513d2ed759c4f8784d2199701aaf66bf46c0a21771d9b568494914d9a11c1
6803cee2f4dc388c4b4b7919a46731c73ac178a7f1f1e8c561bc7b10419edfc4
6a3c485c4e77adc192070ea1e25042764c787a37bb96d9f7c6a467046378a950
6e2748f46e001d6d5178c3e96dc924975f6e6b7b590b48e7b7103af42605bdcf
6f36f481995afd3d769b347c07cdf70f9e4e7c21a50591863b0950a78d96bcdd
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
7374a169b675ad5c3ac6167edda9c8fe05fe5315b6728815db2f091cc7712af6
748a13abf546345cb680e9cb28c67c028d2d8be6a16c1d585538700daf2a9f77
77b14edfb6060130031fd81bebd44be6a5627dfe1c33b929841a8eeed15de12e
7817ee889e9c73351b96c97c740c9dd746ba87ebd6c6fcab3cd77cd021920ce7
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7b307f2ce73aec07bfa1ab1d6462f491de0497c8819b1d6fed66eda9638a3530
7c5f155e922a4d87965c4fe27e22d49eaf27db97becc7fbce288fd01390c651e
7e035885f253b73836d41088415cc8c467e43385ca3452b111431e6ab76f990b
7f8089e9d4cc8559bfadd1795f5e809f1605333d3510e69ea78d6d218d09cac8
8062317f6f2f91e260868f04ff72ca4a157a0205e9d15d4a89ef6885ab85f313
81122c73a1caee155bd6b5a80542f93a8eedf2e9ec43c00d1eb87256f023557f
812bcacb6156e72a91fec76b30e2c6e909513a3038b28ff0680f7cda837cd9e8
8173b15a0f6219d6cf1a08f275371486a000fdecaff281eff56775acbadd7d4c
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
82f7144c37ea35a887898f157dcbde8856402ff29f7aa9046e1bc0065dfdf9c5
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
837991c3f4e1d70598da8342bc7c977d8c51b7312986911c52ab17168d9c6978
83985e5a86d1aff0f10552f406ed13bc024bb32be3ae53afeca953cc4f8436b8
839c424b188a9bdafd46e5b643a2c5afb4b7df5e51f0321ffafd5f23b118e259
847c0e8023ee775b9b8c37696a6142eefd845e85ed79b3e8792488428918fb7d
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465
862d7bc68e1112808a64535b45bcb0ac807938f57462b3c1c6ef8b3db7f8e558
8764cc83174a49899d0059393a7cb7514c20ceff2f2ab65e899c15bf14e12cfe
87a92e159459b46d503d7ca9301e076e886bf1eb91abaae349f8b6a69deb2571
884bdaf96274b018bf30d2c8229d58038b47fbd093c70014bd39471e11771978
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8cf723039218f1b738bcc54f8afa08788c40c4a6ef6bd2db8fc309cac2dd42c5
8ff594557d15818d0407c52a3b2c3ea8e48e92b950211cfaa3e40e033a93cdd3
9046bb9a490adba8200cb041da51eecb1354ceda4435f0a112e33a341bdec6a5
922acaca7a81f52e4c66c3ec12b49d94c167691edb3edc938d3579c7d79052f4
92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5
97595534b3283ef241a59192b1a4ccf1a78e558116e38f43f7daa138d4f0d8ff
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9987dcc652130026523219440b654a3e307d16f186019031ad60a28d6f73aa2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b5d174c28eccba36ede43046f94c1fcb1a2d9ec19757ff25f43fa9ca51fb5a7
9beae38cf0d5dd2765495575ea4c8692930138336a9edf9db503c64ed1b15eb6
9e60c758712370d1339592fdbc4596bb067a52cd5f0b91f2f9ff07a447dd6839
a04de327f0c9763d3a4000c84843a306d17209411f535fe50bdb616fcf7c0fca
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a20010b26bce05ea3cfc83cf3a162b7c16b5d2fa2bcf2253b0394b0eb322347a
a3c8d1021bd2ee3bb73e29d8fdf79a184be2c6b5ef6ba41b0a6bd09519d0dfd3
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a555823107bc6017c4e13df642b17ae7744314e6de998457d51242be5d742947
a6505af4c3200ee18e4dc4d1165c3a819d03bfd1ea75f643286c3a15728e40c7
a677b9a9a4b9a78e56f6886b9fc7ad9c334d74f028af62f8af3f7f78ce43ba6b
a6a542faa22889d6a38c8d2afc411f3779236afc8733c87d9e82428ecfb0928f
a705334a42da65a584f56fd798ca6857c5051ef26d47b47258ff307327352433
a7b5f5f96f81dea4efc53e1d4dae8b37c28bec27a45b42ccf604ee759e20caec
a9b8757ef83403b67a3f6d10da0c8f4259179fe48a775020aeb65ab9e1791cc3
ab8517f3d5171dd42a8b9c22af6a2f944b41d00e7ea54ba02b4ed71a6c59e543
ac2bb961b3dcba3db82d4e2415b4c4dfe64b01377199544001cb422e6701fbd0
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ae4a6284cb069a61bfb009aa344c25cfe17c0bcbfc1d393e73423ec4f9d93186
b1058a0345413e10b5cf8d9e67ec1e49b20fe8fffa1069c57923680c390f39c8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2ac5b7c82a6dcbc2a4f0865a3040cf46ae6140ebbdcce9f803276f371e3fd6e
b2d85ed824caa2d8cae5f67a7a53e65307cde09a44f5b971b16446a159ae2dc3
b3428115ed91c7b00cb2556fe74795d845888f8d062a8ef09ed91eec8fe53fa1
b3e57eb372e8b405c816875571e184854b2846261c7477c6c9bdb7782faa1a30
b471af61c17904e86fb5b9441dd07dc8b8e52b506347b1ac8ead354f00d7880c
b73a648418381a7bf2109d898780e9b7bebb0556276a97cbb7b2faf33bd88cca
b8dd39c40d4ea73bbd62534ea9d62f841178a98fdcdc2414054aefc6eedb0671
b9d5bc0cac630a6709cbd15b428c473e70c841e3a8f153fe56ad5bf8e44f089c
baf5b344817ef171fc66610b9c71234a846d1d6478f104d0e1c99648dc704732
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc82310d2b82f3aa74a269e8f679359bda827c649adb41486fd1af268a026ac1
bd37af5d06c7cfa3bd2ed941f6f517a82a6ee73aa6dd2c6b7f5515f2e02f1dca
be899b7417db0f9825de178ff0c0b87ef18aa0e0d0eeb36932edf51b5522e2eb
bfb44e64160dab670f43ea06ca5a521b1311d3e54c1ec0fb61e147e9baf68959
c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c45c402718b4d787974c2cf196f8c58c241aca5aed29b9f11230ef45058fcdc6
c4ff817554e681ecd03bebacdfbf468b2b9f551e75ac0d3dc95f4b813debcc87
c61b54fb4bbf7083918be7066e50126d1a95e56ccc9be9fafd69deb50ac7424b
c6df03d6bd1a8ca1ce49d6b92d5fd80d5c1358191040696703718ce2054b1b2b
c87b7f745cfb4a994801488584e6e0e78d6c4f0ad567e985a781fc0b86074724
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cc30b78a814c2b12a7524cb064a9093e82819b7a1a9ae7b1a6eb7a41cd8c201e
cc3cafe80a8bd22ca37fc3b020a2f7d25b6ef6d016526026aba3393f131b8cf1
ccd4e2f238bf99930a6caf266392f615313332e104cc8aad0d5b1d9cda67c625
ccd86a7f3034f6800e6ff69b4a3fb5d625b12eefdb5e86b9bbfc19348ffb3e57
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfcd9204a747a9511c39523465ce83fec9493969ccf85ff9bbe08135a8f13610
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d14b42d1554f1533617534ed5c4428f5a156d6601eb2f0ddfb9ca75a70243815
d252564dd4773891ad02e9a9a42cc9f2d5a13f6225bec09abc35300b4eb63849
d323b8d8ed7665b86dfb228a3a47c0eb479dfec96f8bc0e89748495a305f2aae
d36d6d3206e659da626f7f2a51fb78d2fdd8df03852bbc5c0ca4ee8fde52316d
d574b79c184bf85347d89dcd8ea62a6c42cfb15b0b6eeee60fd5dc447d9ea75e
d640c052242a5bc13404627dd9d603d7b416a519eff053c2d00613ad85362e0c
d69c318c5a18ce860870df13878596d3d7bb7efd57b77a0f32b5478d1cfe1c52
d7ebad1eec9e3f68ff5bf627aef8e75b74f7507fa08154a9725de5836add2a69
d8566fc80a8251c20b95630e0e2dc4fcd6cb5b39767881cc5ed2148d17c95fd0
d8adbd06bdbeeca21b06b2dc74bf314f6197af2cc642b251fcdc9e9c5c559bc2
d915b34fadf8ef9ed51cbed1cf5dcbceac1495bdda4e1861b918b260f96fce1f
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
dcbb76a8cb268e3ed25b14f8d4a9b8e906f20da34d903111c2d77fc2c34d83cc
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de0b6a85183e77b27669137f81e9807c2f1c35fd0c1b3012055e3cf0da2f16fa
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
def7c03fe706641bd1deb6d06658d2e525efc076c0319ce68ea15cc743e8c7f8
dfbfafbecf02813a4eb85f10ab914df8f6eb500e0b2adef7465b6469eda7572b
e1d7e170cc51717fbf416a2aace920766635d079bb0a31612dd3327f03271fb5
e22ffb359cda4efc6dddecbc7fd320b307dc1b889803353370a7c9a1b45ca4c7
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1
e29b67c2fda447efc481e7301f92f8a98281d599453b5ece43081d2dbef0586a
e3402ed1d57205e89a09d2fe6321dfa7e7524434c6ec004b7cd95672ab9118a0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f5130c846dd2b8362310a320f23c7f7969ac5cc50143e5d39ec4355a498597
e461b281292f9c0a421c3773dbaa82d534a534de4c7b93ade129306f9aec625a
e4652142ac6c845f6c2a46716340a3079411bdec085c9f942eefcb0c07d38c3e
e51a422946d39c99edfbc932f58ad6a1fa613f32019e5620a980f05d82eff7cc
e52f66a7aa63b5c67524ffb9825091c5393756d74f0dda85f9f3005e07d22b40
e5455fe11eef6ea9da6fd8b89ec7d0376cf18b8d863a31fd6f4e13225055049a
e60488e39acd8955e9dd3c61968b7d74dba47a4c742308bbab55bbe58754caf6
e620d194e248dc3e3f5ec6b9d2a197ca7adb211b026174d050e440999ab30dd8
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
ea042591aa1928ceb6f83aed96f62e0d9846b522d0b480020a6465dc49eac285
eadd2bf84cd263e2da1a3f5bd9fa49476a3c2ddeb44f33efed99b9a1ec637e6e
eb062af82452b05dcb696e09379e176b87ae3e4bcf46191ffbcdf6638d131ca9
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f4b1151607bd8d019960f0dbb936979159dae5b182012c4b5396aacf651c6bf4
f59e88800776de514430fd9e95b369fff9497bf6d2bcb9382e4f6604ecbc66da
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f67f8989c56fc2fe1f221784c33790994da31783ed55ac3790f5b92c54dca78f
f6ee4906a3f8c725d01fc9669abb7d6eabf2e6ba394811b97afdf570d9a76ff4
f9e9d6c9d3b76ddbbaf7cd44bbcb5e7c0eb9cdb69bb4c3895117f2341474b75f
f9fc63faae946021e5297a1ca959ec9657ecf0040160143eeb1eeff07aedc3ca
fa1f876cb70f7a711191b9dab191d9cc1c037ae4f5f5ea032dfe742f51c07f65
fa4fd81992bc3788f9d24635e6f2e94c55f04d0ed19a8fcb2c5a3729668927f5
fa6b6012a0bc9848f75e7f545274818becd4fde757c305fad3bcef9e1e11ba56
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
fe5b2cfe6d89a7451bd795b5294b49ff42fbe6a1612910d9d71b2bbcd8022d04