urlscan.io logo urlscan.io
SecurityTrails logo

www.turtlediary.com Open in urlscan Pro
13.35.147.107  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://turtlediary.com/
Effective URL: https://www.turtlediary.com/
Submission: On September 14 via manual from AU — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 112 IPs in 12 countries across 112 domains to perform 471 HTTP transactions. The main IP is 13.35.147.107, located in United States and belongs to AMAZON-02, US. The main domain is www.turtlediary.com. The Cisco Umbrella rank of the primary domain is 276368.
TLS certificate: Issued by Amazon RSA 2048 M02 on November 22nd 2022. Valid for: a year.
This is the only time www.turtlediary.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 3.210.100.196 14618 (AMAZON-AES)
14 13.35.147.107 16509 (AMAZON-02)
4 142.250.67.10 15169 (GOOGLE)
1 142.250.204.8 15169 (GOOGLE)
17 13.35.147.81 16509 (AMAZON-02)
16 13.35.147.63 16509 (AMAZON-02)
1 142.250.66.202 15169 (GOOGLE)
3 104.17.24.14 13335 (CLOUDFLAR...)
6 44.205.53.163 14618 (AMAZON-AES)
1 69.16.175.10 20446 (STACKPATH...)
7 104.18.20.206 13335 (CLOUDFLAR...)
6 142.250.76.110 15169 (GOOGLE)
4 172.217.167.67 15169 (GOOGLE)
3 34.160.63.134 15169 (GOOGLE)
13 34.160.152.31 15169 (GOOGLE)
1 3 18.67.111.113 16509 (AMAZON-02)
4 34.111.152.239 396982 (GOOGLE-CL...)
2 172.64.144.166 13335 (CLOUDFLAR...)
2 8 142.250.66.226 15169 (GOOGLE)
1 1 104.26.9.50 13335 (CLOUDFLAR...)
1 104.26.7.139 13335 (CLOUDFLAR...)
1 104.22.53.173 13335 (CLOUDFLAR...)
4 104.22.4.69 13335 (CLOUDFLAR...)
1 18.244.214.125 16509 (AMAZON-02)
3 130.211.23.194 15169 (GOOGLE)
2 172.67.69.19 13335 (CLOUDFLAR...)
2 142.250.204.6 15169 (GOOGLE)
2 34.160.128.112 15169 (GOOGLE)
2 18.67.111.81 16509 (AMAZON-02)
9 24 13.35.147.78 16509 (AMAZON-02)
5 182.161.73.136 55569 (CRITEO-AS...)
16 29 52.84.251.19 16509 (AMAZON-02)
3 6 103.229.10.171 16509 (AMAZON-02)
10 12 35.71.131.137 16509 (AMAZON-02)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 13.35.147.111 16509 (AMAZON-02)
1 34.96.70.87 396982 (GOOGLE-CL...)
1 151.101.193.229 54113 (FASTLY)
1 104.22.52.86 13335 (CLOUDFLAR...)
1 182.161.73.129 55569 (CRITEO-AS...)
1 2 34.120.107.143 396982 (GOOGLE-CL...)
1 13.251.250.53 16509 (AMAZON-02)
10 34.107.140.113 396982 (GOOGLE-CL...)
1 3 35.227.252.103 15169 (GOOGLE)
3 54.251.110.142 16509 (AMAZON-02)
1 34.107.148.139 396982 (GOOGLE-CL...)
15 22 69.173.158.64 26667 (RUBICONPR...)
3 162.19.138.116 16276 (OVH)
2 8 35.244.159.8 15169 (GOOGLE)
2 2 202.241.208.55 4694 (IDCF IDC ...)
2 2 13.35.147.69 16509 (AMAZON-02)
20 36 172.217.167.98 15169 (GOOGLE)
1 13.35.147.15 16509 (AMAZON-02)
11 142.250.76.98 15169 (GOOGLE)
2 18 142.251.221.65 15169 (GOOGLE)
5 18 52.223.2.229 16509 (AMAZON-02)
2 13.35.151.131 16509 (AMAZON-02)
1 3 13.107.42.14 8068 (MICROSOFT...)
2 6 54.169.195.178 16509 (AMAZON-02)
1 13.107.21.200 8068 (MICROSOFT...)
6 13 35.213.12.39 15169 (GOOGLE)
4 4 35.213.93.179 15169 (GOOGLE)
3 3 182.161.73.146 55569 (CRITEO-AS...)
10 15 103.43.90.178 29990 (ASN-APPNEX)
3 142.250.204.4 15169 (GOOGLE)
2 172.217.167.66 15169 (GOOGLE)
2 142.250.204.3 15169 (GOOGLE)
2 44.239.127.146 16509 (AMAZON-02)
3 172.217.167.78 15169 (GOOGLE)
3 142.251.221.78 15169 (GOOGLE)
6 23.215.59.10 16625 (AKAMAI-AS)
12 108.138.246.94 16509 (AMAZON-02)
2 2 35.214.162.241 15169 (GOOGLE)
3 25 104.18.39.155 13335 (CLOUDFLAR...)
4 5 13.228.126.19 16509 (AMAZON-02)
2 2 35.169.88.118 14618 (AMAZON-AES)
2 6 23.215.59.229 16625 (AKAMAI-AS)
4 4 209.191.163.152 14744 (INTERNAP-...)
1 2 23.55.38.48 20940 (AKAMAI-ASN1)
1 1 80.77.87.166 46636 (NATCOWEB)
3 4 23.106.127.38 59253 (LEASEWEB-...)
1 37.157.6.233 198622 (ADFORM)
1 7 18.139.97.117 16509 (AMAZON-02)
20 20 74.118.186.107 6336 (TURN-US-ASN)
9 9 50.116.239.135 6336 (TURN-US-ASN)
16 23.204.64.24 16625 (AKAMAI-AS)
2 67.199.150.87 62713 (AS-PUBMATIC)
1 8 69.175.41.2 32475 (SINGLEHOP...)
1 124.146.215.3 2514 (INFOSPHER...)
7 8 185.84.60.30 198622 (ADFORM)
4 7 67.199.150.81 3257 (GTT-BACKB...)
1 159.203.145.121 14061 (DIGITALOC...)
2 2 23.106.127.53 59253 (LEASEWEB-...)
2 35.213.109.249 15169 (GOOGLE)
4 142.251.221.66 15169 (GOOGLE)
2 4 104.18.24.173 13335 (CLOUDFLAR...)
1 1 150.95.47.242 7506 (INTERQ GM...)
1 23 207.65.33.82 62713 (AS-PUBMATIC)
1 1 18.138.18.111 16509 (AMAZON-02)
4 5 151.101.66.49 54113 (FASTLY)
5 7 54.158.55.205 14618 (AMAZON-AES)
1 1 35.186.154.107 15169 (GOOGLE)
1 1 172.104.45.159 63949 (AKAMAI-LI...)
1 2 35.186.193.173 15169 (GOOGLE)
1 1 82.145.213.8 39832 (NO-OPERA)
2 220.150.223.50 4686 (BEKKOAME ...)
2 35.75.96.169 16509 (AMAZON-02)
2 2 3.1.14.27 16509 (AMAZON-02)
1 195.5.165.20 44968 (IPROM-AS)
1 38.91.45.7 398989 (DEEPINTENT)
4 4 13.250.68.118 16509 (AMAZON-02)
4 6 34.111.113.62 396982 (GOOGLE-CL...)
2 3 54.179.248.176 16509 (AMAZON-02)
1 119.9.108.180 45187 (RACKSPACE...)
3 4 34.124.209.251 396982 (GOOGLE-CL...)
1 207.65.33.76 62713 (AS-PUBMATIC)
4 4 89.207.22.73 399104 (CNVR-APAC)
1 1 34.102.253.54 396982 (GOOGLE-CL...)
2 172.217.167.106 15169 (GOOGLE)
4 4 98.98.134.241 21859 (ZEN-ECN)
1 1 69.173.151.100 26667 (RUBICONPR...)
5 9 209.54.182.161 16509 (AMAZON-02)
2 4 34.96.105.8 396982 (GOOGLE-CL...)
4 4 18.158.226.17 16509 (AMAZON-02)
1 1 54.219.222.185 16509 (AMAZON-02)
1 18.140.226.150 16509 (AMAZON-02)
1 23.77.149.36 16625 (AKAMAI-AS)
4 104.18.38.76 13335 (CLOUDFLAR...)
4 23.204.65.234 16625 (AKAMAI-AS)
1 1 13.35.147.91 16509 (AMAZON-02)
2 2 52.73.197.123 14618 (AMAZON-AES)
4 4 64.202.112.255 22075 (AS-OUTBRAIN)
2 2 23.202.168.221 16625 (AKAMAI-AS)
3 7 34.98.64.218 396982 (GOOGLE-CL...)
1 1 18.177.11.95 16509 (AMAZON-02)
3 6 35.190.60.146 15169 (GOOGLE)
2 2 107.178.254.65 396982 (GOOGLE-CL...)
1 1 34.98.67.3 396982 (GOOGLE-CL...)
10 10 54.248.182.252 16509 (AMAZON-02)
1 1 74.214.196.131 19189 (PULSEPOINT)
1 2 13.236.213.182 16509 (AMAZON-02)
2 3 67.220.224.144 16509 (AMAZON-02)
1 1 104.74.49.161 16625 (AKAMAI-AS)
2 2 198.8.71.131 54312 (ROCKETFUEL)
1 1 72.34.250.75 27630 (AS-XFERNET)
1 34.111.79.67 396982 (GOOGLE-CL...)
1 1 34.96.71.22 396982 (GOOGLE-CL...)
1 1 35.208.249.213 19527 (GOOGLE-2)
1 162.19.138.83 16276 (OVH)
2 216.239.32.3 15169 (GOOGLE)
2 67.199.150.85 3257 (GTT-BACKB...)
1 1 52.77.12.17 16509 (AMAZON-02)
471 112
1    3.210.100.196 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-210-100-196.compute-1.amazonaws.com
turtlediary.com
14    13.35.147.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-147-107.syd1.r.cloudfront.net
www.turtlediary.com
4    142.250.67.10 (Old Bridge, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s16-in-f10.1e100.net
fonts.googleapis.com
1    142.250.204.8 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f8.1e100.net
www.googletagmanager.com
17    13.35.147.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-147-81.syd1.r.cloudfront.net
cdn.turtlediary.com
16    13.35.147.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-147-63.syd1.r.cloudfront.net
media.turtlediary.com
1    142.250.66.202 (Old Bridge, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s23-in-f10.1e100.net
ajax.googleapis.com
3    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
6    44.205.53.163 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-205-53-163.compute-1.amazonaws.com
nodejs.turtlediary.com
1    69.16.175.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: hwcdn.net
code.jquery.com
7    104.18.20.206 (None, )

ASN13335 (CLOUDFLARENET, US)
a.pub.network
6    142.250.76.110 (Old Bridge, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s24-in-f14.1e100.net
www.google-analytics.com
encrypted-tbn1.gstatic.com
4    172.217.167.67 (United States)

ASN15169 (GOOGLE, US)
PTR: syd15s06-in-f3.1e100.net
fonts.gstatic.com
3    34.160.63.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.63.160.34.bc.googleusercontent.com
fronttoad.com
13    34.160.152.31 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 31.152.160.34.bc.googleusercontent.com
d.pub.network
c.pub.network
3    18.67.111.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-111-113.syd62.r.cloudfront.net
sb.scorecardresearch.com
4    34.111.152.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.152.111.34.bc.googleusercontent.com
optimise.net
2    172.64.144.166 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.confiant-integrations.net
8    142.250.66.226 (Old Bridge, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s15-in-f2.1e100.net
securepubads.g.doubleclick.net
1    104.26.9.50 (None, )

ASN13335 (CLOUDFLARENET, US)
freestar-io.videoplayerhub.com
1    104.26.7.139 (None, )

ASN13335 (CLOUDFLARENET, US)
btloader.com
1    104.22.53.173 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.hadronid.net
4    104.22.4.69 (None, )

ASN13335 (CLOUDFLARENET, US)
id.hadron.ad.gt
1    18.244.214.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-214-125.sfo53.r.cloudfront.net
static.adsafeprotected.com
3    130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
2    172.67.69.19 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
2    142.250.204.6 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f6.1e100.net
ad.doubleclick.net
s0.2mdn.net
2    34.160.128.112 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 112.128.160.34.bc.googleusercontent.com
api.floors.dev
2    18.67.111.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-111-81.syd62.r.cloudfront.net
api.intentiq.com
24    13.35.147.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-147-78.syd1.r.cloudfront.net
sync.intentiq.com
sync1.intentiq.com
5    182.161.73.136 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
gum.criteo.com
29    52.84.251.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-251-19.sin5.r.cloudfront.net
live.primis.tech
rtb.primis.tech
6    103.229.10.171 (Singapore)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
12    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
data.adsrvr.org
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
1    13.35.147.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-147-111.syd1.r.cloudfront.net
tags.crwdcntrl.net
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
1    151.101.193.229 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    104.22.52.86 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    182.161.73.129 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
static.criteo.net
2    34.120.107.143 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com
oajs.openx.net
1    13.251.250.53 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-251-250-53.ap-southeast-1.compute.amazonaws.com
bcp.crwdcntrl.net
10    34.107.140.113 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 113.140.107.34.bc.googleusercontent.com
s2s.t13.io
3    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
3    54.251.110.142 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-251-110-142.ap-southeast-1.compute.amazonaws.com
btlr.sharethrough.com
1    34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
22    69.173.158.64 (Singapore)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
3    162.19.138.116 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu
id5-sync.com
8    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
google-bidout-d.openx.net
us-u.openx.net
jp-u.openx.net
u.openx.net
freestar-d.openx.net
eu-u.openx.net
2    202.241.208.55 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
tg.socdm.com
2    13.35.147.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-147-69.syd1.r.cloudfront.net
cr-p3.ladsp.com
36    172.217.167.98 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s17-in-f2.1e100.net
cm.g.doubleclick.net
1    13.35.147.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-147-15.syd1.r.cloudfront.net
rules.quantcount.com
11    142.250.76.98 (Old Bridge, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s24-in-f2.1e100.net
pagead2.googlesyndication.com
18    142.251.221.65 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f1.1e100.net
68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com
tpc.googlesyndication.com
18    52.223.2.229 (United States)

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com
eb2.3lift.com
2    13.35.151.131 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-151-131.syd1.r.cloudfront.net
c.amazon-adsystem.com
3    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
6    54.169.195.178 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-169-195-178.ap-southeast-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
1    13.107.21.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
13    35.213.12.39 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com
x.bidswitch.net
4    35.213.93.179 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 179.93.213.35.bc.googleusercontent.com
a.sportradarserving.com
3    182.161.73.146 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
dis.criteo.com
15    103.43.90.178 (Singapore)

ASN29990 (ASN-APPNEX, US)
PTR: 591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
ib.adnxs.com
secure.adnxs.com
3    142.250.204.4 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f4.1e100.net
www.google.com
2    172.217.167.66 (United States)

ASN15169 (GOOGLE, US)
PTR: syd15s06-in-f2.1e100.net
www.googletagservices.com
2    142.250.204.3 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f3.1e100.net
www.gstatic.com
2    44.239.127.146 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-239-127-146.us-west-2.compute.amazonaws.com
protected-by.clarium.io
3    172.217.167.78 (United States)

ASN15169 (GOOGLE, US)
PTR: syd15s06-in-f14.1e100.net
encrypted-tbn2.gstatic.com
3    142.251.221.78 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f14.1e100.net
encrypted-tbn0.gstatic.com
6    23.215.59.10 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-215-59-10.deploy.static.akamaitechnologies.com
ads.pubmatic.com
12    108.138.246.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-246-94.sfo5.r.cloudfront.net
video.primis.tech
2    35.214.162.241 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 241.162.214.35.bc.googleusercontent.com
csync.loopme.me
25    104.18.39.155 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
htlb.casalemedia.com
dsum-sec.casalemedia.com
5    13.228.126.19 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-228-126-19.ap-southeast-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    35.169.88.118 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-169-88-118.compute-1.amazonaws.com
mb9eo.publishers.tremorhub.com
6    23.215.59.229 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-215-59-229.deploy.static.akamaitechnologies.com
cs.media.net
hbx.media.net
c21lg-d.media.net
4    209.191.163.152 (United States)

ASN14744 (INTERNAP-BLOCK-4, US)
ap.lijit.com
2    23.55.38.48 (Sydney, Australia)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-55-38-48.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
1    80.77.87.166 (Clifton, United States)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
4    23.106.127.38 (Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ssbsync-global.smartadserver.com
rtb-csync.smartadserver.com
sync.smartadserver.com
1    37.157.6.233 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
7    18.139.97.117 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-139-97-117.ap-southeast-1.compute.amazonaws.com
match.sharethrough.com
20    74.118.186.107 (Singapore)

ASN6336 (TURN-US-ASN, US)
sync.1rx.io
sync.targeting.unrulymedia.com
9    50.116.239.135 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
16    23.204.64.24 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-204-64-24.deploy.static.akamaitechnologies.com
contextual.media.net
2    67.199.150.87 (Singapore)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
8    69.175.41.2 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: sovrn-193627-chi03-placeholder
ce.lijit.com
1    124.146.215.3 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
gdn.socdm.com
8    185.84.60.30 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
7    67.199.150.81 (Singapore)

ASN3257 (GTT-BACKBONE GTT, US)
image6.pubmatic.com
1    159.203.145.121 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
cs.chocolateplatform.com
2    23.106.127.53 (Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ssbsync.smartadserver.com
2    35.213.109.249 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 249.109.213.35.bc.googleusercontent.com
y.one.impact-ad.jp
4    142.251.221.66 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f2.1e100.net
www.googleadservices.com
4    104.18.24.173 (None, )

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    150.95.47.242 (Japan)

ASN7506 (INTERQ GMO Internet,Inc, JP)
PTR: v150-95-47-242.a00c.g.jpt1.static.cnode.io
sync.dsp.reemo-ad.jp
23    207.65.33.82 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
simage2.pubmatic.com
1    18.138.18.111 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-138-18-111.ap-southeast-1.compute.amazonaws.com
cm.ambientdsp.com
5    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
7    54.158.55.205 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-158-55-205.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    35.186.154.107 (Singapore)

ASN15169 (GOOGLE, US)
PTR: 107.154.186.35.bc.googleusercontent.com
cm-supply-web.gammaplatform.com
1    172.104.45.159 (Singapore)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1625-159.members.linode.com
gocm.c.appier.net
2    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
1    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
2    220.150.223.50 (Japan)

ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP)
PTR: 50.223.150.220.in-addr.arpa
sync-dsp.ad-m.asia
2    35.75.96.169 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-75-96-169.ap-northeast-1.compute.amazonaws.com
dps.jp.cinarra.com
2    3.1.14.27 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-1-14-27.ap-southeast-1.compute.amazonaws.com
cm.adgrx.com
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
1    38.91.45.7 (United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
4    13.250.68.118 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-250-68-118.ap-southeast-1.compute.amazonaws.com
pm.w55c.net
i.w55c.net
6    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
3    54.179.248.176 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-179-248-176.ap-southeast-1.compute.amazonaws.com
sync.crwdcntrl.net
1    119.9.108.180 (Hong Kong)

ASN45187 (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong, HK)
uipglob.semasio.net
4    34.124.209.251 (Singapore)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 251.209.124.34.bc.googleusercontent.com
um.simpli.fi
1    207.65.33.76 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
4    89.207.22.73 (Singapore)

ASN399104 (CNVR-APAC, US)
PTR: sin01-nessy-float1.dotomi.com
pubmatic-match.dotomi.com
medianet-match.dotomi.com
1    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
2    172.217.167.106 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s17-in-f10.1e100.net
imasdk.googleapis.com
4    98.98.134.241 (United States)

ASN21859 (ZEN-ECN, US)
PTR: ddos.com
pixel-sync.sitescout.com
1    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
9    209.54.182.161 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
4    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
4    18.158.226.17 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-226-17.eu-central-1.compute.amazonaws.com
rtb.mfadsrvr.com
1    54.219.222.185 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-219-222-185.us-west-1.compute.amazonaws.com
aorta.clickagy.com
1    18.140.226.150 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-140-226-150.ap-southeast-1.compute.amazonaws.com
d.adroll.com
1    23.77.149.36 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-77-149-36.deploy.static.akamaitechnologies.com
acdn.adnxs.com
4    104.18.38.76 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
4    23.204.65.234 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-204-65-234.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    13.35.147.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-147-91.syd1.r.cloudfront.net
s.ad.smaato.net
2    52.73.197.123 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-197-123.compute-1.amazonaws.com
sync.ipredictive.com
4    64.202.112.255 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
2    23.202.168.221 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-202-168-221.deploy.static.akamaitechnologies.com
stags.bluekai.com
7    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
jp-u.openx.net
u.openx.net
1    18.177.11.95 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-177-11-95.ap-northeast-1.compute.amazonaws.com
bk.r-ad.ne.jp
6    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
idsync.rlcdn.com
id.rlcdn.com
2    107.178.254.65 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
1    34.98.67.3 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 3.67.98.34.bc.googleusercontent.com
tags.rd.linksynergy.com
10    54.248.182.252 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-248-182-252.ap-northeast-1.compute.amazonaws.com
match.prod.bidr.io
1    74.214.196.131 (Sunnyvale, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
2    13.236.213.182 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-236-213-182.ap-southeast-2.compute.amazonaws.com
dpm.demdex.net
3    67.220.224.144 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    104.74.49.161 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a104-74-49-161.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
2    198.8.71.131 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    72.34.250.75 (Beaumont, United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
1    34.111.79.67 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 67.79.111.34.bc.googleusercontent.com
odr.mookie1.com
1    34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com
s.company-target.com
1    35.208.249.213 (Council Bluffs, United States)

ASN19527 (GOOGLE-2, US)
PTR: 213.249.208.35.bc.googleusercontent.com
trace.mediago.io
1    162.19.138.83 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532338.ip-162-19-138.eu
lb.eu-1-id5-sync.com
2    216.239.32.3 (United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
2    67.199.150.85 (Singapore)

ASN3257 (GTT-BACKBONE GTT, US)
simage4.pubmatic.com
1    52.77.12.17 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-77-12-17.ap-southeast-1.compute.amazonaws.com
ads.yieldmo.com
Apex Domain
Subdomains		 Transfer
54 turtlediary.com
turtlediary.com — Cisco Umbrella Rank: 162412
www.turtlediary.com — Cisco Umbrella Rank: 276368
cdn.turtlediary.com — Cisco Umbrella Rank: 347904
media.turtlediary.com — Cisco Umbrella Rank: 322500
nodejs.turtlediary.com — Cisco Umbrella Rank: 184886
845 KB
45 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209
ad.doubleclick.net — Cisco Umbrella Rank: 165
cm.g.doubleclick.net — Cisco Umbrella Rank: 255
222 KB
41 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 568
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 553
image6.pubmatic.com — Cisco Umbrella Rank: 913
image2.pubmatic.com — Cisco Umbrella Rank: 1113
simage2.pubmatic.com — Cisco Umbrella Rank: 953
image4.pubmatic.com — Cisco Umbrella Rank: 1278
simage4.pubmatic.com — Cisco Umbrella Rank: 1350
60 KB
41 primis.tech
live.primis.tech — Cisco Umbrella Rank: 2096
video.primis.tech — Cisco Umbrella Rank: 6430
rtb.primis.tech — Cisco Umbrella Rank: 6199
5 MB
29 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 105
68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 152
285 KB
28 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 402
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1205
eus.rubiconproject.com — Cisco Umbrella Rank: 669
token.rubiconproject.com — Cisco Umbrella Rank: 657
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1174
39 KB
26 intentiq.com
api.intentiq.com — Cisco Umbrella Rank: 1493
sync.intentiq.com — Cisco Umbrella Rank: 1105
sync1.intentiq.com — Cisco Umbrella Rank: 2728
26 KB
25 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 500
htlb.casalemedia.com — Cisco Umbrella Rank: 550
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 658
18 KB
23 media.net
prebid.media.net — Cisco Umbrella Rank: 1455
cs.media.net — Cisco Umbrella Rank: 1657
contextual.media.net — Cisco Umbrella Rank: 719
hbx.media.net — Cisco Umbrella Rank: 1231
c21lg-d.media.net — Cisco Umbrella Rank: 2698
42 KB
20 openx.net
oajs.openx.net — Cisco Umbrella Rank: 1430
rtb.openx.net — Cisco Umbrella Rank: 870
google-bidout-d.openx.net — Cisco Umbrella Rank: 1435
us-u.openx.net — Cisco Umbrella Rank: 532
jp-u.openx.net — Cisco Umbrella Rank: 12041
u.openx.net — Cisco Umbrella Rank: 726
freestar-d.openx.net — Cisco Umbrella Rank: 14904
eu-u.openx.net — Cisco Umbrella Rank: 3026
4 KB
20 pub.network
a.pub.network — Cisco Umbrella Rank: 4955
d.pub.network — Cisco Umbrella Rank: 5192
c.pub.network — Cisco Umbrella Rank: 4912
393 KB
18 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 433
9 KB
17 gstatic.com
fonts.gstatic.com
www.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn0.gstatic.com
csi.gstatic.com
321 KB
16 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 268 Failed
secure.adnxs.com — Cisco Umbrella Rank: 519
acdn.adnxs.com — Cisco Umbrella Rank: 649
29 KB
14 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 630
9 KB
14 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 337
s.amazon-adsystem.com — Cisco Umbrella Rank: 330
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1065
72 KB
13 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 373
5 KB
12 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 728
ce.lijit.com — Cisco Umbrella Rank: 1084
12 KB
12 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 406
data.adsrvr.org — Cisco Umbrella Rank: 6310
7 KB
11 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 478
ups.analytics.yahoo.com — Cisco Umbrella Rank: 349
5 KB
10 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 628
5 KB
10 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 1166
match.sharethrough.com — Cisco Umbrella Rank: 613
6 KB
10 t13.io
s2s.t13.io — Cisco Umbrella Rank: 5041
11 KB
9 turn.com
ad.turn.com — Cisco Umbrella Rank: 1045
4 KB
9 adform.net
cm.adform.net — Cisco Umbrella Rank: 1283
c1.adform.net — Cisco Umbrella Rank: 670
6 KB
8 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 450
dis.criteo.com — Cisco Umbrella Rank: 641
9 KB
7 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 888
3 KB
7 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 56
ajax.googleapis.com — Cisco Umbrella Rank: 419
imasdk.googleapis.com — Cisco Umbrella Rank: 501
389 KB
6 rlcdn.com
api.rlcdn.com Failed
idsync.rlcdn.com — Cisco Umbrella Rank: 440
id.rlcdn.com — Cisco Umbrella Rank: 929
1 KB
6 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 522
1 KB
6 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1332
3 KB
6 smartadserver.com
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 1787
ssbsync.smartadserver.com — Cisco Umbrella Rank: 924
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 767
sync.smartadserver.com — Cisco Umbrella Rank: 1460
2 KB
6 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1343
pixel.quantserve.com — Cisco Umbrella Rank: 1130
cms.quantserve.com — Cisco Umbrella Rank: 928
11 KB
5 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 876
1 KB
5 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 946
bcp.crwdcntrl.net — Cisco Umbrella Rank: 963
sync.crwdcntrl.net — Cisco Umbrella Rank: 971
14 KB
4 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 604
3 KB
4 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 749
cdn.indexww.com — Cisco Umbrella Rank: 1773
3 KB
4 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 1190
3 KB
4 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 2251
526 B
4 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 873
2 KB
4 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 4301
medianet-match.dotomi.com — Cisco Umbrella Rank: 11852
2 KB
4 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 943
2 KB
4 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 1071
i.w55c.net — Cisco Umbrella Rank: 2564
3 KB
4 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 980
s.tribalfusion.com — Cisco Umbrella Rank: 2310
2 KB
4 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 151
4 sportradarserving.com
a.sportradarserving.com — Cisco Umbrella Rank: 2754
2 KB
4 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 887
id5-sync.com — Cisco Umbrella Rank: 427
33 KB
4 ad.gt
id.hadron.ad.gt — Cisco Umbrella Rank: 1972
384 B
4 btloader.com
btloader.com — Cisco Umbrella Rank: 1098
api.btloader.com — Cisco Umbrella Rank: 1156
83 KB
4 optimise.net
optimise.net — Cisco Umbrella Rank: 6197
3 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
3 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 410
1 KB
3 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1227
gdn.socdm.com — Cisco Umbrella Rank: 84753
3 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 177
3 KB
3 fronttoad.com
fronttoad.com — Cisco Umbrella Rank: 29624
25 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 44
21 KB
3 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 248
31 KB
2 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 1015
1 KB
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 239
2 KB
2 pippio.com
pippio.com — Cisco Umbrella Rank: 899
883 B
2 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 647
1 KB
2 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 1100
987 B
2 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1602
1 KB
2 cinarra.com
dps.jp.cinarra.com — Cisco Umbrella Rank: 17387
75 B
2 ad-m.asia
sync-dsp.ad-m.asia — Cisco Umbrella Rank: 8027
486 B
2 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 6126
674 B
2 impact-ad.jp
y.one.impact-ad.jp — Cisco Umbrella Rank: 6382
436 B
2 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 582
1 KB
2 tremorhub.com
mb9eo.publishers.tremorhub.com — Cisco Umbrella Rank: 7161
721 B
2 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1104
483 B
2 clarium.io
protected-by.clarium.io — Cisco Umbrella Rank: 1566
487 B
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 221
114 KB
2 ladsp.com
cr-p3.ladsp.com — Cisco Umbrella Rank: 20680
1 KB
2 floors.dev
api.floors.dev — Cisco Umbrella Rank: 7804
2 KB
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 1169
1 KB
2 confiant-integrations.net
cdn.confiant-integrations.net — Cisco Umbrella Rank: 1463
110 KB
1 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 753
554 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1086
406 B
1 mediago.io
trace.mediago.io — Cisco Umbrella Rank: 1101
359 B
1 company-target.com
s.company-target.com — Cisco Umbrella Rank: 1777
424 B
1 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 1376
213 B
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 1109
744 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 620
955 B
1 linksynergy.com
tags.rd.linksynergy.com — Cisco Umbrella Rank: 5143
392 B
1 r-ad.ne.jp
bk.r-ad.ne.jp — Cisco Umbrella Rank: 25728
549 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 331
16 KB
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 885
466 B
1 adroll.com
d.adroll.com — Cisco Umbrella Rank: 1465
181 B
1 clickagy.com
aorta.clickagy.com — Cisco Umbrella Rank: 2452
429 B
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 4482
463 B
1 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1314
220 B
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1163
44 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 6492
281 B
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 1649
554 B
1 appier.net
gocm.c.appier.net — Cisco Umbrella Rank: 2674
434 B
1 gammaplatform.com
cm-supply-web.gammaplatform.com — Cisco Umbrella Rank: 3372
652 B
1 ambientdsp.com
cm.ambientdsp.com — Cisco Umbrella Rank: 22225
652 B
1 reemo-ad.jp
sync.dsp.reemo-ad.jp — Cisco Umbrella Rank: 11286
398 B
1 chocolateplatform.com
cs.chocolateplatform.com — Cisco Umbrella Rank: 5200
134 B
1 admanmedia.com
cs.admanmedia.com — Cisco Umbrella Rank: 1147
668 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 273
690 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1253
1 KB
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 660
14 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 364
901 B
1 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 1583
1 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 1597
8 KB
1 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 635
483 B
1 hadronid.net
cdn.hadronid.net — Cisco Umbrella Rank: 2106
10 KB
1 videoplayerhub.com
freestar-io.videoplayerhub.com — Cisco Umbrella Rank: 6115
447 B
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 918
30 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 63
93 KB
0 nex8.net Failed
cs.nex8.net Failed
471 112
Domain Requested by
36 cm.g.doubleclick.net 20 redirects google-bidout-d.openx.net
eb2.3lift.com
68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com
ce.lijit.com
28 live.primis.tech 16 redirects a.pub.network
live.primis.tech
23 sync.intentiq.com 9 redirects live.primis.tech
ads.pubmatic.com
18 eb2.3lift.com 5 redirects a.pub.network
eb2.3lift.com
17 cdn.turtlediary.com www.turtlediary.com
16 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
16 contextual.media.net ce.lijit.com
a.pub.network
contextual.media.net
eus.rubiconproject.com
ads.pubmatic.com
16 pixel.rubiconproject.com 9 redirects eus.rubiconproject.com
16 media.turtlediary.com www.turtlediary.com
15 simage2.pubmatic.com ads.pubmatic.com
15 tpc.googlesyndication.com 2 redirects securepubads.g.doubleclick.net
68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com
tpc.googlesyndication.com
14 sync.1rx.io 14 redirects
14 www.turtlediary.com www.turtlediary.com
13 x.bidswitch.net 6 redirects eb2.3lift.com
ads.pubmatic.com
eus.rubiconproject.com
12 video.primis.tech live.primis.tech
12 c.pub.network a.pub.network
11 pagead2.googlesyndication.com securepubads.g.doubleclick.net
68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com
tpc.googlesyndication.com
www.turtlediary.com
www.googletagservices.com
imasdk.googleapis.com
11 ib.adnxs.com a.pub.network
eb2.3lift.com
acdn.adnxs.com
eus.rubiconproject.com
11 match.adsrvr.org 9 redirects a.pub.network
live.primis.tech
10 match.prod.bidr.io 10 redirects
10 s2s.t13.io a.pub.network
eb2.3lift.com
ce.lijit.com
ssum-sec.casalemedia.com
ads.pubmatic.com
9 s.amazon-adsystem.com 5 redirects ce.lijit.com
ssum-sec.casalemedia.com
eb2.3lift.com
9 ad.turn.com 9 redirects
8 image2.pubmatic.com 1 redirects ads.pubmatic.com
8 c1.adform.net 7 redirects ads.pubmatic.com
8 ce.lijit.com 1 redirects a.pub.network
ce.lijit.com
8 ssum-sec.casalemedia.com 2 redirects a.pub.network
ssum-sec.casalemedia.com
js-sec.indexww.com
8 securepubads.g.doubleclick.net 2 redirects a.pub.network
securepubads.g.doubleclick.net
imasdk.googleapis.com
7 sync.srv.stackadapt.com 5 redirects eb2.3lift.com
7 image6.pubmatic.com 4 redirects ads.pubmatic.com
7 match.sharethrough.com 1 redirects
7 us-u.openx.net 2 redirects google-bidout-d.openx.net
freestar-d.openx.net
7 a.pub.network www.turtlediary.com
a.pub.network
6 token.rubiconproject.com 6 redirects
6 pixel.tapad.com 4 redirects ads.pubmatic.com
eus.rubiconproject.com
6 sync.targeting.unrulymedia.com 6 redirects
6 ads.pubmatic.com live.primis.tech
ads.pubmatic.com
a.pub.network
contextual.media.net
6 pr-bh.ybp.yahoo.com 2 redirects ads.pubmatic.com
ssum-sec.casalemedia.com
freestar-d.openx.net
6 nodejs.turtlediary.com www.turtlediary.com
nodejs.turtlediary.com
5 idsync.rlcdn.com 3 redirects
5 sync-tm.everesttech.net 4 redirects ads.pubmatic.com
5 ups.analytics.yahoo.com 4 redirects eus.rubiconproject.com
5 gum.criteo.com a.pub.network
static.criteo.net
gum.criteo.com
contextual.media.net
4 b1sync.zemanta.com 4 redirects
4 eus.rubiconproject.com a.pub.network
eus.rubiconproject.com
contextual.media.net
4 rtb.mfadsrvr.com 4 redirects
4 tr.blismedia.com 2 redirects ce.lijit.com
freestar-d.openx.net
4 pixel-sync.sitescout.com 4 redirects
4 secure.adnxs.com 4 redirects
4 um.simpli.fi 3 redirects ads.pubmatic.com
4 www.googleadservices.com
4 ap.lijit.com 4 redirects
4 a.sportradarserving.com 4 redirects
4 id.hadron.ad.gt cdn.hadronid.net
a.pub.network
4 optimise.net a.pub.network
4 fonts.gstatic.com fonts.googleapis.com
4 fonts.googleapis.com www.turtlediary.com
68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com
live.primis.tech
3 aax-eu.amazon-adsystem.com 2 redirects
3 sync.crwdcntrl.net 2 redirects ads.pubmatic.com
3 pm.w55c.net 3 redirects
3 cms.quantserve.com 3 redirects
3 cs.media.net 2 redirects contextual.media.net
3 encrypted-tbn0.gstatic.com 68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com
3 encrypted-tbn2.gstatic.com 68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com
3 encrypted-tbn1.gstatic.com 68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com
3 www.google.com 68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com
tpc.googlesyndication.com
3 dis.criteo.com 3 redirects
3 px.ads.linkedin.com 1 redirects eb2.3lift.com
3 68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com securepubads.g.doubleclick.net
cdn.confiant-integrations.net
3 jp-u.openx.net google-bidout-d.openx.net
freestar-d.openx.net
3 id5-sync.com cdn.id5-sync.com
live.primis.tech
3 btlr.sharethrough.com a.pub.network
live.primis.tech
3 rtb.openx.net 1 redirects a.pub.network
freestar-d.openx.net
3 api.btloader.com freestar-io.videoplayerhub.com
3 sb.scorecardresearch.com 1 redirects a.pub.network
www.turtlediary.com
3 fronttoad.com a.pub.network
fronttoad.com
3 www.google-analytics.com www.turtlediary.com
www.google-analytics.com
www.googletagmanager.com
3 cdnjs.cloudflare.com www.turtlediary.com
2 sync.smartadserver.com 1 redirects ads.pubmatic.com
2 simage4.pubmatic.com ads.pubmatic.com
2 csi.gstatic.com imasdk.googleapis.com
2 c21lg-d.media.net contextual.media.net
2 medianet-match.dotomi.com 2 redirects
2 p.rfihub.com 2 redirects
2 cdn.indexww.com ssum-sec.casalemedia.com
2 dpm.demdex.net 1 redirects ssum-sec.casalemedia.com
2 pippio.com 2 redirects
2 stags.bluekai.com 2 redirects
2 sync.ipredictive.com 2 redirects
2 js-sec.indexww.com a.pub.network
live.primis.tech
2 imasdk.googleapis.com live.primis.tech
imasdk.googleapis.com
2 pubmatic-match.dotomi.com 2 redirects
2 cm.adgrx.com 2 redirects
2 dps.jp.cinarra.com ads.pubmatic.com
freestar-d.openx.net
2 sync-dsp.ad-m.asia ads.pubmatic.com
freestar-d.openx.net
2 ipac.ctnsnet.com 1 redirects ads.pubmatic.com
2 s.tribalfusion.com ads.pubmatic.com
2 a.tribalfusion.com 2 redirects
2 y.one.impact-ad.jp 68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com
2 ssbsync.smartadserver.com 2 redirects
2 hbopenbid.pubmatic.com live.primis.tech
2 ads.stickyadstv.com 1 redirects live.primis.tech
ssum-sec.casalemedia.com
2 mb9eo.publishers.tremorhub.com 2 redirects
2 csync.loopme.me 2 redirects
2 u.openx.net 2 redirects
2 protected-by.clarium.io 68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com
2 www.gstatic.com 68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com
2 www.googletagservices.com 68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com
2 c.amazon-adsystem.com live.primis.tech
c.amazon-adsystem.com
2 pixel.quantserve.com
2 cr-p3.ladsp.com 2 redirects
2 tg.socdm.com 2 redirects
2 oajs.openx.net 1 redirects
2 api.intentiq.com a.pub.network
live.primis.tech
2 api.floors.dev a.pub.network
2 ad-delivery.net www.turtlediary.com
2 cdn.confiant-integrations.net a.pub.network
cdn.confiant-integrations.net
1 ads.yieldmo.com 1 redirects
1 lb.eu-1-id5-sync.com live.primis.tech
1 trace.mediago.io 1 redirects
1 s.company-target.com 1 redirects
1 id.rlcdn.com contextual.media.net
1 odr.mookie1.com contextual.media.net
1 sync.go.sonobi.com 1 redirects
1 secure-assets.rubiconproject.com 1 redirects
1 hbx.media.net contextual.media.net
1 rtb-csync.smartadserver.com 1 redirects
1 bh.contextweb.com 1 redirects
1 tags.rd.linksynergy.com 1 redirects
1 bk.r-ad.ne.jp 1 redirects
1 eu-u.openx.net 1 redirects
1 i.w55c.net 1 redirects
1 s0.2mdn.net imasdk.googleapis.com
1 s.ad.smaato.net 1 redirects
1 acdn.adnxs.com a.pub.network
1 freestar-d.openx.net a.pub.network
1 d.adroll.com ssum-sec.casalemedia.com
1 aorta.clickagy.com 1 redirects
1 data.adsrvr.org 1 redirects
1 pixel-us-east.rubiconproject.com 1 redirects
1 ads.playground.xyz 1 redirects
1 image4.pubmatic.com ads.pubmatic.com
1 uipglob.semasio.net ads.pubmatic.com
1 match.deepintent.com ads.pubmatic.com
1 core.iprom.net ads.pubmatic.com
1 t.adx.opera.com 1 redirects
1 gocm.c.appier.net 1 redirects
1 cm-supply-web.gammaplatform.com 1 redirects
1 cm.ambientdsp.com 1 redirects
1 sync.dsp.reemo-ad.jp 1 redirects
1 cs.chocolateplatform.com 68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com
1 gdn.socdm.com
1 rtb.primis.tech live.primis.tech
1 htlb.casalemedia.com live.primis.tech
1 cm.adform.net
1 ssbsync-global.smartadserver.com 1 redirects
1 cs.admanmedia.com 1 redirects
1 c.bing.com eb2.3lift.com
1 rules.quantcount.com secure.quantserve.com
1 google-bidout-d.openx.net oa.openxcdn.net
1 prebid.media.net a.pub.network
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 static.criteo.net securepubads.g.doubleclick.net
1 cdn.id5-sync.com securepubads.g.doubleclick.net
1 cdn.jsdelivr.net securepubads.g.doubleclick.net
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 secure.quantserve.com a.pub.network
1 sync1.intentiq.com
1 ad.doubleclick.net www.turtlediary.com
1 static.adsafeprotected.com www.turtlediary.com
1 cdn.hadronid.net www.turtlediary.com
1 btloader.com www.turtlediary.com
1 freestar-io.videoplayerhub.com 1 redirects
1 d.pub.network a.pub.network
1 code.jquery.com www.turtlediary.com
1 ajax.googleapis.com www.turtlediary.com
1 www.googletagmanager.com www.turtlediary.com
1 turtlediary.com 1 redirects
0 api.rlcdn.com Failed live.primis.tech
0 cs.nex8.net Failed freestar-d.openx.net
471 182
Subject Issuer Validity Valid
*.turtlediary.com
Amazon RSA 2048 M02		 2022-11-22 -
2023-12-22		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
fronttoad.com
R3		 2023-09-13 -
2023-12-12		 3 months crt.sh
d.pub.network
GTS CA 1D4		 2023-08-11 -
2023-11-09		 3 months crt.sh
*.scorecardresearch.com
Sectigo RSA Domain Validation Secure Server CA		 2022-12-15 -
2023-12-28		 a year crt.sh
optimise.net
GTS CA 1D4		 2023-07-24 -
2023-10-22		 3 months crt.sh
confiant-integrations.net
GTS CA 1P5		 2023-07-23 -
2023-10-21		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
hadronid.net
GTS CA 1P5		 2023-08-07 -
2023-11-05		 3 months crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2023-07-07 -
2024-08-04		 a year crt.sh
api.btloader.com
GTS CA 1D4		 2023-08-11 -
2023-11-09		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
api.floors.dev
GTS CA 1D4		 2023-07-19 -
2023-10-17		 3 months crt.sh
*.intentiq.com
Amazon RSA 2048 M02		 2023-04-11 -
2024-05-08		 a year crt.sh
c.pub.network
GTS CA 1D4		 2023-08-11 -
2023-11-09		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-19 -
2023-10-18		 3 months crt.sh
*.primis.tech
Amazon RSA 2048 M01		 2022-10-24 -
2023-11-22		 a year crt.sh
quantserve.com
R3		 2023-08-29 -
2023-11-27		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-07-27 -
2023-10-25		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2022-11-07 -
2023-12-06		 a year crt.sh
invstatic101.creativecdn.com
GTS CA 1D4		 2023-08-26 -
2023-11-24		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-23 -
2024-01-24		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-05 -
2023-10-31		 3 months crt.sh
s2s.t13.io
GTS CA 1D4		 2023-07-16 -
2023-10-14		 3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-02-03 -
2023-11-21		 10 months crt.sh
prebid.media.net
GTS CA 1D4		 2023-08-31 -
2023-11-29		 3 months crt.sh
*.id5-sync.com
R3		 2023-09-01 -
2023-11-30		 3 months crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2023-06-02 -
2023-12-02		 6 months crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 05		 2023-07-26 -
2024-01-22		 6 months crt.sh
www.google.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
protected-by.clarium.io
Amazon RSA 2048 M01		 2022-12-16 -
2024-01-14		 a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-25 -
2024-01-24		 a year crt.sh
*.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-25 -
2024-06-18		 a year crt.sh
*.ads.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-16 -
2024-04-16		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
*.chocolateplatform.com
ZeroSSL RSA Domain Secure Site CA		 2023-04-03 -
2024-04-02		 a year crt.sh
y.one.impact-ad.jp
Sectigo RSA Domain Validation Secure Server CA		 2023-03-14 -
2024-03-14		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-11 -
2024-09-11		 a year crt.sh
*.ctnsnet.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-04 -
2023-11-06		 10 months crt.sh
sync-dsp.ad-m.asia
ZeroSSL RSA Domain Secure Site CA		 2023-09-07 -
2023-12-06		 3 months crt.sh
*.jp.cinarra.com
Sectigo RSA Domain Validation Secure Server CA		 2023-05-17 -
2024-06-16		 a year crt.sh
*.iprom.net
R3		 2023-08-16 -
2023-11-14		 3 months crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-11-30 -
2024-01-01		 a year crt.sh
*.semasio.net
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
tr.blismedia.com
GTS CA 1D4		 2023-08-07 -
2023-11-05		 3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
d.adroll.com
Amazon RSA 2048 M02		 2022-11-08 -
2023-12-07		 a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2022-10-21 -
2023-10-22		 a year crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-07 -
2024-04-03		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.srv.stackadapt.com
Amazon RSA 2048 M03		 2023-09-09 -
2024-10-07		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2023-09-01 -
2023-11-30		 3 months crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-06 -
2024-09-19		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh

This page contains 64 frames:

Primary Page: https://www.turtlediary.com/
Frame ID: 97C2A16BD3EDB4E51D0CBF2BA1FAA1F7
Requests: 158 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 43B8D1BCE2BB68F9E124CF001F1B1592
Requests: 6 HTTP requests in this frame

Frame: https://live.primis.tech/live/liveView.php?s=114564&cbuster=1694656110&pubUrl=https://www.turtlediary.com/&x=400&y=272&playerApiId=freestarPrimisPlayer&schain=1.0,1!freestar.com,1564,1&cbuster=1694656110&pubUrlAuto=https%3A%2F%2Fwww.turtlediary.com%2F&videoType=sticky&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Frame ID: 73E2A730C44BCD5E2DE7412B7C572E63
Requests: 46 HTTP requests in this frame

Frame: https://68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D9C81F68E6EB0C733D1306276C5D95D9
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.turtlediary.com
Frame ID: 33F6A0364BE51DA77741399B464AF190
Requests: 2 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
Frame ID: 11F130C9AA14076DDDBA65A8462A8462
Requests: 12 HTTP requests in this frame

Frame: https://68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B1BF3A25C169A4AB2EC0DF26842E081B
Requests: 21 HTTP requests in this frame

Frame: https://68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 82EC72964525972538D91C6155B6F01A
Requests: 18 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 408AFA08B41CDACE83D486111D169165
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1F8E4171383338A0363701B30FB132CD
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FD53DAF97050BD69FB9F1E1CB7C5CD30
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6D526723188697885739708EF4295F72
Requests: 9 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Frame ID: DA86EDCD4751431F02C65EED0CEDCE04
Requests: 21 HTTP requests in this frame

Frame: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1486637409&3rdpcid=f09c8ce3-052b-4271-afd7-c9569f505d53
Frame ID: FBDD374E413E80B71724158D1BB8129A
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&dnr=1
Frame ID: 67D101966C1F0616977815DF02ADEE70
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/YBinSErTekvxupjb6vinQNaPBzh8KEiIox6QinbqyX4.js
Frame ID: 965C6E74E3E86B26089099CFF93B90B3
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/YBinSErTekvxupjb6vinQNaPBzh8KEiIox6QinbqyX4.js
Frame ID: D3A85782E828A234F190D84E93B7E076
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=C91bGgveXU4Q3VkbDopGGA7RWhwQ2lwaW96lXASA
Frame ID: EA03EE1438B8539A9E7ABA0E0A5E3D20
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4379871299077307740&gdpr=0&gdpr_consent=
Frame ID: 79FA3E750D2101DE89FB1E1EDC9A13C3
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=11kne88azrjt
Frame ID: 37718BA82190C7846FD2BD49ABB169B5
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 2518C23B86BD8DFFE4CE257233C13ECD
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZQJmcQAM9T8cEAA4
Frame ID: 17FC1FC3D42326F3FCCD9C47798CCCB0
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=VvsKSL_3W_1J1MHeEqGRKkLLcKM&gdpr=0&gdpr_consent=
Frame ID: 1AEF598017B5F965A9993B075805E812
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=zds0bu1aqbzg
Frame ID: D7512922D18736A98B1ADDC682A11044
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=c_-cTYnxAzadpf14cWYCZQ
Frame ID: DB4C5F02A75F01759D7CB91C857C8299
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: A81C255F05AB76C621068B421C2D06D5
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=d31b7a23f29a4eeab6a79cd421f336fe
Frame ID: B98377FA452FD9C2F5B1CE0A932EBE08
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU489c8cb04f91409dbb7572840d533805
Frame ID: 0EF38C909A77545197486111B734C58D
Requests: 1 HTTP requests in this frame

Frame: https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Frame ID: E2BE3423C56E1C75FC9D4DB5D5CDEB83
Requests: 1 HTTP requests in this frame

Frame: https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=B115E008-E131-42D6-BFAC-2E49AC5E28A3
Frame ID: A65DE1570FA42DAA5FB9D9DA7CF31401
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=d059c4b0-52a0-11ee-9e0c-a3ac6c916c1d
Frame ID: FD718879A6DB2DCDD91E253A61608584
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 08C270C88C9D03D668270BFC470F8E59
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: F1861C0D4B856D64FD8733902EB002B9
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 111950A7D2AC63FFE2B0A45B0B59B9F5
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 6D8972469BBE8A1315DBBF83244B4A3C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:pxhedKI41QGBt75&gdpr=0&gdpr_consent=
Frame ID: 38167606C504C50BEF591A2B9748B278
Requests: 1 HTTP requests in this frame

Frame: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1402230080&3rdpcid=B115E008-E131-42D6-BFAC-2E49AC5E28A3
Frame ID: B6295DB583AC2240A6780DB79A9F21B9
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&cb=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Frame ID: E7BC9D650535CE8CDF9043AF23065297
Requests: 10 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=233%2C157%2C2027%2C159%2C2026%2C236%2C357%2C237%2C117%2C359%2C97%2C55%2C99%2C56%2C59%2C3012%2C201%2C246%2C4%2C126%2C203%2C446%2C9%2C2099%2C173%2C294%2C251%2C175%2C450%2C178%2C3017%2C214%2C3016%2C337%2C338%2C459%2C339%2C77%2C38%2C141%2C262%2C461%2C222%2C345%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Frame ID: 8E6EB7EC4D56CA0F4708189BA5825E6E
Requests: 16 HTTP requests in this frame

Frame: https://freestar-d.openx.net/w/1.0/pd
Frame ID: F523362FE3B252090FC8187DCCCE5558
Requests: 11 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=0
Frame ID: ED1DBBFB63E429331297538C8B46411B
Requests: 2 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 7286667BEC348FF873E0E653B59A70A8
Requests: 11 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 7BF38240EE2E9909790AB4AF2C176A46
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 372F6D3AB6BFC2469DCC2B1E60FC5541
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: D53A42D824BFDE8EB015033053F3E319
Requests: 10 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.589.0_en.html
Frame ID: 1BEC2D555BE339D0A48ED2CB3D937EFA
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 09A0091688103C60842C711A5824E036
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.turtlediary.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 2FB216B202B9D0EED2D1CCF6A3E7FD4D
Requests: 10 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 779DF2B0A81A01B83EB4C06148C06FC1
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Frame ID: 693901767C6C78AAF253D29EC1A77689
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.turtlediary.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 927394FBEA528A4CC7364C65F6E89EAD
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=medianet
Frame ID: E60D0DE663072F2FA28F03CBA473F842
Requests: 11 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.html?cs=8&vsid=3376577122889957000V10&type=rkt&refUrl=&vid=46561142953376577122889957000V10&ovsid=2018245966358085774
Frame ID: 10763200316006E4E15C5671E7B55027
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3376577122889957000V10%26type%3Dpba%26refUrl%3D%26vid%3D46561142953376577122889957000V10%26ovsid%3DPM_UID
Frame ID: FE00B5F5EA8B0FA74CD6457C50A370B3
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&predirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Frame ID: 88AB5BAD329FEF2EDD4DC6DAB4288DF1
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=B115E008-E131-42D6-BFAC-2E49AC5E28A3&gdpr=0&gdpr_consent=
Frame ID: 76EFE21A3542A6601409B2C9CB607169
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=2018245966358085774
Frame ID: 72598120E7E8A43417A2BD129E0166E1
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-733db2ff-9718-4cc6-97df-a1f9e154259a-004
Frame ID: 94E18A2119ADCA8D77FE9324E925226D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:62585BD686A14631B68DFA0C90655AFC&gdpr=0&gdpr_consent=
Frame ID: 874FCB711FFED053C5924B59495DFAED
Requests: 1 HTTP requests in this frame

Frame: https://sync.smartadserver.com/getuid?url=https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1881119486&mi=10&csh=793790479;1486637409;1868283820;259151345&rnd=1264497559&pcid=[sas_uid]&cklb=1
Frame ID: C2856A25696AEB3FD79EDDA401526200
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.php?cs=8&vsid=3376577122889957000V10&type=pba&refUrl=&vid=46561142953376577122889957000V10&ovsid=B115E008-E131-42D6-BFAC-2E49AC5E28A3
Frame ID: 70A05B60E5A008A73942ABF6B97C591D
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.php?cs=8&vsid=3376577122889957000V10&type=pba&refUrl=&vid=46561142953376577122889957000V10&ovsid=B115E008-E131-42D6-BFAC-2E49AC5E28A3
Frame ID: BE4D029FAB5FDFB0D01BE9F71946E147
Requests: 1 HTTP requests in this frame

Frame: https://s2s.t13.io/setuid?bidder=pubmatic&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=b&uid=B115E008-E131-42D6-BFAC-2E49AC5E28A3
Frame ID: 3B74A322E45E76CB23D34AAD72FC3581
Requests: 1 HTTP requests in this frame

Frame: https://s2s.t13.io/setuid?bidder=pubmatic&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=b&uid=B115E008-E131-42D6-BFAC-2E49AC5E28A3
Frame ID: 2D4FD6CBD4B6C68589A5362482AF40F3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Educational Games | Educational Games For Kids | Turtle Diary

Page URL History Show full URLs

  1. http://turtlediary.com/ HTTP 301
    https://www.turtlediary.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • socket\.io.*\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

471
Requests

69 %
HTTPS

0 %
IPv6

112
Domains

182
Subdomains

112
IPs

12
Countries

8003 kB
Transfer

13913 kB
Size

220
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://turtlediary.com/ HTTP 301
    https://www.turtlediary.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 60
  • https://sb.scorecardresearch.com/b?c1=2&c2=23384447&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1694656108337&ns_c=UTF-8&cs_ucfr=&c7=https%3A%2F%2Fwww.turtlediary.com%2F&c8=Educational%20Games%20%7C%20Educational%20Games%20For%20Kids%20%7C%20Turtle%20Diary&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1694656108337&ns_c=UTF-8&cs_ucfr=&c7=https%3A%2F%2Fwww.turtlediary.com%2F&c8=Educational%20Games%20%7C%20Educational%20Games%20For%20Kids%20%7C%20Turtle%20Diary&c9=
Request Chain 65
  • https://freestar-io.videoplayerhub.com/gallery.js HTTP 301
  • https://btloader.com/tag?h=freestar-io&upapi=true
Request Chain 94
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=1434517136&rnd=575033&iiqidtype=2&iiqpcid=6fc69c00-6767-458d-aac5-e9447f440adb&iiqpciddate=1694656109791&tsrnd=872_1694656109793&vrref=www.turtlediary.com&jsver=5.4&abtp=95&abtg=A HTTP 302
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=1434517136&rnd=575033&iiqidtype=2&iiqpcid=6fc69c00-6767-458d-aac5-e9447f440adb&iiqpciddate=1694656109791&tsrnd=872_1694656109793&vrref=www.turtlediary.com&jsver=5.4&abtp=95&abtg=A&ckls=true&ci=KfWH3GGccn&nc=false&trid=1444694933
Request Chain 110
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.turtlediary.com%2F&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.turtlediary.com%2F&rid=esp&cc=1
Request Chain 119
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-triple13&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://s2s.t13.io/setuid?bidder=rubicon&uid=LMIIHS1V-P-5LTY
Request Chain 125
  • https://match.adsrvr.org/track/cmf/openx?oxid=07396a53-496d-7a82-ebb2-5f7573181e46&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=8fe62721-aec1-4b0f-a07d-1b94d52b81c8&ttd_puid=07396a53-496d-7a82-ebb2-5f7573181e46&gdpr=0&gdpr_consent=
Request Chain 126
  • https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZQJmbsCo5tIAAE9FkucAAAAA
Request Chain 127
  • https://cr-p3.ladsp.com/cookiesender/3 HTTP 302
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AXuG-hSdcGQIks8AD7P3vJTfyM8AAAGKkWAgrQ
Request Chain 128
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MmI1NmI5OTktODAxYS0yNDI2LWZlNTItMDVjY2I5ZmFkMDI2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MmI1NmI5OTktODAxYS0yNDI2LWZlNTItMDVjY2I5ZmFkMDI2&google_tc=
Request Chain 129
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOydiHD4q6wssFjqOzDgzjE&google_cver=1
Request Chain 145
  • https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID HTTP 302
  • https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
Request Chain 155
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=8fe62721-aec1-4b0f-a07d-1b94d52b81c8&dongle=0cfd&gdpr=0&gdpr_consent=
Request Chain 156
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDUwNDk5NjMyOTAyMzc1OTg3Nzc3Mw%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 157
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESELMrMuDBgwepubREVI32Wv8&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 158
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDUwNDk5NjMyOTAyMzc1OTg3Nzc3Mw%3D%3D
Request Chain 160
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/4504996329023759877773?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-EtxoY25E2oQ7NFWgMcko_eAiPCD3JnyrWJL6WcB6Fw--~A&dongle=0883
Request Chain 162
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=4504996329023759877773&gdpr=0&gdpr_consent=${GDPR_CONSENT} HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=triplelift&user_id=4504996329023759877773&gdpr=0&gdpr_consent=${GDPR_CONSENT} HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=0bc62ef8-a900-415e-a8df-5e231d2f7482&ssp=triplelift
Request Chain 163
  • https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&gdpr=0&gdpr_consent=&us_privacy=&gpp=${GPP_STRING_28}&gpp_sid=&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3D%40%40CRITEO_USERID%40%40%26dongle%3D013b HTTP 302
  • https://eb2.3lift.com/xuid?mid=2711&xuid=5ad7e647-26b3-46c1-a65b-3b39a5531475&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 164
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Feb2.3lift.com%252Fxuid%253Fmid%253D3335%2526xuid%253D%2524UID%2526dongle%253D4d58%2526gdpr%3D0%2526gdpr_consent%3D HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=4379871299077307740&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 182
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODq2JicpwEQsAkYsAkyCOmWWTk7j0iF HTTP 301
  • https://tpc.googlesyndication.com/simgad/13807221044435258780
Request Chain 198
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODq2JicpwEQsAkYsAkyCOmWWTk7j0iF HTTP 301
  • https://tpc.googlesyndication.com/simgad/13807221044435258780
Request Chain 201
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26gdpr%3D0%26gdpr_consent%3D%26advId%3D98%26advUuid%3D HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&gdpr=0&gdpr_consent=&advId=98&advUuid=f09c8ce3-052b-4271-afd7-c9569f505d53 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1486637409&3rdpcid=f09c8ce3-052b-4271-afd7-c9569f505d53
Request Chain 206
  • https://x.bidswitch.net/sync?ssp=sekindo&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=sekindo&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sekindo&bsw_param=bdc66407-e883-4535-97dc-d865405e8882&google_hm=YmRjNjY0MDctZTg4My00NTM1LTk3ZGMtZDg2NTQwNWU4ODgy HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEAfb7yxfX6TX1E1J-M867YA&google_cver=1&ssp=sekindo&bsw_param=bdc66407-e883-4535-97dc-d865405e8882
Request Chain 207
  • https://csync.loopme.me/?pubid=11280&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D93%26advUuid%3D%7Bviewer_token%7D HTTP 307
  • https://live.primis.tech/live/liveCS.php?source=external&advId=93&advUuid=81c2e6a4-6474-4c10-b9f7-e669dfb399c8&gdpr_consent=null&gdpr=0 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=417208643&3rdpcid=81c2e6a4-6474-4c10-b9f7-e669dfb399c8
Request Chain 208
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191923&gdpr=0&gdpr_consent=&cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D99%26advUuid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D99%26advUuid%3D&gdpr=0&gdpr_consent=&s=191923&C=1 HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=99&advUuid=ZQJmcK6YaIc9CuPdC5Nm1wAA%264689 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=2120880633&3rdpcid=ZQJmcK6YaIc9CuPdC5Nm1wAA%264689
Request Chain 209
  • https://eb2.3lift.com/getuid?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D121%26advUuid%3D%24UID HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=121&advUuid=4504996329023759877773 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=259151345&3rdpcid=4504996329023759877773
Request Chain 210
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis&gdpr=0&gdpr_consent= HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LMIIHS1V-P-5LTY&gdpr=0 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LMIIHS1V-P-5LTY
Request Chain 211
  • https://ups.analytics.yahoo.com/ups/58818/sync?redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58818/sync?redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=128&advUuid=y-O5FAI0BE2uLq7H4ommnYZ6Hr1nV2KSoG~A HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1028935272&3rdpcid=y-O5FAI0BE2uLq7H4ommnYZ6Hr1nV2KSoG~A
Request Chain 212
  • https://mb9eo.publishers.tremorhub.com/pubsync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D126%26advUuid%3D%5Btvid%5D HTTP 302
  • https://mb9eo.publishers.tremorhub.com/pubsync/verify?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D126%26advUuid%3D%5Btvid%5D HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=126&advUuid=a8b0d85a9b1d48b49f2468953e3b288a HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=584182936&3rdpcid=a8b0d85a9b1d48b49f2468953e3b288a
Request Chain 213
  • https://cs.media.net/cksync?gdpr=0&gdpr_consent=&cs=34&type=pri&ovsid=6502666e9c9d4&redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D127%26advUuid%3D%3Cvsid%3E HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=127&advUuid=3376577122889928000V10 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1723987475&3rdpcid=3376577122889928000V10
Request Chain 214
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D130%26advUuid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D130%26advUuid%3D%24UID&sovrn_retry=true HTTP 307
  • https://live.primis.tech/live/liveCS.php?source=external&advId=130&advUuid=HUTsBLZHuXYnUuN8S9Kij-V2 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=396218182&3rdpcid=HUTsBLZHuXYnUuN8S9Kij-V2
Request Chain 215
  • https://ads.stickyadstv.com/user-matching?id=3586&gdpr=0&gdpr_consent= HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=134&advUuid=955bc8a079b783cf6a797de4fe918d9&gdpr_consent=&gdpr=0 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=484859127&3rdpcid=955bc8a079b783cf6a797de4fe918d9
Request Chain 216
  • https://cs.admanmedia.com/3613a31b6329d1c17d5663d05b080db1.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D138%26advUuid%3D%5BUID%5D HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=138&advUuid=be774091-b410-4eaa-80eb-9bdfc43634f3 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=2136778551&3rdpcid=be774091-b410-4eaa-80eb-9bdfc43634f3 HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1709765917%26mi%3D10%26csh%3D793790479%26rnd%3D334439161&pcid=$UID HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1709765917&mi=10&csh=793790479&rnd=334439161&pcid=4379871299077307740 HTTP 302
  • https://x.bidswitch.net/sync?ssp=sekindo&r=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1267919208%26mi%3D10%26csh%3D793790479%3B1709765917%26rnd%3D1625302154%26pcid%3D
Request Chain 217
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=21&redirectUri=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D140%26advUuid%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=140&advUuid=6079336950252530809 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1881119486&3rdpcid=6079336950252530809
Request Chain 219
  • https://match.sharethrough.com/universal/v1?supply_id=Wog2sp89&gdpr=0&gdpr_consent= HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=144&advUuid=d92a179a-512b-4bde-a7d3-e5517625d63a&gdpr=0 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=2011327056&3rdpcid=d92a179a-512b-4bde-a7d3-e5517625d63a
Request Chain 220
  • https://sync.1rx.io/usersync2/rmpssp?sub=primis&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=primis&zcc=1&cb=1694656113350 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=2588870053 HTTP 302
  • https://sync.1rx.io/usersync/turn/6998026306101315327?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-733db2ff-9718-4cc6-97df-a1f9e154259a-004?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3376577122889957000V10%26type%3Dr1%26refUrl%3D%26vid%3D46561142953376577122889957000V10%26ovsid%3DRX-733db2ff-9718-4cc6-97df-a1f9e154259a-004 HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3376577122889957000V10&type=r1&refUrl=&vid=46561142953376577122889957000V10&ovsid=RX-733db2ff-9718-4cc6-97df-a1f9e154259a-004
Request Chain 236
  • https://ap.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID HTTP 301
  • https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID HTTP 302
  • https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&dnr=1
Request Chain 241
  • https://tg.socdm.com/rtb/sync_before?proto=google&sspid=google&google_gid=CAESECQymVW2XmS2OdePGddzpLs&google_cver=1&google_push=AXcoOmTEKcndpmmKHFlKdGrtn59Ri6nmJhSFP6bNmO30ZWvlL-0p7o6qwFSGRXqQQNrpB4JU84Tza8g4svbHR5WMncOOz6wPFrDUTZp133VhhmglJL9YNYZw16r9shQI2brQ2E605WsuqjD37_mcFwAQA5s HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=scout&google_cm&google_hm=WlFKbWNNQ281dElBQUU5Rmt4d0FBQUFB HTTP 302
  • https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESECQymVW2XmS2OdePGddzpLs&google_cver=1
Request Chain 242
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHd2lr02Ju0XLNU3Cy-79O4&google_cver=1&google_push=AXcoOmRv1JBOQgKK-mtz2gRVxQ_yo6VHqJ0IJDJSQgi1j5a2JJ9tlGNCbSUR6ybaIVpsc1nx0Omcw0QjXhX40c7uiA-e6uSbt9ZmveS56CmB7orXohoe3qatqMGuIf-tvG9pMUvxl_kxLVRugAuTpe_DPg HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEHd2lr02Ju0XLNU3Cy-79O4&google_cver=1&google_push=AXcoOmRv1JBOQgKK-mtz2gRVxQ_yo6VHqJ0IJDJSQgi1j5a2JJ9tlGNCbSUR6ybaIVpsc1nx0Omcw0QjXhX40c7uiA-e6uSbt9ZmveS56CmB7orXohoe3qatqMGuIf-tvG9pMUvxl_kxLVRugAuTpe_DPg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjc2NTg2OTE2NzU1MTM5OTc2NQ&google_push=AXcoOmRv1JBOQgKK-mtz2gRVxQ_yo6VHqJ0IJDJSQgi1j5a2JJ9tlGNCbSUR6ybaIVpsc1nx0Omcw0QjXhX40c7uiA-e6uSbt9ZmveS56CmB7orXohoe3qatqMGuIf-tvG9pMUvxl_kxLVRugAuTpe_DPg
Request Chain 243
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEHnFwq-cIUkX2EAnxIfDt4s&google_cver=1&google_push=AXcoOmRDQ9qmeciO1GXmVwlnzAUgNd3AMIfJq_DUBCWFBy4DHKwYoMLWV78JWQPTM4nB4HccegT4b5i6l9_heGF5bUUYzbkSWyHXJYS5ZOBltrHGCGKL5xa8fOKxht78BaU36WAQHoGgrN3gps58So87A-k HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEHnFwq-cIUkX2EAnxIfDt4s&google_cver=1&google_push=AXcoOmRDQ9qmeciO1GXmVwlnzAUgNd3AMIfJq_DUBCWFBy4DHKwYoMLWV78JWQPTM4nB4HccegT4b5i6l9_heGF5bUUYzbkSWyHXJYS5ZOBltrHGCGKL5xa8fOKxht78BaU36WAQHoGgrN3gps58So87A-k&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=sRXgCOExQta_rC5JrF4oow%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmRDQ9qmeciO1GXmVwlnzAUgNd3AMIfJq_DUBCWFBy4DHKwYoMLWV78JWQPTM4nB4HccegT4b5i6l9_heGF5bUUYzbkSWyHXJYS5ZOBltrHGCGKL5xa8fOKxht78BaU36WAQHoGgrN3gps58So87A-k
Request Chain 244
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEKnjZ9hU1Ft9hZ5WZY6i0es&google_cver=1&google_push=AXcoOmR4-6GT-ryhOkHxUfkSae-oPvmnunGKjb5CSA8OCB8BJJCkDHKSHNUozP1bwqQVlZMFCprd6OrlcfnILEfBf59aG6d5U6ZzOF7USbbfutCQl8TaZhfwjzstuWhuqbNecRfHwBJKbOsvLuZoe7NQlx4 HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmR4-6GT-ryhOkHxUfkSae-oPvmnunGKjb5CSA8OCB8BJJCkDHKSHNUozP1bwqQVlZMFCprd6OrlcfnILEfBf59aG6d5U6ZzOF7USbbfutCQl8TaZhfwjzstuWhuqbNecRfHwBJKbOsvLuZoe7NQlx4&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1694656113351 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-df4ff2cd-aaff-4ce9-a554-f6fd7dfd62af-004?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmR4-6GT-ryhOkHxUfkSae-oPvmnunGKjb5CSA8OCB8BJJCkDHKSHNUozP1bwqQVlZMFCprd6OrlcfnILEfBf59aG6d5U6ZzOF7USbbfutCQl8TaZhfwjzstuWhuqbNecRfHwBJKbOsvLuZoe7NQlx4%26google_hm%3DBN9P8s2q_0zppVT2_X39Yq8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmR4-6GT-ryhOkHxUfkSae-oPvmnunGKjb5CSA8OCB8BJJCkDHKSHNUozP1bwqQVlZMFCprd6OrlcfnILEfBf59aG6d5U6ZzOF7USbbfutCQl8TaZhfwjzstuWhuqbNecRfHwBJKbOsvLuZoe7NQlx4&google_hm=BN9P8s2q_0zppVT2_X39Yq8
Request Chain 246
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEJQuNIR_CXRJoQE9truKhDM&google_cver=1&google_push=AXcoOmSLLjYk00nAbAa25cE8a1wjTr27HZRa-StLkQUdOihhohaJgsalcAhICOfV1jd1FPGFThZVTxTOMNSzKos8EsiUug0U67kZn91ZwPNxyYSJRLEZ5IRS2arsTCz9H25J78ctYun-UHI2nmurTu1CvlU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmSLLjYk00nAbAa25cE8a1wjTr27HZRa-StLkQUdOihhohaJgsalcAhICOfV1jd1FPGFThZVTxTOMNSzKos8EsiUug0U67kZn91ZwPNxyYSJRLEZ5IRS2arsTCz9H25J78ctYun-UHI2nmurTu1CvlU&google_hm=MjY0NTMyMTQ1OTYyNTcxNjkwNQ%3D%3D
Request Chain 250
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=CZmBLbmYCZdfRO4uT9fwPo5mtgA398Jn7cqqatu6EEvfn7eOVDhABINrXxTlgpdiTgJABoAGhwJjxKMgBCakC4jO8piF1gj7gAgCoAwHIA8sEqgSxAk_QJ1C64cNL9HJSpvpuDgNpv9N9aAMrcTpDziEeLH3KVhF5nPCtge3oVupf9bGb2-o9xaEyNowJFqV3qBHPJU2aEACxQI2RNkh5lTPAd82pzLUJUeY-MSTPFNiKzoTWHfY-s12HwLPELFm7onHzscKEcJq6qMYntye61kihY6NochHgTS-Mtz6Ybqxd5vg6VhOoh2wm_eT9h5bBq78pCJ8w2Nb3dWspUbJF0y5ts7A3C_l-S9o-rCz9W1nkHGWuGoYTDug0DorE9UCsTAxN5JC8-De5zDgTG0DLQ-U_Hd9cKTNtVlPk7LNYQK884Slzrr7s9708ctf6-jpjM9pjdJEo_1XdfYtpEDtP9azuefShXQuNEMkRMaxSGP-ZoUbUDNhDxcOPQQFtDPwU-YBajKgUwASRq8jYtQTgBAGIBer_vpxMkgUECAQYAZIFBAgFGASgBi6AB9yp5ZIEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEEPvmFdIIFAiAYRABGB0yAooCOgKAQEi9_cE6mgmAAmh0dHBzOi8vd3d3LnRlbXUuY29tL2F1L2t1aXBlci91bjEuaHRtbD9zdWJqPWZlZWQtdW4mX2JnX2ZzPTEmX3BfbWF0MV90eXBlPTEmX3BfanVtcF9pZD03MjUmX3hfdnN0X3NjZW5lPWFkZyZsb2NhbGVfb3ZlcnJpZGU9MTJ-ZW5-QVVEJmdvb2RzX2lkPTYwMTA5OTUxMjU2MDUxMCZfcF9yZnM9MSZfeF9hZHNfc3ViX2NoYW5uZWw9b3RoZXImX3hfYWRzX2NoYW5uZWw9Z29vZ2xlJl94X2JnX2FkaWQ9Z2Q5NTQ5MjAtMSZ0b3BpY19jbGFzc2lmeT0xMDmACgPICwHaDBEKCxCA3Y-p1JP9xPABEgIBA9gTC9AVAYAXAbIXHgocCAASFHB1Yi04MDYxOTQ2NDEzNTM3OTg0GLrIFw&sigh=HsFDwrPnh_o&uach_m=[UACH]&ase=2&cid=CAQSPABpAlJWPBgQ_9idcbexVRYjv5CQA9Tu5ljp8iRKClFqZzeWr7nq_v_psMhAgYj6WzWLYj55AOsM5PSH6RgB&template_id=494&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x6307d4f6c7afd98b0000000000000000%22,%222%22:%220xc79384e225a96fce0000000000000000%22,%223%22:%220xf8a29f5bcaa578de0000000000000000%22,%224%22:%220xb489a1a5c36bf6b00000000000000000%22,%225%22:%220x1464f4dc0a2673b70000000000000000%22},%22debug_key%22:%225870337267465006450%22,%22debug_reporting%22:true,%22destination%22:%22https://temu.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210974797857%22],%224%22:[%2209-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212095246875033749057%22}&andc=true
Request Chain 251
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEJV9ae_1rDvne7NJRQ-DS4Q&google_cver=1&google_push=AXcoOmS7JEw4eFtD9GUUfO_rv4heFNBwZas8aTW13Hz2YsHs_gVI0ipScCrrO_nHL2TT0aHzkvY16ek_hSMoyLyZ6pGZrw23al82sdFl4GeI1_xp3pWBgGbFUYk9fBsJRFpD4qX_CTQrhuR0EtZRjQRgQKI&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmS7JEw4eFtD9GUUfO_rv4heFNBwZas8aTW13Hz2YsHs_gVI0ipScCrrO_nHL2TT0aHzkvY16ek_hSMoyLyZ6pGZrw23al82sdFl4GeI1_xp3pWBgGbFUYk9fBsJRFpD4qX_CTQrhuR0EtZRjQRgQKI%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJV9ae_1rDvne7NJRQ-DS4Q&google_cver=1&google_push=AXcoOmS7JEw4eFtD9GUUfO_rv4heFNBwZas8aTW13Hz2YsHs_gVI0ipScCrrO_nHL2TT0aHzkvY16ek_hSMoyLyZ6pGZrw23al82sdFl4GeI1_xp3pWBgGbFUYk9fBsJRFpD4qX_CTQrhuR0EtZRjQRgQKI&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmS7JEw4eFtD9GUUfO_rv4heFNBwZas8aTW13Hz2YsHs_gVI0ipScCrrO_nHL2TT0aHzkvY16ek_hSMoyLyZ6pGZrw23al82sdFl4GeI1_xp3pWBgGbFUYk9fBsJRFpD4qX_CTQrhuR0EtZRjQRgQKI%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 252
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESECVSY5aBN_44hHtjNgLdWGM&google_cver=1&google_push=AXcoOmSjQqRSZ_uOrmbWhkyhdlOD0qod733lCbuj7W8lS69-dcxqvtXURM7miObIR7u6eHVMc_PIqL3lwI2TlH6hb4zhIMrGFUlQu0mi_ySFBQC7cCVhJsNeN4Lk0UTHxySt0eeUpLvNoM6VEUTKaI8PG9Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmSjQqRSZ_uOrmbWhkyhdlOD0qod733lCbuj7W8lS69-dcxqvtXURM7miObIR7u6eHVMc_PIqL3lwI2TlH6hb4zhIMrGFUlQu0mi_ySFBQC7cCVhJsNeN4Lk0UTHxySt0eeUpLvNoM6VEUTKaI8PG9Q
Request Chain 253
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHd2lr02Ju0XLNU3Cy-79O4&google_cver=1&google_push=AXcoOmTw9ZJI8HPAVDUXOEatdnl_PRY7brsFOm9yjEo7tVRY6dCdie_6Cqna0RrIrm-jAMpSREgd4YnhgjO8yV8Iw3FoSznajycnhWlBVeoANM78N22pltLhBBiyxkZR6xytsq_5OA_q4YqZxMU1eDgbD7M HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEHd2lr02Ju0XLNU3Cy-79O4&google_cver=1&google_push=AXcoOmTw9ZJI8HPAVDUXOEatdnl_PRY7brsFOm9yjEo7tVRY6dCdie_6Cqna0RrIrm-jAMpSREgd4YnhgjO8yV8Iw3FoSznajycnhWlBVeoANM78N22pltLhBBiyxkZR6xytsq_5OA_q4YqZxMU1eDgbD7M HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTYzNjk4NDUzMTg3OTYxNTI0Mw&google_push=AXcoOmTw9ZJI8HPAVDUXOEatdnl_PRY7brsFOm9yjEo7tVRY6dCdie_6Cqna0RrIrm-jAMpSREgd4YnhgjO8yV8Iw3FoSznajycnhWlBVeoANM78N22pltLhBBiyxkZR6xytsq_5OA_q4YqZxMU1eDgbD7M
Request Chain 254
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEHnFwq-cIUkX2EAnxIfDt4s&google_cver=1&google_push=AXcoOmSR2eN6J5iDK0DcwxTH-vYzB0TosblEQ9ZWpRSW6cuaXqBNjiyrlT6ZJvY0HUNyjKNuWlfP7W0Trr-zaV4vUL2haW9HGstDcBvhj2phzRS3ezNtHad4R7KAflSfASLsobHqra2kSW7EBrkPi9tOOw HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEHnFwq-cIUkX2EAnxIfDt4s&google_cver=1&google_push=AXcoOmSR2eN6J5iDK0DcwxTH-vYzB0TosblEQ9ZWpRSW6cuaXqBNjiyrlT6ZJvY0HUNyjKNuWlfP7W0Trr-zaV4vUL2haW9HGstDcBvhj2phzRS3ezNtHad4R7KAflSfASLsobHqra2kSW7EBrkPi9tOOw&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=sRXgCOExQta_rC5JrF4oow%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmSR2eN6J5iDK0DcwxTH-vYzB0TosblEQ9ZWpRSW6cuaXqBNjiyrlT6ZJvY0HUNyjKNuWlfP7W0Trr-zaV4vUL2haW9HGstDcBvhj2phzRS3ezNtHad4R7KAflSfASLsobHqra2kSW7EBrkPi9tOOw
Request Chain 255
  • https://sync.dsp.reemo-ad.jp/google_adx?google_gid=CAESEC64ao3Boxlre6rV2inbmQo&google_cver=1&google_push=AXcoOmT1LbKx16QnYtVEAygqROHTPMqbovMv6zLBlrcSPHjGQx6RG5KqXUKJuYoZhvox0Nhh6XJ7WZSoGlhDfCGh66I2_qjJcJi8d4EnyOFC7-KQs1tOhTuj0DpEpMMBbPPCGA7jYMWd8AFlsNNvnLo3c6E HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=gmo_ad_marketing&google_push=AXcoOmT1LbKx16QnYtVEAygqROHTPMqbovMv6zLBlrcSPHjGQx6RG5KqXUKJuYoZhvox0Nhh6XJ7WZSoGlhDfCGh66I2_qjJcJi8d4EnyOFC7-KQs1tOhTuj0DpEpMMBbPPCGA7jYMWd8AFlsNNvnLo3c6E
Request Chain 256
  • https://cs.media.net/cksync?type=g&google_gid=CAESEP4Qeza85NyJLlZhDKwFSUQ&google_cver=1&google_push=AXcoOmSp3Jm1VohWG5LLCcDWj59D4ZK8tZIM-MUBc04ITUpPxmKOBqQe1XQ9Lvr0aIqZky6JDN4_ttaR-is44Y7KGptmGi8Ev9PY6fdAXguPmsVoEkoZ5LboRjveUR3_VV_Qt8CEIpZmDuXI5kaIh7SKfw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzM3NjU3NzEyMjg4OTk1NzAwMFYxMA%3d%3d&mn_hm=MzM3NjU3NzEyMjg4OTk1NzAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmSp3Jm1VohWG5LLCcDWj59D4ZK8tZIM-MUBc04ITUpPxmKOBqQe1XQ9Lvr0aIqZky6JDN4_ttaR-is44Y7KGptmGi8Ev9PY6fdAXguPmsVoEkoZ5LboRjveUR3_VV_Qt8CEIpZmDuXI5kaIh7SKfw&gdpr=&gdpr_consent=
Request Chain 263
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=CK5CBbmYCZdjRO4uT9fwPo5mtgA398Jn7cqqatu6EEvfn7eOVDhABINrXxTlgpdiTgJABoAGhwJjxKMgBCakC4jO8piF1gj7gAgCoAwHIA8sEqgS0Ak_QeqF7_idA3tGt9TuhJpNlQnNw7OjkGNlhqilTEwVdqB7XsZbI-ftHxFIKp-NJ_F6JJsrLXwYEL9c2K2XjuXNtAHaeyWp-7BBDjuJJHke_IMzGukgy1v_om5GUbhFvRu_qI4xql-FT55jF-mqPftDVPKrRgU5rRZOOdPTdlTotDs2vuM23fMbrQP0rO4q-PkYoEPYLipzPxtDbnHHRY27cJumRW1LqIHp7orivNg06_D0kYIcIoCJePVJ6JHaeJLrW3ZoBGyH59VT7e2AewjcdKOfu0_T_Kkk_2pUfVRjIrThvyju87FZOp8Y-c2z642nK0_mR3-bpWz8nGaeFqNkILJXcY4gwmugsn4A2ZQNIigV1KzaH9l6Iq65igZHDx3g2bRpgOycJWC5JkqkiX3pQANoSwASRq8jYtQTgBAGIBer_vpxMkgUECAQYAZIFBAgFGASgBi6AB9yp5ZIEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEEI7WEtIIFAiAYRABGB0yAooCOgKAQEi9_cE6mgmAAmh0dHBzOi8vd3d3LnRlbXUuY29tL2F1L2t1aXBlci91bjEuaHRtbD9zdWJqPWZlZWQtdW4mX2JnX2ZzPTEmX3BfbWF0MV90eXBlPTEmX3BfanVtcF9pZD03MjUmX3hfdnN0X3NjZW5lPWFkZyZsb2NhbGVfb3ZlcnJpZGU9MTJ-ZW5-QVVEJmdvb2RzX2lkPTYwMTA5OTUxMjU2MDUxMCZfcF9yZnM9MSZfeF9hZHNfc3ViX2NoYW5uZWw9b3RoZXImX3hfYWRzX2NoYW5uZWw9Z29vZ2xlJl94X2JnX2FkaWQ9Z2Q5NTQ5MjAtMSZ0b3BpY19jbGFzc2lmeT0xMDmACgPICwHaDBAKChDA7oS2i5-ipFASAgED2BML0BUBgBcBshceChwIABIUcHViLTgwNjE5NDY0MTM1Mzc5ODQYusgX&sigh=dcq5BsFZwAc&uach_m=[UACH]&ase=2&cid=CAQSPABpAlJWPBgQ_9idcbexVRYjv5CQA9Tu5ljp8iRKClFqZzeWr7nq_v_psMhAgYj6WzWLYj55AOsM5PSH6RgB&template_id=494&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x6307d4f6c7afd98b0000000000000000%22,%222%22:%220xc79384e225a96fce0000000000000000%22,%223%22:%220xf8a29f5bcaa578de0000000000000000%22,%224%22:%220xb489a1a5c36bf6b00000000000000000%22,%225%22:%220x1464f4dc0a2673b70000000000000000%22},%22debug_key%22:%228491682790207837887%22,%22debug_reporting%22:true,%22destination%22:%22https://temu.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210974797857%22],%224%22:[%2209-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215037352645766079761%22}&andc=true
Request Chain 269
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=C91bGgveXU4Q3VkbDopGGA7RWhwQ2lwaW96lXASA
Request Chain 270
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4379871299077307740&gdpr=0&gdpr_consent=
Request Chain 271
  • https://cm.ambientdsp.com/cm/send?vc=pmj HTTP 301
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=11kne88azrjt
Request Chain 272
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 273
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZQJmcQAM9T8cEAA4
Request Chain 274
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=VvsKSL_3W_1J1MHeEqGRKkLLcKM&gdpr=0&gdpr_consent=
Request Chain 275
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=zds0bu1aqbzg
Request Chain 276
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=c_-cTYnxAzadpf14cWYCZQ
Request Chain 278
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=d31b7a23f29a4eeab6a79cd421f336fe
Request Chain 279
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU489c8cb04f91409dbb7572840d533805
Request Chain 282
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=d059c4b0-52a0-11ee-9e0c-a3ac6c916c1d
Request Chain 283
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 285
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 287
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:pxhedKI41QGBt75&gdpr=0&gdpr_consent=
Request Chain 288
  • https://live.primis.tech/live/liveCS.php?source=external&advId=91&advUuid=B115E008-E131-42D6-BFAC-2E49AC5E28A3 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1402230080&3rdpcid=B115E008-E131-42D6-BFAC-2E49AC5E28A3
Request Chain 289
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=sRXgCOExQta_rC5JrF4oow%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 290
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=B115E008-E131-42D6-BFAC-2E49AC5E28A3 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=B115E008-E131-42D6-BFAC-2E49AC5E28A3 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=0bf384ec-3e55-4143-b8a3-c95771ca98f2%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=8fe62721-aec1-4b0f-a07d-1b94d52b81c8&ttd_puid=0bf384ec-3e55-4143-b8a3-c95771ca98f2%2C%2C
Request Chain 293
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QjExNUUwMDgtRTEzMS00MkQ2LUJGQUMtMkU0OUFDNUUyOEEz&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 294
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENwh-2kP4iZ4oWEpEPEjPVw&google_cver=1
Request Chain 297
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=8fe62721-aec1-4b0f-a07d-1b94d52b81c8&gdpr=0&gdpr_consent=
Request Chain 298
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=B115E008-E131-42D6-BFAC-2E49AC5E28A3&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-.4S1U4NE2uVASKNzg8OLMI4yExvbe7I-~A&gdpr=0
Request Chain 299
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=0bc62ef8-a900-415e-a8df-5e231d2f7482&ssp=pubmatic
Request Chain 300
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8910062125720193014
Request Chain 301
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3827492168432486143&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=B115E008-E131-42D6-BFAC-2E49AC5E28A3&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=45bd8a72477e253a&is_secure=true&networkId=17100&version=1&nuid=B115E008-E131-42D6-BFAC-2E49AC5E28A3&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMJ34GzC_34QMjSScsAAAAAAA&expiration=1694742514&nuid=B115E008-E131-42D6-BFAC-2E49AC5E28A3&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 303
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4379871299077307740
Request Chain 307
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=23&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=77b3c2d8-e315-42f4-8744-a4b680ab56cc-65026671-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D77b3c2d8-e315-42f4-8744-a4b680ab56cc-65026671-5553%26partner_url%3Dhttps%253A%252F%252Fce.lijit.com%252Fmerge%253Fpid%253D16%25263pid%253D77b3c2d8-e315-42f4-8744-a4b680ab56cc-65026671-5553%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=77b3c2d8-e315-42f4-8744-a4b680ab56cc-65026671-5553&partner_url=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D16%263pid%3D77b3c2d8-e315-42f4-8744-a4b680ab56cc-65026671-5553%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://ce.lijit.com/merge?pid=16&3pid=77b3c2d8-e315-42f4-8744-a4b680ab56cc-65026671-5553&gdpr=0&gdpr_consent=
Request Chain 308
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LMIIHS1V-P-5LTY&gdpr=0
Request Chain 309
  • https://s.amazon-adsystem.com/x/ae12848777b41970a5f2?gdpr=0&gdpr_consent= HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=0&gdpr_consent=&dcc=t
Request Chain 310
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=SFVUc1JUWkh6UlRaZGt2ZlNkdVNmUk1W&gdpr=0
Request Chain 311
  • https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=27&3pid=8fe62721-aec1-4b0f-a07d-1b94d52b81c8&gdpr=0&gdpr_consent=
Request Chain 313
  • https://sync.1rx.io/usersync2/rmpssp?sub=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=sovrn&zcc=1&cb=1694656113477 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=4845034350 HTTP 302
  • https://sync.1rx.io/usersync/turn/3755434574394558207?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-733db2ff-9718-4cc6-97df-a1f9e154259a-004?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3376577122889957000V10%26type%3Dr1%26refUrl%3D%26vid%3D46561142953376577122889957000V10%26ovsid%3DRX-733db2ff-9718-4cc6-97df-a1f9e154259a-004 HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3376577122889957000V10&type=r1&refUrl=&vid=46561142953376577122889957000V10&ovsid=RX-733db2ff-9718-4cc6-97df-a1f9e154259a-004
Request Chain 314
  • https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=87&3pid=9259014c-5d45-41f3-9442-0a177be36a87
Request Chain 315
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=HUTsRTZHzRTZdkvfSduSfRMV&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=84&3pid=c:660de2c5071f8506e774ec455a572246
Request Chain 316
  • https://um.simpli.fi/lj_match?r=1694656113222&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=62585BD686A14631B68DFA0C90655AFC
Request Chain 326
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZQJmcK6YaIc9CuPdC5Nm1wAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAq-_HpEy50SZAVVjpYXsmE&google_cver=1
Request Chain 327
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=8fe62721-aec1-4b0f-a07d-1b94d52b81c8&expiration=1697248113&gdpr=0&gdpr_consent=
Request Chain 328
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZQJmcK6YaIc9CuPdC5Nm1wAAElEAAAAB&gpp=&gpp_sid= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZQJmcK6YaIc9CuPdC5Nm1wAAElEAAAAB&gpp=&gpp_sid=&dcc=t
Request Chain 329
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZQJmcK6YaIc9CuPdC5Nm1wAAElEAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEG7yksv3rFrw_nuPJkoMbnU&google_cver=1
Request Chain 330
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZQJmcK6YaIc9CuPdC5Nm1wAAElEAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=61a0f1b13e777ee04eb4b6576c80bba&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3d&34673=ZQJmcK6YaIc9CuPdC5Nm1wAAElEAAAAB&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=umw8f0c_7279619612244916178&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=8fe62721-aec1-4b0f-a07d-1b94d52b81c8&gdpr=0&gdpr_consent= HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=61a0f1b13e777ee04eb4b6576c80bba&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3d&892=8fe62721-aec1-4b0f-a07d-1b94d52b81c8&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=umw8f0c_7279619612244917751&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=NjFhMGYxYjEzZTc3N2VlMDRlYjRiNjU3NmM4MGJiYQ==&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEELEjc1AbK4e7EHqWeeDTBs&google_cver=1&gdpr=0&gdpr_consent= HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=61a0f1b13e777ee04eb4b6576c80bba&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3d&159=CAESEELEjc1AbK4e7EHqWeeDTBs&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=umw8f0c_7279619612244917751&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=8fe62721-aec1-4b0f-a07d-1b94d52b81c8&gdpr=0&gdpr_consent= HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=61a0f1b13e777ee04eb4b6576c80bba&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3d&892=8fe62721-aec1-4b0f-a07d-1b94d52b81c8&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=umw8f0c_7279619612244917751&gdpr=0&gdpr_consent= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/61a0f1b13e777ee04eb4b6576c80bba?gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-_o9BD3BE2oOq2iiWrOy_SBOC.t3C0iwuDTgMNU5J~A
Request Chain 331
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=6925968712063387391
Request Chain 343
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&gdpr=0&gdpr_consent=&google_hm=NTFiYzY3OTEtOTIyYS00NzA3LWE0MzAtMDJlOWU2OTY4YTU5 HTTP 302
  • https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
Request Chain 344
  • https://s.ad.smaato.net/c/?adExInit=s&redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DxTFJbLbs37tyhbKsPP9VC2cm%26source_user_id%3D%24UID HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=xTFJbLbs37tyhbKsPP9VC2cm&source_user_id=59512d83a3
Request Chain 345
  • https://sync.srv.stackadapt.com/sync?nid=15 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=f832af09fdaea37e940528ab&source_user_id=0-56fb0a48-bff7-5bfd-49d4-c1de12a1912a$ip$66.203.112.163&gdpr=&gdpr_consent=
Request Chain 354
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://eb2.3lift.com/xuid?mid=3702&xuid=${ADELPHIC_CUID}&dongle=d54f&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3702&xuid=cac43a95-c82c-4eb6-98d7-a64822e54146&dongle=d54f&gdpr=0&gdpr_consent=
Request Chain 355
  • https://ad.turn.com/r/cs?pid=49&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=4771&xuid=7070083900139243263&dongle=d407&gdpr=0&gdpr_consent=
Request Chain 356
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=PR6DaPhEJScs5_0EgUF8&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5KBJDMRDBKBUEKSSTMNZTKXZQIVTVKRRY&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5KBJDMRDBKBUEKSSTMNZTKXZQIVTVKRRY HTTP 302
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=PR6DaPhEJScs5_0EgUF8
Request Chain 357
  • https://sync.srv.stackadapt.com/sync?nid=13&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2319&xuid=0-56fb0a48-bff7-5bfd-49d4-c1de12a1912a$ip$66.203.112.163&dongle=4430
Request Chain 360
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=83&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=83&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=54f426e3-d5f2-4258-b129-0dc2b4e34473-65026672-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D54f426e3-d5f2-4258-b129-0dc2b4e34473-65026672-5553%26partner_url%3Dhttps%253A%252F%252Feb2.3lift.com%252Fxuid%253Fmid%253D3646%2526xuid%253D54f426e3-d5f2-4258-b129-0dc2b4e34473-65026672-5553%2526dongle%253D1fa5%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=54f426e3-d5f2-4258-b129-0dc2b4e34473-65026672-5553&partner_url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3646%26xuid%3D54f426e3-d5f2-4258-b129-0dc2b4e34473-65026672-5553%26dongle%3D1fa5%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://eb2.3lift.com/xuid?mid=3646&xuid=54f426e3-d5f2-4258-b129-0dc2b4e34473-65026672-5553&dongle=1fa5&gdpr=0&gdpr_consent=
Request Chain 361
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=4504996329023759877773 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=4504996329023759877773&dcc=t
Request Chain 362
  • https://i.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072979&val=pxhedKI41QGBt75
Request Chain 363
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZQJmcQAM9T8cEAA4
Request Chain 364
  • https://tr.blismedia.com/v1/api/sync/openx HTTP 307
  • https://eu-u.openx.net/w/1.0/sd?id=539732443&gdpr=&gdpr_consent=&val=6502667195A4A796B565A0D4BLIS&r=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2Fopenx%3Fpartner_device_id%3D6502667195A4A796B565A0D4BLIS HTTP 302
  • https://tr.blismedia.com/v1/redirect/openx?partner_device_id=6502667195A4A796B565A0D4BLIS HTTP 307
  • https://pixel.rubiconproject.com/exchange/sync.php?p=blismedia HTTP 302
  • https://tr.blismedia.com/v1/dpusync/6?uid=LMIIHS1V-P-5LTY
Request Chain 365
  • https://bk.r-ad.ne.jp/3/cs HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537097918&val=56M1mY00qBDHN006IpUN
Request Chain 369
  • https://rtb.openx.net/sync/dds HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=2G_gb-Drw6wNxhPCoAEk_A==&ox_sc=1&ox_init=1 HTTP 302
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Request Chain 371
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=4259837732660053759&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 378
  • https://idsync.rlcdn.com/712068.gif?partner_uid=d92a179a-512b-4bde-a7d3-e5517625d63a HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CIS7KxIwCiwIARCPoAoaJGQ5MmExNzlhLTUxMmItNGJkZS1hN2QzLWU1NTE3NjI1ZDYzYRAAGg0I8syJqAYSBQjoBxAAQgBKAA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=71eb096a0d62f02a5c309c19bc251318a1f53c3b872a4d6a0f1f53b1ab9a28ff791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA3MWViMDk2YTBkNjJmMDJhNWMzMDljMTliYzI1MTMxOGExZjUzYzNiODcyYTRkNmEwZjFmNTNiMWFiOWEyOGZmNzkxNDI2YjU0MTdkY2UyMRAAGgwI8syJqAYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA3MWViMDk2YTBkNjJmMDJhNWMzMDljMTliYzI1MTMxOGExZjUzYzNiODcyYTRkNmEwZjFmNTNiMWFiOWEyOGZmNzkxNDI2YjU0MTdkY2UyMRAAGgwI8syJqAYSBAgCEABCAEoA&google_gid=CAESEFnQhbzMfnzrQgmaZPD7Yg0&google_cver=1 HTTP 307
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
  • https://idsync.rlcdn.com/458249.gif?partner_uid=1b0e3ee4-ed50-4337-8e6d-26fede73ddc8
Request Chain 379
  • https://ads.stickyadstv.com/auto-user-sync HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=61a0f1b13e777ee04eb4b6576c80bba&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3d HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=umw8f0c_7279619612244917751&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=8fe62721-aec1-4b0f-a07d-1b94d52b81c8&gdpr=0&gdpr_consent= HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=61a0f1b13e777ee04eb4b6576c80bba&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3d&892=8fe62721-aec1-4b0f-a07d-1b94d52b81c8&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=umw8f0c_7279619612244917751&gdpr=0&gdpr_consent= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/61a0f1b13e777ee04eb4b6576c80bba?gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-_o9BD3BE2oOq2iiWrOy_SBOC.t3C0iwuDTgMNU5J~A HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=61a0f1b13e777ee04eb4b6576c80bba&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3d&717=y-_o9BD3BE2oOq2iiWrOy_SBOC.t3C0iwuDTgMNU5J%7EA HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=umw8f0c_7279619612244917751&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=NjFhMGYxYjEzZTc3N2VlMDRlYjRiNjU3NmM4MGJiYQ==&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEELEjc1AbK4e7EHqWeeDTBs&google_cver=1&gdpr=0&gdpr_consent= HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=61a0f1b13e777ee04eb4b6576c80bba&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3d&159=CAESEELEjc1AbK4e7EHqWeeDTBs&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=umw8f0c_7279619612244917751&gdpr=0&gdpr_consent= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/61a0f1b13e777ee04eb4b6576c80bba?gdpr=0&gdpr_consent=
Request Chain 380
  • https://secure.adnxs.com/getuid?https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=$UID HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=4379871299077307740
Request Chain 381
  • https://sync.1rx.io/usersync2/sharethrough HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=1079788865 HTTP 302
  • https://sync.1rx.io/usersync/turn/7430371870328882943?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-733db2ff-9718-4cc6-97df-a1f9e154259a-004?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3376577122889957000V10%26type%3Dr1%26refUrl%3D%26vid%3D46561142953376577122889957000V10%26ovsid%3DRX-733db2ff-9718-4cc6-97df-a1f9e154259a-004 HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3376577122889957000V10&type=r1&refUrl=&vid=46561142953376577122889957000V10&ovsid=RX-733db2ff-9718-4cc6-97df-a1f9e154259a-004
Request Chain 382
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=8fe62721-aec1-4b0f-a07d-1b94d52b81c8&gdpr=0&gdpr_consent=
Request Chain 383
  • https://match.prod.bidr.io/cookie-sync/shr?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/shr?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFaG0wN0tCTTBBQUNUbEdfR253UQ&gdpr=0&gdpr_consent=&bee_sync_partners=pm%2Cpp%2Csas%2Cshr&bee_sync_current_partner=adx&bee_sync_initiator=shr&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pm%2Cpp%2Csas%2Cshr&bee_sync_current_partner=adx&bee_sync_initiator=shr&bee_sync_hop_count=1 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFQWE7KBM0AACRJppVvKw&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Csas%252Cshr%26bee_sync_current_partner%3Dpm%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Csas%2Cshr&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2 HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AAFQWE7KBM0AACRJppVvKw&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cshr%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cshr&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAFQWE7KBM0AACRJppVvKw&pid=558502&do=add&gdpr=0 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAFQWE7KBM0AACRJppVvKw&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dshr%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=shr&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=4&userid=2645321459625716905&gdpr=0&gdpr_consent= HTTP 303
  • https://match.sharethrough.com/sync/v1?source_id=vyXkw8rSq3j4JmKvTgxR3x1c&source_user_id=AAFQWE7KBM0AACRJppVvKw&gdpr=0
Request Chain 387
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4379871299077307740
Request Chain 388
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZQJmcK6YaIc9CuPdC5Nm1wAAElEAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZQJmcK6YaIc9CuPdC5Nm1wAAElEAAAAB
Request Chain 389
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAI6YU7KBM0AACR-q6IW4A&expiration=1695865714
Request Chain 390
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZQJmcQAM9T8cEAA4
Request Chain 391
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZQJmcK6YaIc9CuPdC5Nm1wAA%264689?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZQJmcK6YaIc9CuPdC5Nm1wAA%264689
Request Chain 392
  • https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=2645321459625716905&gdpr=0&gdpr_consent=
Request Chain 393
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4187780138622125823
Request Chain 394
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZQJmcK6YaIc9CuPdC5Nm1wAAElEAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEG7yksv3rFrw_nuPJkoMbnU&google_cver=1
Request Chain 396
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=KYBWCbN0R_-RqEukiD3x-w&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=KYBWCbN0R_-RqEukiD3x-w
Request Chain 397
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/Y80wzcSbT78x_sbtNPvusw?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-CORx_49E2oKkaSpRSv.kJ05PTCRieGfZ2Klf9g--~A
Request Chain 398
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=8fe62721-aec1-4b0f-a07d-1b94d52b81c8&gdpr=0&gdpr_consent=&expires=30
Request Chain 399
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Qpn5uBcRS7-ZkyxUMm_qTw&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Qpn5uBcRS7-ZkyxUMm_qTw
Request Chain 400
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZWU4ZGQ5ZGQyZDhlOGI3ODhmYzM2NTczMGE3NTIzZTczZDY0YmM5OA
Request Chain 401
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDM_RW9xlSsYjgTE53qzbW8&google_cver=1
Request Chain 402
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LMIIHS1V-P-5LTY
Request Chain 403
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE1JSUhTMVYtUC01TFRZ HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEImAXklDfMlHUGppMT72vpY&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE1JSUhTMVYtUC01TFRZ&google_push=
Request Chain 406
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=medianet
Request Chain 407
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3376577122889957000V10%26type%3Drkt%26refUrl%3D%26vid%3D46561142953376577122889957000V10%26ovsid%3D%7Buserid%7D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3376577122889957000V10&type=rkt&refUrl=&vid=46561142953376577122889957000V10&ovsid=2018245966358085774
Request Chain 409
  • https://sync.go.sonobi.com/us?https://contextual.media.net/cksync.php?cs=8&vsid=3376577122889957000V10&type=son&refUrl=&vid=46561142953376577122889957000V10&ovsid=[UID] HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3376577122889957000V10&type=son&refUrl=&vid=46561142953376577122889957000V10&ovsid=26316e79-f7fe-484b-8290-f2925053d4f6
Request Chain 410
  • https://medianet-match.dotomi.com/match/bounce/current?version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3376577122889957000V10%26type%3Dcon%26refUrl%3D%26vid%3D46561142953376577122889957000V10%26ovsid%3D%24UID HTTP 302
  • https://medianet-match.dotomi.com/match/bounce/current?DotomiTest=a4058f6ef54253a&is_secure=true&version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3376577122889957000V10%26type%3Dcon%26refUrl%3D%26vid%3D46561142953376577122889957000V10%26ovsid%3D%24UID HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3376577122889957000V10&type=con&refUrl=&vid=46561142953376577122889957000V10&ovsid=AAANT27vaAWuAANA1MiOAAAAAAA&expiration=1694742514&is_secure=true
Request Chain 411
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3376577122889957000V10%26type%3Dopx%26refUrl%3D%26vid%3D46561142953376577122889957000V10%26ovsid%3D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3376577122889957000V10&type=opx&refUrl=&vid=46561142953376577122889957000V10&ovsid=cf1503cc-e26d-4062-88fd-211bc1f78c9a
Request Chain 412
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3376577122889957000V10%26type%3Dr1%26refUrl%3D%26vid%3D46561142953376577122889957000V10%26ovsid%3D%5BRX_UUID%5D HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=6761372214 HTTP 302
  • https://sync.1rx.io/usersync/turn/3984833381878859519?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-733db2ff-9718-4cc6-97df-a1f9e154259a-004?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3376577122889957000V10%26type%3Dr1%26refUrl%3D%26vid%3D46561142953376577122889957000V10%26ovsid%3DRX-733db2ff-9718-4cc6-97df-a1f9e154259a-004 HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3376577122889957000V10&type=r1&refUrl=&vid=46561142953376577122889957000V10&ovsid=RX-733db2ff-9718-4cc6-97df-a1f9e154259a-004
Request Chain 413
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3376577122889957000V10%26type%3Ddxu%26refUrl%3D%26vid%3D46561142953376577122889957000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3376577122889957000V10&type=dxu&refUrl=&vid=46561142953376577122889957000V10&ovsid=pxhedKI41QGBt75
Request Chain 414
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}&gpp=&gpp_sid=&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=5ad7e647-26b3-46c1-a65b-3b39a5531475&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 415
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=bdc66407-e883-4535-97dc-d865405e8882&ssp=medianet&gdpr=0&gdpr_consent=
Request Chain 416
  • https://b1sync.zemanta.com/usersync/medianet/?puid=${VSID}&cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dzem%26ovsid%3D__ZUID__https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3376577122889957000V10%26type%3Dzem%26refUrl%3D%26vid%3D46561142953376577122889957000V10%26ovsid%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=a3VMpG-DQSOzva5Gsq4y&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2MJGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPLBGNLE24CHFVCFCU2PPJ3GCNKHONYTI6LIOR2HA4ZFGNASKMSGEUZEMY3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIJJSIZRWW43ZNZRS44DIOASTGRTDOMSTGRBYEZXXM43JMQ6V6X22KVEUIX27EZZGKZSVOJWD2JTUPFYGKPL2MVWSM5DZOBST26TFNUTHM2LEHU2DMNJWGEYTIMRZGUZTGNZWGU3TOMJSGI4DQOJZGU3TAMBQKYYTAJTWONUWIPJTGM3TMNJXG4YTEMRYHA4TSNJXGAYDAVRRGA HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2MJGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPLBGNLE24CHFVCFCU2PPJ3GCNKHONYTI6LIOR2HA4ZFGNASKMSGEUZEMY3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIJJSIZRWW43ZNZRS44DIOASTGRTDOMSTGRBYEZXXM43JMQ6V6X22KVEUIX27EZZGKZSVOJWD2JTUPFYGKPL2MVWSM5DZOBST26TFNUTHM2LEHU2DMNJWGEYTIMRZGUZTGNZWGU3TOMJSGI4DQOJZGU3TAMBQKYYTAJTWONUWIPJTGM3TMNJXG4YTEMRYHA4TSNJXGAYDAVRRGA HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&ovsid=a3VMpG-DQSOzva5Gsq4yhttps%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8&ovsid=__ZUID__&refUrl=&type=zem&type=zem&vid=46561142953376577122889957000V10&vsid=3376577122889957000V10
Request Chain 417
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3376577122889957000V10 HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3376577122889957000V10 HTTP 302
  • https://contextual.media.net/cksync.php?type=mf&ovsid=1d26a40e-5f61-4df7-815a-249f7e5e2302&cs=1
Request Chain 419
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=8fe62721-aec1-4b0f-a07d-1b94d52b81c8
Request Chain 420
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1710380914&external_user_id=523937bd-889d-4bbd-b005-e75b74a013fa
Request Chain 421
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=62585BD686A14631B68DFA0C90655AFC
Request Chain 422
  • https://sync.srv.stackadapt.com/sync?nid=68 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=VvsKSL_3W_1J1MHeEqGRKkLLcKM
Request Chain 423
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=yJl0XsiacgrTmXZfzc5pXM2VdVjTnnNemJoUHJxe
Request Chain 424
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZQJmcQAM9T8cEAA4
Request Chain 425
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZQJmcK6YaIc9CuPdC5Nm1wAAElEAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEG7yksv3rFrw_nuPJkoMbnU&google_cver=1
Request Chain 426
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4379871299077307740
Request Chain 427
  • https://trace.mediago.io/ju/cs/indexexchange HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=e2eacde4ba85ddbf00a5bdad6c78b58b
Request Chain 430
  • https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&khaos=LMIIHS1V-P-5LTY HTTP 302
  • https://contextual.media.net/cksync.php?type=rbcn&ovsid=LMIIHS1V-P-5LTY
Request Chain 434
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp HTTP 303
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1 HTTP 303
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAFQWE7KBM0AACRJppVvKw&expires=30
Request Chain 435
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LMIIHS1V-P-5LTY HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LMIIHS1V-P-5LTY HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1709765917%26mi%3D10%26csh%3D793790479%26rnd%3D1831884150&pcid=$UID HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1709765917&mi=10&csh=793790479&rnd=1831884150&pcid=4379871299077307740 HTTP 302
  • https://x.bidswitch.net/sync?ssp=sekindo&r=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1267919208%26mi%3D10%26csh%3D793790479%3B1709765917%26rnd%3D107371069%26pcid%3D
Request Chain 436
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LMIIHS1V-P-5LTY&redir=true
Request Chain 437
  • https://token.rubiconproject.com/token?pid=37556&a=1 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LMIIHS1V-P-5LTY
Request Chain 438
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LMIIHS1V-P-5LTY
Request Chain 439
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=04b5448b-5f47-4bdd-b1f8-4c0eedfda15d&expires=30
Request Chain 440
  • https://c1.adform.net/serving/cookie/match?party=1164 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=1636984531879615243
Request Chain 441
  • https://sync.srv.stackadapt.com/sync?nid=14 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=VvsKSL_3W_1J1MHeEqGRKkLLcKM
Request Chain 446
  • https://cms.quantserve.com/pixel/p-N04C2m09Yy8f8.gif?idmatch=0&gdpr=&gdpr_consent=&us_privacy=&redir= HTTP 302
  • https://s2s.t13.io/setuid?bidder=quantcastfsx&gdpr=0&uid=DBo6DQwZPFkXGjgMCU0nDwkWOwsXHT0NXBkErh93
Request Chain 449
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://s2s.t13.io/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=i&uid=4379871299077307740
Request Chain 456
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=2018245966358085774
Request Chain 457
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1504602227 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/8fe62721-aec1-4b0f-a07d-1b94d52b81c8 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-733db2ff-9718-4cc6-97df-a1f9e154259a-004?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-733db2ff-9718-4cc6-97df-a1f9e154259a-004 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-733db2ff-9718-4cc6-97df-a1f9e154259a-004
Request Chain 458
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:62585BD686A14631B68DFA0C90655AFC&gdpr=0&gdpr_consent=
Request Chain 459
  • https://live.primis.tech/live/liveCS.php?source=external&advId=91&advUuid=B115E008-E131-42D6-BFAC-2E49AC5E28A3 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1402230080&3rdpcid=B115E008-E131-42D6-BFAC-2E49AC5E28A3 HTTP 302
  • https://u.openx.net/w/1.0/cm?id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1486637409%26mi%3D10%26csh%3D793790479%26rnd%3D1075362375%26pcid%3D HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1486637409&mi=10&csh=793790479&rnd=1075362375&pcid=f09c8ce3-052b-4271-afd7-c9569f505d53 HTTP 302
  • https://ads.yieldmo.com/pbsync?redirectUri=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1868283820%26mi%3D10%26csh%3D793790479%3B1486637409%26rnd%3D-481747917%26pcid%3D%24UID HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1868283820&mi=10&csh=793790479;1486637409&rnd=-481747917&pcid=3RiEKkZCCAZthjlkRpSu HTTP 302
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D259151345%26mi%3D10%26csh%3D793790479%3B1486637409%3B1868283820%26rnd%3D1446596794%26pcid%3D$UID HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=259151345&mi=10&csh=793790479;1486637409;1868283820&rnd=1446596794&pcid=4504996329023759877773 HTTP 302
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1881119486%26mi%3D10%26csh%3D793790479%3B1486637409%3B1868283820%3B259151345%26rnd%3D1264497559%26pcid%3D%5Bsas_uid%5D HTTP 302
  • https://sync.smartadserver.com/getuid?url=https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1881119486&mi=10&csh=793790479;1486637409;1868283820;259151345&rnd=1264497559&pcid=[sas_uid]&cklb=1
Request Chain 460
  • https://idsync.rlcdn.com/420486.gif?partner_uid=B115E008-E131-42D6-BFAC-2E49AC5E28A3 HTTP 307
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=52ff1535-842a-4ce2-b4cb-df864a837f9e

471 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.turtlediary.com/
Redirect Chain
  • http://turtlediary.com/
  • https://www.turtlediary.com/
173 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-107.syd1.r.cloudfront.net
Software
Apache/2.4.54 (Unix) OpenSSL/1.1.1n / PHP/7.4.14
Resource Hash
068b1844a7bf0f2db5f33f3ac2e20980733ae1d3feae0c6c0637cb68f0d0b10d
Security Headers
Name Value
X-Frame-Options allow-from SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-headers
Accept, Authorization, Origin, Content-Type
access-control-allow-methods
GET,POST,OPTIONS,DELETE,PUT
access-control-allow-origin
*
age
17985
content-encoding
gzip
content-length
28958
content-type
text/html; charset=UTF-8
date
Wed, 13 Sep 2023 20:48:41 GMT
server
Apache/2.4.54 (Unix) OpenSSL/1.1.1n
vary
Accept-Encoding
via
1.1 eda9fe2763cea4a982a09ceb352512a6.cloudfront.net (CloudFront)
x-amz-cf-id
M7bJ_MKW8kiqzvy8UJqiQ5_WpWZ4iAh3whPvBkvB4NSIXaCxtj972w==
x-amz-cf-pop
SYD1-C1
x-cache
Hit from cloudfront
x-frame-options
allow-from SAMEORIGIN
x-powered-by
PHP/7.4.14

Redirect headers

Connection
keep-alive
Content-Length
178
Content-Type
text/html
Date
Thu, 14 Sep 2023 01:48:26 GMT
Location
https://www.turtlediary.com/
Server
nginx/1.18.0 (Ubuntu)
/
www.turtlediary.com/min/ 		272 KB
44 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.turtlediary.com/min/?g=tdcss_home&v=59.32
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-107.syd1.r.cloudfront.net
Software
Apache/2.4.54 (Unix) OpenSSL/1.1.1n / PHP/7.4.14
Resource Hash
81210e7ce6c6033375740aea23a5844dec8a611027f6bb3b7c44d1fdebe3a4ec
Security Headers
Name Value
X-Frame-Options allow-from SAMEORIGIN

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 02:02:21 GMT
content-encoding
gzip
via
1.1 eda9fe2763cea4a982a09ceb352512a6.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD1-C1
age
85565
x-powered-by
PHP/7.4.14
x-cache
Hit from cloudfront
content-length
44294
last-modified
Tue, 12 Sep 2023 06:14:04 GMT
server
Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag
"pub1694499244;gz"
x-frame-options
allow-from SAMEORIGIN
access-control-allow-methods
GET,POST,OPTIONS,DELETE,PUT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
vary
Accept-Encoding
access-control-allow-headers
Accept, Authorization, Origin, Content-Type
x-amz-cf-id
yucYzzWL-At4wuqfx8nNEdKMvD-2otiLpbRmwbJgebUW7i5QbDGsGw==
expires
Thu, 14 Sep 2023 02:02:21 GMT
css2
fonts.googleapis.com/ 		8 KB
980 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Dosis:wght@200;300;400;500;600;700;800&display=swap&v=?ver=59.32
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.67.10 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f10.1e100.net
Software
ESF /
Resource Hash
3988cd2abb8e7c863fa05d202933cb13ed0fbf32efbf30188312375cb85e930f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 14 Sep 2023 01:48:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 00:19:43 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 14 Sep 2023 01:48:27 GMT
js
www.googletagmanager.com/gtag/ 		281 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-W1C8HMBE0D
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.8 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
bd04b5e88253c3d056f26555cb388702d9d8702ad3a2aa2c5ce1f67177c75bf4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 01:48:28 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
94658
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 14 Sep 2023 01:48:28 GMT
td-logo-3.webp
cdn.turtlediary.com/homepage/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.turtlediary.com/homepage/td-logo-3.webp
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-81.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bad4155111cfa8d146fe8dcdcf3935651d730dfd8fc67550c14f8ae8fe41bb69

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-amz-version-id
2sUMdTA_FDT2HqmxWnlmGyu7yYWYqo1T
date
Thu, 14 Sep 2023 00:53:43 GMT
via
1.1 4bf8b888ab09c75583ef96928f051bfc.cloudfront.net (CloudFront)
last-modified
Tue, 30 Aug 2022 09:47:08 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C1
age
3352
etag
"1bf86a227e34fd0e168e424f076f3a28"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
binary/octet-stream
accept-ranges
bytes
content-length
2870
x-amz-cf-id
spIw_ETh_tL7nqw7gA247Xu1py5v7vep63opr7d8VmR2dQMVu_P_fw==
assignment.webp
media.turtlediary.com/homepage/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.turtlediary.com/homepage/assignment.webp
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-63.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f4a9c7e802b59da407d928f885788fca893d1e025169c9c2e32806143c23fdc0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-amz-version-id
y1.UAig00LON3aL4HQFyL0kg4vkg4EbJ
date
Wed, 13 Sep 2023 03:18:09 GMT
via
1.1 b798288227eabcd45c0b7368df2cc344.cloudfront.net (CloudFront)
last-modified
Tue, 30 Aug 2022 09:47:07 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C1
age
81100
etag
"3cbbd4a0ded33d4e7975634452871130"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
binary/octet-stream
accept-ranges
bytes
content-length
2272
x-amz-cf-id
a1ZChw3L7k0Rb7FXf1lziAHcLFoxI2ccb0MiWARPv3QFRGjvVTeZYA==
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.202 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f10.1e100.net
Software
sffe /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 20:38:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
191427
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31021
x-xss-protection
0
last-modified
Fri, 08 May 2020 07:05:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 10 Sep 2024 20:38:00 GMT
positionscroll2.js
www.turtlediary.com/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.turtlediary.com/js/positionscroll2.js
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-107.syd1.r.cloudfront.net
Software
Apache/2.4.54 (Unix) OpenSSL/1.1.1n /
Resource Hash
9c5eab6657a64c3738f572154f23d884c4d15da744a4eea7f6cc0d4a942d2bd9
Security Headers
Name Value
X-Frame-Options allow-from SAMEORIGIN

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:17:08 GMT
content-encoding
gzip
via
1.1 eda9fe2763cea4a982a09ceb352512a6.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD1-C1
age
1218679
x-cache
Hit from cloudfront
content-length
2711
server
Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-frame-options
allow-from SAMEORIGIN
access-control-allow-methods
GET,POST,OPTIONS,DELETE,PUT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, public
vary
Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
Accept, Authorization, Origin, Content-Type
x-amz-cf-id
8w8gWmFjlJIH0Y7D8KEeLPaV2FTverefC6ek8CK1Kasfhk3CCc8nOA==
expires
Wed, 06 Sep 2023 23:17:08 GMT
jquery.modal.min.css
cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.css
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eaa593bcfe485f4b5a8ac997cf9936604f9fbef91652db94a8e22b75d612bfc1
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 01:48:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1126359
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1568
last-modified
Thu, 22 Jun 2023 11:06:02 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"64942b1a-620"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pZcTTF2reXlb2YBHZb6yvuihxmFsBaRXFQ%2Fe8M5x7cIcvqeADmnJE19oQB7cWA%2FgPGQr%2FWLwil9YXl80upS7Eo3YhBrkvASvH2vFYj15FvMlParXyDCllr7YVItHzu%2FvbHk162hs"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8064f7c20891a977-SYD
expires
Tue, 03 Sep 2024 01:48:27 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.0.0/ 		84 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.0.0/jquery.min.js
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 01:48:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1151310
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27187
last-modified
Thu, 22 Jun 2023 11:06:06 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"64942b1e-6a33"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rzB3clEO%2B%2FX8iRZkMYiaB9g0JxolmpRghuvHiV8PNquemlSUcsFJxlOHxlK4Z%2BsdBQZlWEOJ90kO%2F%2FUkQYbLgIKCtthw%2FV31MsXHx5UCDWt9rmoq%2FeYraNeg9qlc%2FPAS%2Fg9fgh9F"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8064f7c218b3a977-SYD
expires
Tue, 03 Sep 2024 01:48:27 GMT
jquery.modal.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.js
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7e8ed2d7bbdbcaeeee81c3433f057d64a32c000112bbd09b5969fc658d0a655
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 01:48:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
4166188
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1399
last-modified
Thu, 22 Jun 2023 11:06:02 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"64942b1a-577"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ji5zLhLcYh1C3mmML4RefcGr5JtyvvHUQZ3UVkmztlE1DllRnp7W5AfhfF0TOIByaR%2BbMAExHHWmFY0H00yU2JORcRi%2Ban2mNu87CUyrx1TprJGeCWYNR%2F7DP7NEAUtrLBFuIdnw"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8064f7c238e8a977-SYD
expires
Tue, 03 Sep 2024 01:48:27 GMT
adv-rt-img.webp
media.turtlediary.com/homepage/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.turtlediary.com/homepage/adv-rt-img.webp
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-63.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c561d7fffec8bd07961d6d60c7be2d27f6898d162b603329254f6dcef7394d53

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-amz-version-id
u6PLcvIPylJwCAka00RUmK9URXMKr099
date
Wed, 13 Sep 2023 23:20:34 GMT
via
1.1 b798288227eabcd45c0b7368df2cc344.cloudfront.net (CloudFront)
last-modified
Tue, 30 Aug 2022 09:47:07 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C1
age
9016
etag
"244065c3ea0b6b8f7862858e45233ce8"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
binary/octet-stream
accept-ranges
bytes
content-length
6096
x-amz-cf-id
a3bD2IyC2zm_0IP4R1ick3QrUSXmjGHg5Ou1p9xFAAZ9FbHJEwprDA==
adv-lft-img.webp
media.turtlediary.com/homepage/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.turtlediary.com/homepage/adv-lft-img.webp
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-63.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
35981b6766cb407cfcff7271ceff3057e9ad15da9a56bf9cac2dfe5bb9f5cf47

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-amz-version-id
5e3049gEVsB9kdwTE.GuO2lds.vM7Shm
date
Wed, 13 Sep 2023 23:20:34 GMT
via
1.1 b798288227eabcd45c0b7368df2cc344.cloudfront.net (CloudFront)
last-modified
Tue, 30 Aug 2022 09:47:07 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C1
age
12301
etag
"b5a2d3d4e5a802c50f5d35e31c77442a"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
binary/octet-stream
accept-ranges
bytes
content-length
6568
x-amz-cf-id
yY4L5GS1I3Ou_Z3QANyhPJLfq904ydXPjk3wZtcSR4a_akSgGDbNNg==
car-race-multiplayer-th.webp
media.turtlediary.com/games/span/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.turtlediary.com/games/span/car-race-multiplayer-th.webp
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-63.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d2531c060499a31d29528942642ecaf731ca7d26f8c2ffe3b9aba20f79a51419

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-amz-version-id
dZeLjLivMnqLNL69h8CtqjkB9CkM2Z4l
date
Wed, 13 Sep 2023 03:15:40 GMT
via
1.1 b798288227eabcd45c0b7368df2cc344.cloudfront.net (CloudFront)
last-modified
Tue, 30 Aug 2022 09:46:19 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C1
age
81169
etag
"94cabeea6c460450113a6f1b19a56155"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
binary/octet-stream
accept-ranges
bytes
content-length
5200
x-amz-cf-id
fgx0C1_zWRvMGuW5DTadDqZ_3A4DSU0iYbJ681bHqL2OamfYR0OMUw==
plyThumbOn.webp
media.turtlediary.com/homepage/ 		940 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.turtlediary.com/homepage/plyThumbOn.webp
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-63.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a5ee1ee672866c689ca31e8c8ed157d602f67f0e25125cadebff402152a5f0e4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-amz-version-id
yOkKWrOJAheBdk00cgu2C.K4WV1hNiD3
date
Wed, 13 Sep 2023 23:45:30 GMT
via
1.1 b798288227eabcd45c0b7368df2cc344.cloudfront.net (CloudFront)
last-modified
Tue, 30 Aug 2022 09:47:08 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C1
age
24807
etag
"021c8a7abb4f42a3f492f1c8c260aa86"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
binary/octet-stream
accept-ranges
bytes
content-length
940
x-amz-cf-id
exAa0gxEeeJ3YaYokfz83mG6dRggLr9rleraSSxQYz1Ctpav3amJSw==
basketball.webp
media.turtlediary.com/games/span/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.turtlediary.com/games/span/basketball.webp
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-63.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dfb95277447e40b12c0841ece47ecc7b56e0e596e2ba986c31fb09db7d76c844

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 00:40:22 GMT
x-amz-version-id
vADIfdDz.ibrIrGEB9iCjN3OLlLLcw7Q
via
1.1 b798288227eabcd45c0b7368df2cc344.cloudfront.net (CloudFront)
last-modified
Tue, 30 Aug 2022 09:46:18 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C1
age
4086
etag
"c6d91cf51d7019bba904fa99d3ce442b"
vary
Origin
x-cache
Hit from cloudfront
content-type
binary/octet-stream
accept-ranges
bytes
content-length
5382
x-amz-cf-id
XonUJnpWG28UOWrMerrqDJRHrsaYK0EY6kGlqZrnkrK7ojn1a5Gstg==
ninja-car-race-multiplayer.webp
media.turtlediary.com/games/span/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.turtlediary.com/games/span/ninja-car-race-multiplayer.webp
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-63.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
92033b58253abb0529325a307ee85442a1fdea546a274288480595391784a510

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 00:40:22 GMT
x-amz-version-id
JwFMk3Bl0Vc3ZwhRtzP8KmqjMCd9N8GD
via
1.1 b798288227eabcd45c0b7368df2cc344.cloudfront.net (CloudFront)
last-modified
Tue, 30 Aug 2022 09:46:49 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C1
age
4086
etag
"fe03d8ba7054ce8e1811d321f2441dfd"
vary
Origin
x-cache
Hit from cloudfront
content-type
binary/octet-stream
accept-ranges
bytes
content-length
3734
x-amz-cf-id
J9ze2GRd8uMnej7ZJfM11hQcOnPK1-TKN4Ha6sE7gNVz9RU89c0kwQ==
preschool-color-by-number.webp
media.turtlediary.com/games/span/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.turtlediary.com/games/span/preschool-color-by-number.webp
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-63.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
781a26644f200441299dd3f071392c63fcf15cab6a77f699936866a2b9d6c883

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 05:08:24 GMT
x-amz-version-id
V4LdJO9S2eAepykZyZYWLioeOZxVKBRM
via
1.1 b798288227eabcd45c0b7368df2cc344.cloudfront.net (CloudFront)
last-modified
Tue, 30 Aug 2022 09:46:52 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C1
age
74405
etag
"6f76f25371b7bb3face630e32e514f2c"
vary
Origin
x-cache
Hit from cloudfront
content-type
binary/octet-stream
accept-ranges
bytes
content-length
4252
x-amz-cf-id
r3g553Hng-Tbp_IPgBmks3eVCyrlvgCRb5Z8_sL4zQ9FRa_-q2ywTA==
car-race-multiplayer.webp
media.turtlediary.com/games/span/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.turtlediary.com/games/span/car-race-multiplayer.webp
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-63.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
caaccf1f675a43bfcd899e0530dc1d60bab848db13170024b741abf316d02c73

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-amz-version-id
dsFvqS2pJEwQDcyFeyUxGft.8pE7kZnh
date
Wed, 13 Sep 2023 07:36:00 GMT
via
1.1 b798288227eabcd45c0b7368df2cc344.cloudfront.net (CloudFront)
last-modified
Thu, 19 Jan 2023 13:21:01 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C1
age
65548
x-amz-server-side-encryption
AES256
etag
"4bef26a172f138ddac863bb5876dbcc3"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
image/webp
accept-ranges
bytes
content-length
4110
x-amz-cf-id
vB6kG1jW_Y_fI-5qTDoGSwYLrSqLpfmqp4opTfXHYNk3pZT-r5BvEA==
climbing-stickman-multiplayer.webp
media.turtlediary.com/games/span/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.turtlediary.com/games/span/climbing-stickman-multiplayer.webp
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-63.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
334416c325a77993e33c282928a7f6b05d28c54ed5aaebfc9fd1614008c81ab7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-amz-version-id
xsb5h56vXe__eeESpTpjgYBOMcPCEWC5
date
Wed, 13 Sep 2023 22:34:40 GMT
via
1.1 b798288227eabcd45c0b7368df2cc344.cloudfront.net (CloudFront)
last-modified
Tue, 30 Aug 2022 09:46:19 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C1
age
12300
etag
"244d88d55c142e75a0b1bbf1fb67e191"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
binary/octet-stream
accept-ranges
bytes
content-length
7314
x-amz-cf-id
OBqGpyoedXubiDY-Iw1bJKPwRiuU5rfZaYjX67PJL_-tPAaAB7egSw==
what-are-nouns.webp
media.turtlediary.com/games/span/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.turtlediary.com/games/span/what-are-nouns.webp
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-63.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c7f1618546c551ed350b3f5c066681e91bd17ce9f2eaf1c539f2a65cb3e1966d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-amz-version-id
nc8VzkJQsLLgPLggmNj6b_dpam.TO2_D
date
Wed, 13 Sep 2023 03:15:41 GMT
via
1.1 b798288227eabcd45c0b7368df2cc344.cloudfront.net (CloudFront)
last-modified
Mon, 13 Feb 2023 06:30:18 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C1
age
81168
x-amz-server-side-encryption
AES256
etag
"b4b2dc6a169650419bbb597718b13974"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
image/webp
accept-ranges
bytes
content-length
5432
x-amz-cf-id
vlOQepSo73o52sF24W_uaWUApKBGgKLtEH9mfxI64kM6y89kMV0oCA==
balloon-typing.webp
media.turtlediary.com/games/span/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.turtlediary.com/games/span/balloon-typing.webp
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-63.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4bb3c40a43446eab98cb29c3b7981dee8aa8be1be445fdcbf2e50067e39e6875

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-amz-version-id
0mEKqrWuH.PpaGKm9oGilhaalsFWT8x_
date
Thu, 14 Sep 2023 00:45:00 GMT
via
1.1 b798288227eabcd45c0b7368df2cc344.cloudfront.net (CloudFront)
last-modified
Tue, 30 Aug 2022 09:46:18 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C1
age
4119
etag
"fba9af9799d3d59c42b757ca799186a5"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
binary/octet-stream
accept-ranges
bytes
content-length
2836
x-amz-cf-id
oqVCCU9xRTDsLhgUpY-4-50XConw3A8Q9GLVKD0C9EqGtu9ZMQVqdg==
candy-typing.webp
media.turtlediary.com/games/span/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.turtlediary.com/games/span/candy-typing.webp
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-63.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5871778f6ee047af0d2aa445d97b568e374fab1f88da69e5f1041939f3474fc4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-amz-version-id
cEsGB7VZ1a4DMgeKRLVZ6JnSfJ8.96On
date
Wed, 13 Sep 2023 23:20:34 GMT
via
1.1 b798288227eabcd45c0b7368df2cc344.cloudfront.net (CloudFront)
last-modified
Tue, 30 Aug 2022 09:46:19 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C1
age
12300
etag
"c400fbf3bc5459889d29a15a6b59a5e2"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
binary/octet-stream
accept-ranges
bytes
content-length
4276
x-amz-cf-id
htqgY75b0N-cEgptGIoU7gpgJKSMFso1Xd-nEpmrKwBBKI-yGof0fg==
typing-race-beginner.webp
media.turtlediary.com/games/span/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.turtlediary.com/games/span/typing-race-beginner.webp
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-63.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bfff50bcb36b80b74e247520c693eb6fb98acf98846ec881bee58f40621bad04

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-amz-version-id
avCQ4awQG2vXTRaGOAK30Gb1Yh0ONcFo
date
Wed, 13 Sep 2023 03:15:41 GMT
via
1.1 b798288227eabcd45c0b7368df2cc344.cloudfront.net (CloudFront)
last-modified
Tue, 30 Aug 2022 09:46:57 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C1
age
81168
etag
"ca076a46ba2b34b1a1fae4cb40b54497"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
binary/octet-stream
accept-ranges
bytes
content-length
3976
x-amz-cf-id
-ZbOndgygUpVwYyHQ-6pOxenrQEyujJU9l5BM2csD3prtJiGgyEnNw==
adjectives.webp
media.turtlediary.com/games/span/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.turtlediary.com/games/span/adjectives.webp
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-63.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6afccb36cc72c062ca509621e44c2e4aff0a7ea12d6f511e1fe5f80c57d5bb8d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-amz-version-id
8lNkE18XXjo.aQqaju.0NEVnPHuRzYHY
date
Thu, 14 Sep 2023 01:20:55 GMT
via
1.1 b798288227eabcd45c0b7368df2cc344.cloudfront.net (CloudFront)
last-modified
Fri, 25 Nov 2022 10:48:51 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C1
age
1654
etag
"fc54b341528b508d41ba5fc8252ffb89"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
image/webp
accept-ranges
bytes
content-length
16644
x-amz-cf-id
Mc62-mUNcvQJ4bVxOyu-IoI9hJULoLD0E2Ai0qlhOtU8NpYN2Z6JIA==
archer-vs-archer.webp
media.turtlediary.com/games/span/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.turtlediary.com/games/span/archer-vs-archer.webp
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-63.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f97529cc41eadff328eb928678cfe853a82d1834bf34cede59315577d11663d5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-amz-version-id
nbDXXmsErP_W3ZbDA1e66M_anyYuVdaZ
date
Wed, 13 Sep 2023 03:15:42 GMT
via
1.1 b798288227eabcd45c0b7368df2cc344.cloudfront.net (CloudFront)
last-modified
Tue, 30 Aug 2022 09:46:17 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C1
age
81167
etag
"178f12424e13b2f41df65124e7afb57b"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
binary/octet-stream
accept-ranges
bytes
content-length
3158
x-amz-cf-id
Jg-V6S2gij6G14ypO6Z-t5TyPCIvcF6t28n3ODzIH5N-VkAmLpdCWg==
td-logo.webp
cdn.turtlediary.com/homepage/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.turtlediary.com/homepage/td-logo.webp
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-81.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bf49e27fc683ba28a41f55094272531e6b8375d5c37e90392a671f5c551a2888

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-amz-version-id
mHMgW7OEMz_g8NyEx9sbRhHsP_jZeo30
date
Wed, 13 Sep 2023 19:38:51 GMT
via
1.1 4bf8b888ab09c75583ef96928f051bfc.cloudfront.net (CloudFront)
last-modified
Tue, 30 Aug 2022 09:47:08 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C1
age
22178
etag
"35df5228350d00f2008ffba3da6de96c"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
binary/octet-stream
accept-ranges
bytes
content-length
2692
x-amz-cf-id
M8J6uSKEmfY9UDxwtxeSlS00ULmjf8lXSoYdOJi-ToLc1ILbjr1AGw==
xleading-educators.webp
cdn.turtlediary.com/homepage/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.turtlediary.com/homepage/xleading-educators.webp
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-81.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8c51666dc597f3c00d8b96c9cdcea12f28b4add101103868b0df81fbaa0b069f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-amz-version-id
4FUA0yaaaV8SYzc58VTew5TodZL9RFQN
date
Wed, 13 Sep 2023 03:16:52 GMT
via
1.1 4bf8b888ab09c75583ef96928f051bfc.cloudfront.net (CloudFront)
last-modified
Tue, 30 Aug 2022 09:47:08 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C1
age
81097
etag
"e2b76b3ca8979422326401c07af39dbb"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
binary/octet-stream
accept-ranges
bytes
content-length
3084
x-amz-cf-id
zvxS41K2IKHBDmSR8rJuWluNICToiDkkjB1ilXSxzj9-e-PyegPo3A==
gw-kids.webp
cdn.turtlediary.com/homepage/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.turtlediary.com/homepage/gw-kids.webp
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-81.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
94250919b0ff8ec072aa2503949b2aa0d54064c771413d59f9e688f4edff260d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-amz-version-id
fgzrhKHFkhP3mWf.Ig_UbhjKeSdfDYD8
date
Wed, 13 Sep 2023 03:16:52 GMT
via
1.1 4bf8b888ab09c75583ef96928f051bfc.cloudfront.net (CloudFront)
last-modified
Tue, 30 Aug 2022 09:47:07 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C1
age
81097
etag
"9049e4fcf27efd6fc5eb8e005a58903d"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
binary/octet-stream
accept-ranges
bytes
content-length
2522
x-amz-cf-id
ObSA4dgUYkpcOIEmB5pXccca59YB4zS2FeGEBIjFD4YN9p-2MvJrHw==
home-school-img.webp
cdn.turtlediary.com/homepage/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.turtlediary.com/homepage/home-school-img.webp
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-81.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fdf89d1a74034d42ce15ca995a045aa9a3dac6a12209cba90445d6a0ca2368d5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-amz-version-id
RqNfQqscqg8f2GnP9FQy8OhFaKp5bGqb
date
Thu, 14 Sep 2023 00:53:43 GMT
via
1.1 4bf8b888ab09c75583ef96928f051bfc.cloudfront.net (CloudFront)
last-modified
Tue, 30 Aug 2022 09:47:07 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C1
age
3352
etag
"841cdc4243d36ce2725035ef2e60fbe7"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
binary/octet-stream
accept-ranges
bytes
content-length
1820
x-amz-cf-id
-js5W5jNqUEnCWcO7xXo5Nw7J4Ablon-mLpWB9Vx8hUfHT1sZe8Fyw==
ads-badge.webp
cdn.turtlediary.com/homepage/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.turtlediary.com/homepage/ads-badge.webp
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-81.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fc76ad27ec124c4daa115980a9bea11d31252e3f7a580b455e5578f90a2ef98d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-amz-version-id
S753Bf1zJ0TM6kTVSGkZWozCI0Hk0J1i
date
Thu, 14 Sep 2023 00:53:43 GMT
via
1.1 4bf8b888ab09c75583ef96928f051bfc.cloudfront.net (CloudFront)
last-modified
Tue, 30 Aug 2022 09:47:07 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C1
age
3352
etag
"66bea8b05cd38d033b7b619ac5c92edc"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
binary/octet-stream
accept-ranges
bytes
content-length
3032
x-amz-cf-id
MjotWMli9bU8BSM7HkyUPZdO2McjiCunBLXeoch4KqGkdVQY8BuNxA==
socket.io.js
nodejs.turtlediary.com/socket.io/ 		105 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nodejs.turtlediary.com/socket.io/socket.io.js
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.205.53.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-205-53-163.compute-1.amazonaws.com
Software
/
Resource Hash
78f843d3abb760189d189f74b3f80bb0ca13e40ede8caad1c05c321ffeb78cf4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 01:48:28 GMT
cache-control
public, max-age=0
content-encoding
gzip
etag
"4.4.1"
content-type
application/javascript
client.js
www.turtlediary.com/js/html5/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.turtlediary.com/js/html5/client.js?v=59.43
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-107.syd1.r.cloudfront.net
Software
Apache/2.4.54 (Unix) OpenSSL/1.1.1n /
Resource Hash
bd351964a6d11d6d1080c25b6d081821d598622929758e010a337bc04710a5aa
Security Headers
Name Value
X-Frame-Options allow-from SAMEORIGIN

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 23:17:08 GMT
content-encoding
gzip
via
1.1 eda9fe2763cea4a982a09ceb352512a6.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD1-C1
age
1218679
x-cache
Hit from cloudfront
content-length
3170
server
Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-frame-options
allow-from SAMEORIGIN
access-control-allow-methods
GET,POST,OPTIONS,DELETE,PUT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, public
vary
Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
Accept, Authorization, Origin, Content-Type
x-amz-cf-id
GMix6L2TIwbkBg-sUm8bFXp6Wro7pn9YW8BwQA6FUJLAV8bBGtk6cQ==
expires
Wed, 06 Sep 2023 23:17:08 GMT
jquery-3.5.1.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.5.1.min.js
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
nginx /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 01:48:28 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-15d84"
vary
Accept-Encoding
x-hw
1694656108.dop212.se2.t,1694656108.cds055.se2.hn,1694656108.cds001.se2.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30879
custom.js
www.turtlediary.com/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.turtlediary.com/js/custom.js?v=59.43
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-107.syd1.r.cloudfront.net
Software
Apache/2.4.54 (Unix) OpenSSL/1.1.1n /
Resource Hash
abb60e7cf9f019236835676934158d2c4ab822b64e56b9afa627bde68c0e4a5b
Security Headers
Name Value
X-Frame-Options allow-from SAMEORIGIN

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 01:01:23 GMT
content-encoding
gzip
via
1.1 eda9fe2763cea4a982a09ceb352512a6.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD1-C1
age
866824
x-cache
Hit from cloudfront
content-length
767
server
Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-frame-options
allow-from SAMEORIGIN
access-control-allow-methods
GET,POST,OPTIONS,DELETE,PUT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, public
vary
Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
Accept, Authorization, Origin, Content-Type
x-amz-cf-id
5eOtcUHHJAnqSVya2WVv6jMbIqQKB5_XmZcvpG7S19nAoyx-lSw2mQ==
expires
Mon, 11 Sep 2023 01:01:23 GMT
/
www.turtlediary.com/min/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.turtlediary.com/min/?g=tdjs&v=59.43
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-107.syd1.r.cloudfront.net
Software
Apache/2.4.54 (Unix) OpenSSL/1.1.1n / PHP/7.4.14
Resource Hash
3df6b36b3d9ec91ec8ee170906cc6ef2f2247be1d1e715880ee5477dd38c4e37
Security Headers
Name Value
X-Frame-Options allow-from SAMEORIGIN

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 08:57:07 GMT
content-encoding
gzip
via
1.1 eda9fe2763cea4a982a09ceb352512a6.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD1-C1
age
60680
x-powered-by
PHP/7.4.14
x-cache
Hit from cloudfront
content-length
3598
last-modified
Wed, 13 Sep 2023 07:48:52 GMT
server
Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag
"pub1694591332;gz"
x-frame-options
allow-from SAMEORIGIN
access-control-allow-methods
GET,POST,OPTIONS,DELETE,PUT
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
vary
Accept-Encoding
access-control-allow-headers
Accept, Authorization, Origin, Content-Type
x-amz-cf-id
wnJrEY_NHvxM7JGnlknFWc6XJqTVRg9bSLJzfQfOLFEVi5qblkMtWw==
expires
Thu, 14 Sep 2023 08:57:07 GMT
/
www.turtlediary.com/min/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.turtlediary.com/min/?g=jqueryjs&v=59.43
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-107.syd1.r.cloudfront.net
Software
Apache/2.4.54 (Unix) OpenSSL/1.1.1n / PHP/7.4.14
Resource Hash
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
Security Headers
Name Value
X-Frame-Options allow-from SAMEORIGIN

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 08:57:07 GMT
content-encoding
gzip
via
1.1 eda9fe2763cea4a982a09ceb352512a6.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD1-C1
age
60679
x-powered-by
PHP/7.4.14
x-cache
Hit from cloudfront
content-length
33217
last-modified
Wed, 13 Sep 2023 07:48:52 GMT
server
Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag
"pub1694591332;gz"
x-frame-options
allow-from SAMEORIGIN
access-control-allow-methods
GET,POST,OPTIONS,DELETE,PUT
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
vary
Accept-Encoding
access-control-allow-headers
Accept, Authorization, Origin, Content-Type
x-amz-cf-id
Jttlfbt53YSJ8PTSmrN84cNTz98h9cpYhshJQ2miRCRa4cKEl7M5Wg==
expires
Thu, 14 Sep 2023 08:57:07 GMT
/
www.turtlediary.com/min/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.turtlediary.com/min/?g=footertdjs2&v=59.43
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-107.syd1.r.cloudfront.net
Software
Apache/2.4.54 (Unix) OpenSSL/1.1.1n / PHP/7.4.14
Resource Hash
ad6e2d53f24ebad6e0d6be3058074a91caef2453cceba2b27e4774e1c88e3afe
Security Headers
Name Value
X-Frame-Options allow-from SAMEORIGIN

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 08:57:07 GMT
content-encoding
gzip
via
1.1 eda9fe2763cea4a982a09ceb352512a6.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD1-C1
age
60679
x-powered-by
PHP/7.4.14
x-cache
Hit from cloudfront
content-length
2517
last-modified
Wed, 13 Sep 2023 07:48:52 GMT
server
Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag
"pub1694591332;gz"
x-frame-options
allow-from SAMEORIGIN
access-control-allow-methods
GET,POST,OPTIONS,DELETE,PUT
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
vary
Accept-Encoding
access-control-allow-headers
Accept, Authorization, Origin, Content-Type
x-amz-cf-id
sY-KVRsDwcYp7OlVz1PD7m0UVOyFZjZmyY8O2ZKQtNJ04qb4NXcGJQ==
expires
Thu, 14 Sep 2023 08:57:07 GMT
/
www.turtlediary.com/min/ 		52 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.turtlediary.com/min/?g=footertdjs1&v=59.43
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-107.syd1.r.cloudfront.net
Software
Apache/2.4.54 (Unix) OpenSSL/1.1.1n / PHP/7.4.14
Resource Hash
778599c0c8c1d5e2f5f9f4776c0a15f08eb09b0a3a7617f1ae9c4b05c8109b03
Security Headers
Name Value
X-Frame-Options allow-from SAMEORIGIN

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 08:57:08 GMT
content-encoding
gzip
via
1.1 eda9fe2763cea4a982a09ceb352512a6.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD1-C1
age
60679
x-powered-by
PHP/7.4.14
x-cache
Hit from cloudfront
content-length
15200
last-modified
Wed, 13 Sep 2023 07:48:52 GMT
server
Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag
"pub1694591332;gz"
x-frame-options
allow-from SAMEORIGIN
access-control-allow-methods
GET,POST,OPTIONS,DELETE,PUT
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
vary
Accept-Encoding
access-control-allow-headers
Accept, Authorization, Origin, Content-Type
x-amz-cf-id
lbaN4PYfXH49Ss6rQbCnkSy8Z4ym38f_QHmSqRynr8EAqBz00ENMug==
expires
Thu, 14 Sep 2023 08:57:08 GMT
/
www.turtlediary.com/min/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.turtlediary.com/min/?g=footertdjs3&v=59.43
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-107.syd1.r.cloudfront.net
Software
Apache/2.4.54 (Unix) OpenSSL/1.1.1n / PHP/7.4.14
Resource Hash
e2e1ad18cce5424b905ba2f78b3970a9f26ce651ac6c03b99d706e639d392b06
Security Headers
Name Value
X-Frame-Options allow-from SAMEORIGIN

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 08:57:08 GMT
content-encoding
gzip
via
1.1 eda9fe2763cea4a982a09ceb352512a6.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD1-C1
age
60679
x-powered-by
PHP/7.4.14
x-cache
Hit from cloudfront
content-length
2302
last-modified
Wed, 13 Sep 2023 07:48:52 GMT
server
Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag
"pub1694591332;gz"
x-frame-options
allow-from SAMEORIGIN
access-control-allow-methods
GET,POST,OPTIONS,DELETE,PUT
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
vary
Accept-Encoding
access-control-allow-headers
Accept, Authorization, Origin, Content-Type
x-amz-cf-id
Jc_CcLNAL1Hx8U6jKtCKeiHb9S1snGHMe2kq9LocGLHfUix2Uozzbw==
expires
Thu, 14 Sep 2023 08:57:08 GMT
/
www.turtlediary.com/min/ 		38 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.turtlediary.com/min/?g=bootstrapjs&v=59.43
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-107.syd1.r.cloudfront.net
Software
Apache/2.4.54 (Unix) OpenSSL/1.1.1n / PHP/7.4.14
Resource Hash
980c96107d8f974d249b98757877f4a51db8cf7172903fe99aba4b5466631ee1
Security Headers
Name Value
X-Frame-Options allow-from SAMEORIGIN

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 08:57:08 GMT
content-encoding
gzip
via
1.1 eda9fe2763cea4a982a09ceb352512a6.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD1-C1
age
60679
x-powered-by
PHP/7.4.14
x-cache
Hit from cloudfront
content-length
9907
last-modified
Wed, 13 Sep 2023 07:48:52 GMT
server
Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag
"pub1694591332;gz"
x-frame-options
allow-from SAMEORIGIN
access-control-allow-methods
GET,POST,OPTIONS,DELETE,PUT
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
vary
Accept-Encoding
access-control-allow-headers
Accept, Authorization, Origin, Content-Type
x-amz-cf-id
mvNYEwtuR-_bJTj3Urj3RoSMlRKpTaDot2XJ-5y7tHare_kXlZWAPw==
expires
Thu, 14 Sep 2023 08:57:08 GMT
cls.css
a.pub.network/turtlediary-com/ 		677 B
713 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/turtlediary-com/cls.css
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.20.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a66769f27a6b02b1c7be723a3c9463b4eaf780813e94c8f3d811a29623a9a191

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 01:48:27 GMT
content-encoding
gzip
cf-cache-status
HIT
age
30
x-guploader-uploadid
ADPycdsTqaYElQorLAZWRZQ_T8p9IefprB_MNfCuLY1M0RO8syv7x9ZMSWyd3dAGjpCd1RHkKQRQFKgAAG13L2m31nW540TDG2Ns
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
last-modified
Thu, 07 Sep 2023 17:16:57 GMT
server
cloudflare
etag
W/"01f2519530968ee0624a921da137ddc4"
vary
Accept-Encoding
x-goog-hash
crc32c=ObyTmw==, md5=AfJRlTCWjuBiSpIdoTfdxA==
x-goog-generation
1690992326393232
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=1800
x-goog-stored-content-length
677
cf-ray
8064f7c20b17aae4-SYD
expires
Thu, 14 Sep 2023 02:18:27 GMT
pubfig.min.js
a.pub.network/turtlediary-com/ 		105 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/turtlediary-com/pubfig.min.js
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.20.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2970e13f9d1d74db610f1694d6d35b043a188d8eb175d59e8c262c703d72d74b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 01:48:27 GMT
content-encoding
gzip
cf-cache-status
HIT
age
103765
x-guploader-uploadid
ADPycduEJW_De9So-0ekQVJ-f1MAa9IfIFtBT_XmL_v561CnVZg0N96TQir4lzVeppoWecqtUneag0MjQY6KyZlQhKQJoej_mfYB
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
last-modified
Thu, 07 Sep 2023 17:16:57 GMT
server
cloudflare
etag
W/"2637d1a4347693da1a58ff32ee06df7b"
vary
Accept-Encoding
x-goog-hash
crc32c=nnJinQ==, md5=JjfRpDR2k9oaWP8y7gbfew==
x-goog-generation
1694107017531375
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=1800
x-goog-stored-content-length
107102
cf-ray
8064f7c25b5daae4-SYD
expires
Thu, 14 Sep 2023 02:18:27 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.76.110 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 14 Sep 2023 01:07:25 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
2463
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 14 Sep 2023 03:07:25 GMT
fontawesome-webfont.woff2
www.turtlediary.com/fonts/new/ 		65 KB
66 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.turtlediary.com/fonts/new/fontawesome-webfont.woff2?v=4.5.0
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/min/?g=tdcss_home&v=59.32
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-107.syd1.r.cloudfront.net
Software
Apache/2.4.54 (Unix) OpenSSL/1.1.1n /
Resource Hash
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995
Security Headers
Name Value
X-Frame-Options allow-from SAMEORIGIN

Request headers

Referer
https://www.turtlediary.com/min/?g=tdcss_home&v=59.32
Origin
https://www.turtlediary.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 08:54:41 GMT
content-encoding
gzip
via
1.1 eda9fe2763cea4a982a09ceb352512a6.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD1-C1
age
60826
x-cache
Hit from cloudfront
last-modified
Wed, 13 Sep 2023 07:48:52 GMT
server
Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag
"10440-60538ca622100-gzip"
x-frame-options
allow-from SAMEORIGIN
access-control-allow-methods
GET,POST,OPTIONS,DELETE,PUT
content-type
font/woff2
access-control-allow-origin
*
vary
Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
Accept, Authorization, Origin, Content-Type
x-amz-cf-id
E9wQZc10ILxzzh-r6v-S4Ps14ETHoJCt8yGP6PsmoTduCrRxqtKGPQ==
HhyaU5sn9vOmLzloC_U.woff2
fonts.gstatic.com/s/dosis/v32/ 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/dosis/v32/HhyaU5sn9vOmLzloC_U.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Dosis:wght@200;300;400;500;600;700;800&display=swap&v=?ver=59.32
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f3.1e100.net
Software
sffe /
Resource Hash
0dcac7cabd17a67b5d09d54d506c6ed734516248e9e8552d194b1a5cf16b7722
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.turtlediary.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 17:14:37 GMT
x-content-type-options
nosniff
age
462831
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30208
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 20:45:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Sep 2024 17:14:37 GMT
091934170fd4e1cc42971ab.main.js
fronttoad.com/dist/fa1218bde8a6ad2/ 		67 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fronttoad.com/dist/fa1218bde8a6ad2/091934170fd4e1cc42971ab.main.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/turtlediary-com/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.63.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.63.160.34.bc.googleusercontent.com
Software
/
Resource Hash
1d5c3445a40c989c6f847debe346695ab7397d4948e18ebb0e7c10ba601add42
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
via
1.1 google
date
Thu, 14 Sep 2023 01:48:28 GMT
x-datacenter
gce-asia-east1
etag
"e3cd5a7da51fcf61ff7a7b1eb0fca074bb21cc2a08c1c5ea20ae619b58acc541"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-asia-east1-spot-0scq
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
x-buildnumber
998028631
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
configs
d.pub.network/v2/sites/turtlediary-com/ 		46 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d.pub.network/v2/sites/turtlediary-com/configs?env=PROD
Requested by
Host: a.pub.network
URL: https://a.pub.network/turtlediary-com/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
35870d40b901cf06a65551276fbee09a664747dbebda85739f8e28634156d67e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 01:48:28 GMT
content-encoding
gzip
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
content-type
application/json
access-control-allow-origin
https://www.turtlediary.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
grades.webp
cdn.turtlediary.com/homepage/ 		194 KB
194 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.turtlediary.com/homepage/grades.webp
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/min/?g=tdcss_home&v=59.32
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-81.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d037ba3209044db2ccff64a55106d5e69f4f0e4b78429fcdf1ca12936edb519e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-amz-version-id
jLteJADQyQUHhaNu44ZBjLZrpmWFZzR9
date
Wed, 13 Sep 2023 23:20:34 GMT
via
1.1 4bf8b888ab09c75583ef96928f051bfc.cloudfront.net (CloudFront)
last-modified
Tue, 30 Aug 2022 09:47:07 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C1
age
17984
etag
"6f678c4c10d00cfb5e090fa0b0c622e4"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
binary/octet-stream
accept-ranges
bytes
content-length
198366
x-amz-cf-id
J5rFGS1Hr_j7jmdvFNdDshIaMxz9yzfIU5l1Ebf-Nd6aSZFNqSBvgQ==
grass-bg.webp
cdn.turtlediary.com/homepage/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.turtlediary.com/homepage/grass-bg.webp
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/min/?g=tdcss_home&v=59.32
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-81.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1d4ee19b918d965bcd79df0e57ea9b99e928e0302a09e534a587975126f2f920

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-amz-version-id
URdG38hH2n9lkRnBxYr.kppEjM9jmkGy
date
Wed, 13 Sep 2023 07:47:17 GMT
via
1.1 4bf8b888ab09c75583ef96928f051bfc.cloudfront.net (CloudFront)
last-modified
Tue, 30 Aug 2022 09:47:07 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C1
age
64872
etag
"485e3f7eea01b61ff832db198e1cc6c2"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
binary/octet-stream
accept-ranges
bytes
content-length
15724
x-amz-cf-id
Y8qnGbk5WSMsNrEUKAyN16UIIUv3Ort7No2UZEMbaLBaNUPf15edbQ==
circular-ribbon.png
cdn.turtlediary.com/homepage/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.turtlediary.com/homepage/circular-ribbon.png
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/min/?g=tdcss_home&v=59.32
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-81.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
68fb114544676a7ff3da526d1c5944d17659f972759f4d6712dc03989ca078a0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-amz-version-id
xxQQIdno6HZb6Uk33F0J4K0dTZXBOvQo
date
Wed, 13 Sep 2023 03:15:41 GMT
via
1.1 4bf8b888ab09c75583ef96928f051bfc.cloudfront.net (CloudFront)
last-modified
Tue, 30 Aug 2022 09:47:07 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C1
age
81168
etag
"0ef11f5b8493c2e0b9fabbec839af632"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
3706
x-amz-cf-id
x330QOiSs897CY9hjgor1F6uDx_B7TvF_l6_lRka7Mk-m0Rews4O1Q==
topics.webp
cdn.turtlediary.com/homepage/ 		218 KB
218 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.turtlediary.com/homepage/topics.webp
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/min/?g=tdcss_home&v=59.32
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-81.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0d16cfa1e268735fa201c27d03314ddbcd003f3164214fa04462eb19222eed5c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-amz-version-id
DbJmoWLRGJ5NibucR3r0RsbPeA0o7BBB
date
Wed, 13 Sep 2023 23:20:34 GMT
via
1.1 4bf8b888ab09c75583ef96928f051bfc.cloudfront.net (CloudFront)
last-modified
Thu, 09 Mar 2023 10:20:11 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C1
age
12300
x-amz-server-side-encryption
AES256
etag
"6d6592b012a713e37cb9b4272660ce88"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
image/webp
accept-ranges
bytes
content-length
222750
x-amz-cf-id
r8W_piUy27j1EqyfFHc6am34NaJ3eu9OCWcUvNk6ZvQt7DKsKIQRag==
cloud-bg.png
cdn.turtlediary.com/homepage/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.turtlediary.com/homepage/cloud-bg.png
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/min/?g=tdcss_home&v=59.32
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-81.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7b08eca7e48d4cdb0c939b874869d7e2f404de6328519c758e70301cffb01afd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 06:08:10 GMT
x-amz-version-id
nttfsSB_m2oMthe44iKvB2CkAu2E0k8y
via
1.1 4bf8b888ab09c75583ef96928f051bfc.cloudfront.net (CloudFront)
last-modified
Tue, 30 Aug 2022 09:47:07 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C1
age
70819
etag
"1614f5d942541a6d968950211128a5de"
vary
Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
8464
x-amz-cf-id
aEOh8K_kBy6bBuRlgFY4Zqh1Lb1VuEJTU5SS_BTwzg3DvxX_MY6Q-A==
ajax-loader.gif
cdn.turtlediary.com/homepage/ 		771 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.turtlediary.com/homepage/ajax-loader.gif
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/min/?g=tdcss_home&v=59.32
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-81.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
81a161d5793ac2a33f02ddcd64fb0dc2d028616dac084e4f64e77f4898b0c4e4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-amz-version-id
.FabN2arNKFI7OWKmnCgi92t.AmYqDQJ
date
Wed, 13 Sep 2023 23:45:31 GMT
via
1.1 4bf8b888ab09c75583ef96928f051bfc.cloudfront.net (CloudFront)
last-modified
Tue, 30 Aug 2022 09:47:07 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C1
age
14762
etag
"00ef871b291bc03a497d608a5bd8ec99"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
771
x-amz-cf-id
IuswMVol0_kJ7rD-qIIoQA0p7jNhvGf5cnHDctawR0xNn2MtIXQsNg==
quiz.webp
cdn.turtlediary.com/homepage/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.turtlediary.com/homepage/quiz.webp
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/min/?g=tdcss_home&v=59.32
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-81.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8a2e2fb6f3fb55c6e082d8761acce94483842596ef9cbcf2792290ed07e9a314

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 20:48:45 GMT
x-amz-version-id
jmwCsqoG9DpyXenr.ZF_L0Rs5qwTEvyP
via
1.1 4bf8b888ab09c75583ef96928f051bfc.cloudfront.net (CloudFront)
last-modified
Tue, 30 Aug 2022 09:47:08 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C1
age
17984
etag
"a6a5ade3a11194b609ea071259884a8b"
vary
Origin
x-cache
Hit from cloudfront
content-type
binary/octet-stream
accept-ranges
bytes
content-length
26780
x-amz-cf-id
2vbUrhU9o3A8CfzNfPfFK36cdMQRq9Fghi5CLFVRnHZxMQC8s7S7CQ==
subfooter_bg.png
cdn.turtlediary.com/homepage/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.turtlediary.com/homepage/subfooter_bg.png
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/min/?g=tdcss_home&v=59.32
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-81.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6935aeb7ce0d9da986f062094e9d6fe081cd13f29517c42bd770b72e551895b9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-amz-version-id
ThAs0cw6JPM6S9gHqq5mQEnGg15y325e
date
Wed, 13 Sep 2023 03:15:41 GMT
via
1.1 4bf8b888ab09c75583ef96928f051bfc.cloudfront.net (CloudFront)
last-modified
Tue, 30 Aug 2022 09:47:08 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C1
age
81167
etag
"913025bffe0fe0d37f5f806b56e5d5f4"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
7048
x-amz-cf-id
o4ol1Kr3opATZ7XiefD5357IeKRc-3xmsO-cTGFz-gKnaenVtp76dQ==
footer-bottom-bg.png
cdn.turtlediary.com/homepage/ 		655 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.turtlediary.com/homepage/footer-bottom-bg.png
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/min/?g=tdcss_home&v=59.32
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-81.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3b325dc4cc400ce5817dd28c5bfaabdce34e9e637f8a25840665055ead80d727

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-amz-version-id
TuehOAH4W_cjS0TSfj9zos2jtKfUphRv
date
Wed, 13 Sep 2023 19:38:51 GMT
via
1.1 4bf8b888ab09c75583ef96928f051bfc.cloudfront.net (CloudFront)
last-modified
Tue, 30 Aug 2022 09:47:07 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C1
age
22178
etag
"c9964caeadc1ca933a37176af2b43499"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
655
x-amz-cf-id
2scGgDEfeqfzF1rqcBeIRcHajzuWAEX75bAPArq-RDnQ73m4vbMW5g==
footer-top-bg.png
cdn.turtlediary.com/homepage/ 		635 B
1019 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.turtlediary.com/homepage/footer-top-bg.png
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/min/?g=tdcss_home&v=59.32
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-81.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
82b1ac7bac4f54d30e2a421e5bc0a1e9fc338eb18acb299f0edd64462daf9cf7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-amz-version-id
Unvhut5h9xss1xciWlM54tT3FW0RAnIt
date
Wed, 13 Sep 2023 23:45:29 GMT
via
1.1 4bf8b888ab09c75583ef96928f051bfc.cloudfront.net (CloudFront)
last-modified
Tue, 30 Aug 2022 09:47:07 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C1
age
7386
etag
"c62f2a331e72a9a86218e756c4c4801a"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
635
x-amz-cf-id
WIfssjRkoFQyor6mVFY-YB7733Rwxmdz18ATDOdmzQfJik_vlreldA==
g2t.turtle.png
cdn.turtlediary.com/homepage/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.turtlediary.com/homepage/g2t.turtle.png?ver=2
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/min/?g=tdcss_home&v=59.32
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-81.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e62a00258a2118faad7754b5c5c19174124e4b2ec83a330bd5f9515c19529b94

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-amz-version-id
bSBAuFau9OErTrpqSFY0Szfra2arlyds
date
Wed, 13 Sep 2023 21:49:19 GMT
via
1.1 4bf8b888ab09c75583ef96928f051bfc.cloudfront.net (CloudFront)
last-modified
Tue, 30 Aug 2022 09:47:07 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C1
age
14762
etag
"389ffe9a68fc5640b5ec54ac4fc3f46c"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
5013
x-amz-cf-id
UJnexACzOW8pikIYdgX6jeyiCrht4e1McRraFv9RPvuGRSzsMBcATA==
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/turtlediary-com/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.111.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-113.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 22:49:33 GMT
content-encoding
gzip
via
1.1 0cd8fe15d9bdb168de9cd5f22954d220.cloudfront.net (CloudFront)
last-modified
Fri, 21 Jul 2023 22:21:17 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P2
age
10736
x-amz-server-side-encryption
AES256
etag
W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
ZjJKaYNFQ6nIk_d0FAzOc8Z7Wtpw3mGr_B8g7Vf4mU3hn9W_S5ADHg==
pubfig.engine.js
a.pub.network/core/pubfig/e9e7b93c427555a36e127e2afd65a8008f3e0421/ 		461 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/core/pubfig/e9e7b93c427555a36e127e2afd65a8008f3e0421/pubfig.engine.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/turtlediary-com/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.20.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d90575d5c19e002a7c3ea1fdc7c5b9a07061240792561f19da24cf2d97e41619

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 01:48:28 GMT
content-encoding
gzip
cf-cache-status
HIT
age
105167
x-guploader-uploadid
ADPycduYO4gf3P34JqXZFExJ9B4AIKZAu9SL1EpYsEZ_OCFq0y-9ZGKu4FBTtv42_Gik2-uSF0DthkQ4KuZubdqdRmzQZ7pgsYRb
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
last-modified
Mon, 28 Aug 2023 17:55:19 GMT
server
cloudflare
etag
W/"655a626c4bd3a735665cabe7b7f81661"
vary
Accept-Encoding
x-goog-hash
crc32c=YyR+sA==, md5=ZVpibEvTpzVmXKvnt/gWYQ==
x-goog-generation
1693245319749669
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=3600
x-goog-stored-content-length
472019
cf-ray
8064f7c50db8aae4-SYD
expires
Thu, 14 Sep 2023 02:48:28 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=23384447&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1694656108337&ns_c=UTF-8&cs_ucfr=&c7=https%3A%2F%2Fwww.turtlediary.com%2F&c8=Educational%20Games%20%7C%20Edu...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1694656108337&ns_c=UTF-8&cs_ucfr=&c7=https%3A%2F%2Fwww.turtlediary.com%2F&c8=Educational%20Games%20%7C%20Ed...
0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1694656108337&ns_c=UTF-8&cs_ucfr=&c7=https%3A%2F%2Fwww.turtlediary.com%2F&c8=Educational%20Games%20%7C%20Educational%20Games%20For%20Kids%20%7C%20Turtle%20Diary&c9=
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Server
18.67.111.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-113.syd62.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 01:48:28 GMT
via
1.1 0cd8fe15d9bdb168de9cd5f22954d220.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
SYD62-P2
x-amz-cf-id
YNvUoqnJjhl7ExmlMQmS1zQWQ0KzDIqJDu6fp6pKv_gHterya5DsOQ==
x-cache
Miss from cloudfront

Redirect headers

date
Thu, 14 Sep 2023 01:48:28 GMT
via
1.1 0cd8fe15d9bdb168de9cd5f22954d220.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
SYD62-P2
x-cache
Miss from cloudfront
location
/b2?c1=2&c2=23384447&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1694656108337&ns_c=UTF-8&cs_ucfr=&c7=https%3A%2F%2Fwww.turtlediary.com%2F&c8=Educational%20Games%20%7C%20Educational%20Games%20For%20Kids%20%7C%20Turtle%20Diary&c9=
content-length
0
x-amz-cf-id
Sg_6tufmZfS1cP7eHe6ZpWggiR8vNNXLrVjtRrKfCE9lXai8RbbVLw==
/
optimise.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://optimise.net/?k=0&d=www.turtlediary.com&t=desktop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.152.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.152.111.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.turtlediary.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key
access-control-allow-methods
ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
access-control-allow-origin
https://www.turtlediary.com
access-control-expose-headers
fs-client-rtt
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
date
Thu, 14 Sep 2023 01:48:28 GMT
expires
0
fs-client-rtt
1
pragma
no-cache
strict-transport-security
max-age=31536000;includeSubDomains;preload;
via
1.1 google
/
optimise.net/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://optimise.net/?k=0&d=www.turtlediary.com&t=desktop
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/e9e7b93c427555a36e127e2afd65a8008f3e0421/pubfig.engine.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.152.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.152.111.34.bc.googleusercontent.com
Software
/
Resource Hash
49004b108bd03b0e301d3a086032488071ff70ac7e1adad8beee1844f3b144dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload;

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type
application/json

Response headers

strict-transport-security
max-age=31536000;includeSubDomains;preload;
via
1.1 google
date
Thu, 14 Sep 2023 01:48:01 GMT
fs-client-rtt
2
age
27
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1386
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
content-type
application/json
access-control-allow-origin
https://www.turtlediary.com
access-control-expose-headers
fs-client-rtt
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key
expires
0
config.js
cdn.confiant-integrations.net/8TlPs9_ElE3wQ2Gw5lJXkicRVtw/gpt_and_prebid/ 		130 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/8TlPs9_ElE3wQ2Gw5lJXkicRVtw/gpt_and_prebid/config.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/e9e7b93c427555a36e127e2afd65a8008f3e0421/pubfig.engine.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.144.166 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2af1f43affd0d03a1d843d9d3c9b4ec30086773ffc449132e2f3a54cd71cd5dc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 01:48:28 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 14 Sep 2023 01:36:37 GMT
server
cloudflare
x-amz-request-id
N4J5VVGB2VQKGVN3
age
403
etag
W/"a244371a91068dac8fb12a313e85fe93"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=900, stale-while-revalidate=3600
cf-ray
8064f7c77e52a81d-SYD
alt-svc
h3=":443"; ma=86400
x-amz-id-2
xHaGdL+yLJcqd4IhoCUtLw79FyhMOSMp480mZban4qet7deDzw54r8aouOo1U9mDTJqXDs+b6bsH72pP2SP3yhl7dyWSKkWlyNSjlrV+LmA=
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		98 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/e9e7b93c427555a36e127e2afd65a8008f3e0421/pubfig.engine.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.226 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f2.1e100.net
Software
cafe /
Resource Hash
a6fc3340f6c2490e48fbe816430f947c40ccf5c7566d8e2b7fd92e5bf76181df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 01:48:29 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29190
x-xss-protection
0
server
cafe
etag
294 / 19614 / 31077786 / config-hash: 14807541374439129751
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 14 Sep 2023 01:48:29 GMT
tag
btloader.com/
Redirect Chain
  • https://freestar-io.videoplayerhub.com/gallery.js
  • https://btloader.com/tag?h=freestar-io&upapi=true
304 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?h=freestar-io&upapi=true
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Server
104.26.7.139 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
272fc2579bb523efb6094a51fee8f7aa080c2abcc8a2c5bd69dbc5af042f4d91

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 01:48:29 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 14 Sep 2023 01:19:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1647
etag
W/"40436261639850cdecf6a4396233f7eb"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z%2B%2BfZ09gQkrNWasS2CpiBs17zzyCIff%2FyufOq%2FuU5e1VicpDNM0vsgONB0nv0GLyYH84g4brjPPIc7l9KvExmnlZ%2FEhK6scUMlDIPFpvJ2tVRvAqDm8VKES%2F9yvYzw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray
8064f7c99c6ea96d-SYD

Redirect headers

date
Thu, 14 Sep 2023 01:48:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GMwEjBPrJ4c60JHKg2jJVhfOntmlUCsCT%2BdksJpd23jeUJsYqIKVxmSZsz0lycvx2R1fFtPgHl0PrXTVkErQmcaB7I2DAH1aKdxRabnYJL4IDGK39XdUNqlg%2B3AO%2Fm4p8bClmpDmKanlUlcXf5OM1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
location
https://btloader.com/tag?h=freestar-io&upapi=true
cache-control
max-age=3600
cf-ray
8064f7c77e8adfab-SYD
expires
Thu, 14 Sep 2023 02:48:28 GMT
hadron.js
cdn.hadronid.net/ 		55 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.turtlediary.com%2F&ref=&_it=freestar&partner_id=474
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.53.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ee69abe38a87fd8aa0867401e1e14d2831eab6dfb1bb2d97abf65ac57cb5705

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 01:48:28 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 07 Sep 2023 17:31:32 GMT
server
cloudflare
x-amz-request-id
907JHMEEKQ08DSV2
age
880
etag
W/"8bbf05f440008747d4df642e30fc4ddc"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
8064f7c77c00a968-SYD
x-amz-id-2
oJpPJCbEID7z1zM9kIxlsqSbq8xeH5HC5gS4xpeHur3SW4yHO8BbtAlQwktjkw9El2h2R0B/Pt0=
prebid-analytics-7.48.4.js
a.pub.network/core/ 		596 KB
193 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/core/prebid-analytics-7.48.4.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/e9e7b93c427555a36e127e2afd65a8008f3e0421/pubfig.engine.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.20.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
788c13994d09fd809cb431d4a0a2aaba6dd88c9b2ba4c0c9e03345362d9633ec

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 01:48:28 GMT
content-encoding
gzip
cf-cache-status
HIT
age
18763
x-guploader-uploadid
ADPycdtmO03yzPvgDp0vPmeb3lu7E-KVwlVub7V_ZZBT-Y422gYq7e9GrsvnE46a5FvrO99d-jA8t3OSAzwpQjH3PbyC
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
last-modified
Tue, 18 Jul 2023 18:59:55 GMT
server
cloudflare
etag
W/"5243e8ea27fda1bab8578db0b34dba61"
vary
Accept-Encoding
x-goog-generation
1689706795179212
content-type
text/html
access-control-allow-origin
*
x-goog-hash
crc32c=hSRCNw==, md5=UkPo6if9obq4V42ws026YQ==
content-language
en
access-control-expose-headers
*
cache-control
public, max-age=31517236
x-goog-stored-content-length
610321
cf-ray
8064f7c58e27aae4-SYD
expires
Thu, 12 Sep 2024 20:35:44 GMT
collect
www.google-analytics.com/j/ 		3 B
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=452010496&t=pageview&_s=1&dl=https%3A%2F%2Fwww.turtlediary.com%2F&ul=en-us&de=UTF-8&dt=Educational%20Games%20%7C%20Educational%20Games%20For%20Kids%20%7C%20Turtle%20Diary&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1849380581&gjid=375550917&cid=1672199384.1694656108&tid=UA-31320576-1&_gid=113130241.1694656108&_r=1&_slc=1&z=756399482
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.76.110 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:28 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.turtlediary.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-W1C8HMBE0D&gtm=45je39b0&_p=452010496&cid=1672199384.1694656108&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1694656108&sct=1&seg=0&dl=https%3A%2F%2Fwww.turtlediary.com%2F&dt=Educational%20Games%20%7C%20Educational%20Games%20For%20Kids%20%7C%20Turtle%20Diary&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-W1C8HMBE0D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.76.110 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:28 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.turtlediary.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
nodejs.turtlediary.com/socket.io/ 		97 B
257 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://nodejs.turtlediary.com/socket.io/?EIO=4&transport=polling&t=OgHO1Ya
Requested by
Host: nodejs.turtlediary.com
URL: https://nodejs.turtlediary.com/socket.io/socket.io.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.205.53.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-205-53-163.compute-1.amazonaws.com
Software
/
Resource Hash
ad04b953634240561519d9c18287ae82f10b4200ec156808234e7fc64cbe7a82

Request headers

Accept
*/*
Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-origin
https://www.turtlediary.com
date
Thu, 14 Sep 2023 01:48:29 GMT
access-control-allow-credentials
true
content-length
97
vary
Origin
content-type
text/plain; charset=UTF-8
hadron.json
id.hadron.ad.gt/v1/ 		110 B
298 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=freestar&partner_id=474&sync=0&domain=www.turtlediary.com&url=https://www.turtlediary.com/
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.turtlediary.com%2F&ref=&_it=freestar&partner_id=474
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.4.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4022cb9ff13180686b7258efb389a65689f6a8b566f5705b3631db660a4e5d49

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 14 Sep 2023 01:48:29 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
private,max-age=30
access-control-allow-credentials
true
debug
NON-OPTIONS
access-control-allow-headers
authorization
cf-ray
8064f7cabd8baaea-SYD
hadron.json
id.hadron.ad.gt/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=freestar&partner_id=474&sync=0&domain=www.turtlediary.com&url=https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.4.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.turtlediary.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin
*
allow
POST, OPTIONS, GET
cf-cache-status
DYNAMIC
cf-ray
8064f7c9ac87aaea-SYD
content-length
0
content-type
application/json
date
Thu, 14 Sep 2023 01:48:29 GMT
debug
OPTIONS block
server
cloudflare
wrap.js
cdn.confiant-integrations.net/gptprebidnative/202309120957/ 		261 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/gptprebidnative/202309120957/wrap.js
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/8TlPs9_ElE3wQ2Gw5lJXkicRVtw/gpt_and_prebid/config.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.144.166 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8ca051f24c9b771310374d1c018407fe47f58a95ab8f9a0aa5251bbb9f6ad32

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 01:48:28 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 12 Sep 2023 14:29:06 GMT
server
cloudflare
x-amz-request-id
AQHXFBVEERVHZ987
age
119763
etag
W/"703380e26754c63ed040ba5bdfd636e5"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
8064f7c7be8da81d-SYD
alt-svc
h3=":443"; ma=86400
x-amz-id-2
MinUc/zQO2a0bGNbJgRl5JffT78sC0TlIrSmafO4+OIUaKRF98i0Zsrwc8j2N6h62+qu/YfHNzQ=
skeleton.gif
static.adsafeprotected.com/ 		43 B
483 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif?adslot=ad_300x250_7396850
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.214.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-214-125.sfo53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Sun, 14 May 2023 09:17:17 GMT
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via
1.1 35e7912b77137b5fd670abbaffd598de.cloudfront.net (CloudFront)
x-amz-cf-pop
SFO53-P4
age
10600273
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
etag
"45cf913e5d9d3c9b2058033056d3dd23"
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
eDA4iSTJl4DaqwKQpCLn4zdFmJDXRy91X2hyfOD950RgcXHgeyFzgQ==
html2canvas.js
www.turtlediary.com/js/new/ 		58 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.turtlediary.com/js/new/html2canvas.js?v=1.1
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/min/?g=footertdjs1&v=59.43
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-107.syd1.r.cloudfront.net
Software
Apache/2.4.54 (Unix) OpenSSL/1.1.1n /
Resource Hash
eca003642178c47d53f4b1c5ae15b453eb75bf875f40d4505f790760345dc3d0
Security Headers
Name Value
X-Frame-Options allow-from SAMEORIGIN

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 01:48:29 GMT
content-encoding
gzip
via
1.1 eda9fe2763cea4a982a09ceb352512a6.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD1-C1
x-cache
Miss from cloudfront
content-length
15368
server
Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-frame-options
allow-from SAMEORIGIN
access-control-allow-methods
GET,POST,OPTIONS,DELETE,PUT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, public
vary
Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
Accept, Authorization, Origin, Content-Type
x-amz-cf-id
BCDetvi0CLbdA6RuZzy2rGGTxMV6q1R9MjtdCuUN-bOoWA2jpuh0aw==
expires
Thu, 21 Sep 2023 01:48:29 GMT
jquery.simplePopup.js
www.turtlediary.com/js/new/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.turtlediary.com/js/new/jquery.simplePopup.js?v=1
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/min/?g=footertdjs1&v=59.43
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-107.syd1.r.cloudfront.net
Software
Apache/2.4.54 (Unix) OpenSSL/1.1.1n /
Resource Hash
42c1f6a66ff3442adb9b6d0a97b9e66bec0c8c7fc5f1c95345c73430dbc35d7c
Security Headers
Name Value
X-Frame-Options allow-from SAMEORIGIN

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 01:48:29 GMT
content-encoding
gzip
via
1.1 eda9fe2763cea4a982a09ceb352512a6.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD1-C1
x-cache
Miss from cloudfront
content-length
740
server
Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-frame-options
allow-from SAMEORIGIN
access-control-allow-methods
GET,POST,OPTIONS,DELETE,PUT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, public
vary
Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
Accept, Authorization, Origin, Content-Type
x-amz-cf-id
tCZUyWAyVRW_WU-qBJg5kXnvymue52Cqas6MkKdvK-WD5ufjrHudhQ==
expires
Thu, 21 Sep 2023 01:48:29 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309110101/ 		408 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309110101/pubads_impl.js?cb=31077786
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.226 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f2.1e100.net
Software
cafe /
Resource Hash
7aefa7a735322bc937d004ffb976c57e6f187d12547bdd5b755251412393c075
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 10:37:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
54688
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131712
x-xss-protection
0
server
cafe
etag
7905716078372049509
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 12 Sep 2024 10:37:01 GMT
state
api.btloader.com/mw/ 		0
101 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/mw/state?bt_env=prod
Requested by
Host: freestar-io.videoplayerhub.com
URL: https://freestar-io.videoplayerhub.com/gallery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 14 Sep 2023 01:48:29 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
px.gif
ad-delivery.net/ 		43 B
920 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 01:48:29 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
638937
x-guploader-uploadid
ADPycdsodL1iKpQeKICyIOUQqS4To2nCJrovoa8Um-wFFS9C4Ro605uWANF-pzXhvEV9S_aTJdc7N0StG4LVEfNLrLrSubgVQOol
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6AvtJo0qilDLWqfQuTgYDK6Eznp%2BloBJr7gT%2FKWcQih3WA96cjuFQuVHSwvvh5L8cvjcobmGnsVwlam2T6ReYpqrMxyFyQgjjCDPZZSL0R%2BhNsDzwCKk3d28lDfYVK0sYA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
8064f7cc1b27ab05-SYD
expires
Wed, 06 Sep 2023 16:42:47 GMT
favicon.ico
ad.doubleclick.net/ 		1 KB
570 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 01:34:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
868
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Sep 2023 01:34:01 GMT
px.gif
ad-delivery.net/ 		43 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.9217259831544393
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 01:48:29 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
638937
x-guploader-uploadid
ADPycdsodL1iKpQeKICyIOUQqS4To2nCJrovoa8Um-wFFS9C4Ro605uWANF-pzXhvEV9S_aTJdc7N0StG4LVEfNLrLrSubgVQOol
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aZhIdTRSC0IzK6qMcOTIav%2BJ4OgKVaaG752%2F22Aem3gXo7t4usQsxZCf7oBEt7q6dG4JAkZ676zAvgzBw9hQj2KOqer9macZGkeyna7b7dTnVKIyU4iVN1ZZLQboX2Fgqw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
8064f7cc1b2aab05-SYD
expires
Wed, 06 Sep 2023 16:42:47 GMT
floors
api.floors.dev/sgw/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.floors.dev/sgw/v1/floors
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.128.112 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
112.128.160.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-api-key
Access-Control-Request-Method
POST
Origin
https://www.turtlediary.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key
access-control-allow-methods
ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
access-control-allow-origin
https://www.turtlediary.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
cache-status
uncacheable
content-length
0
date
Thu, 14 Sep 2023 01:48:29 GMT
expires
0
pragma
no-cache
strict-transport-security
max-age=31536000;includeSubDomains;preload;
via
1.1 google
floors
api.floors.dev/sgw/v1/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.floors.dev/sgw/v1/floors
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/e9e7b93c427555a36e127e2afd65a8008f3e0421/pubfig.engine.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.128.112 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
112.128.160.34.bc.googleusercontent.com
Software
/
Resource Hash
e9d04747af2c344dc6d80edcd75d6cb7a1cf27951a00bc2bd6620a5ea34c5d78
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload;

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
x-api-key
4e799501-b8b6-4ef1-bad5-225b3dd1aa8d
Content-Type
application/json

Response headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:29 GMT
strict-transport-security
max-age=31536000;includeSubDomains;preload;
via
1.1 google
cache-status
uncacheable
access-control-max-age
3600
access-control-allow-methods
ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
content-type
application/json
access-control-allow-origin
https://www.turtlediary.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
/
nodejs.turtlediary.com/socket.io/ 		2 B
148 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://nodejs.turtlediary.com/socket.io/?EIO=4&transport=polling&t=OgHO1hu&sid=wrabaR59lFKhfDakF5sM
Requested by
Host: nodejs.turtlediary.com
URL: https://nodejs.turtlediary.com/socket.io/socket.io.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.205.53.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-205-53-163.compute-1.amazonaws.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept
*/*
Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.turtlediary.com
date
Thu, 14 Sep 2023 01:48:29 GMT
access-control-allow-credentials
true
content-length
2
vary
Origin
content-type
text/html
/
nodejs.turtlediary.com/socket.io/ 		32 B
191 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://nodejs.turtlediary.com/socket.io/?EIO=4&transport=polling&t=OgHO1hy&sid=wrabaR59lFKhfDakF5sM
Requested by
Host: nodejs.turtlediary.com
URL: https://nodejs.turtlediary.com/socket.io/socket.io.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.205.53.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-205-53-163.compute-1.amazonaws.com
Software
/
Resource Hash
d46c8f64c6f76d6fb18d86fd5032acd2027edb8ec7916fa83756d362b96bef7a

Request headers

Accept
*/*
Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-origin
https://www.turtlediary.com
date
Thu, 14 Sep 2023 01:48:29 GMT
access-control-allow-credentials
true
content-length
32
vary
Origin
content-type
text/plain; charset=UTF-8
analytics.min.js
a.pub.network/core/analytics/1.1.1/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/core/analytics/1.1.1/analytics.min.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/e9e7b93c427555a36e127e2afd65a8008f3e0421/pubfig.engine.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.20.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56962bc48f2acb175c71b59298782cc1e841afb9f725986955105139e52078e9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 01:48:29 GMT
content-encoding
gzip
cf-cache-status
HIT
age
105169
x-guploader-uploadid
ADPycdvmdy7cYdCw5EaJ2nDML-OcKQO-ssYJwZOHQTlUBVUnjhjpo-UzOaJ1vaO61q0NBMEhAJZ2JS2tKfZPWZ9v6rMNfuC8cpAm
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
last-modified
Tue, 21 Mar 2023 16:29:06 GMT
server
cloudflare
etag
W/"9faa51c72267d7040ea861c2a59c266f"
vary
Accept-Encoding
x-goog-hash
crc32c=Yy7HVA==, md5=n6pRxyJn1wQOqGHCpZwmbw==
x-goog-generation
1679416146332026
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=3600
x-goog-stored-content-length
13155
cf-ray
8064f7cbcc99aae4-SYD
expires
Thu, 14 Sep 2023 02:48:29 GMT
country
api.btloader.com/ 		16 B
141 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/country
Requested by
Host: freestar-io.videoplayerhub.com
URL: https://freestar-io.videoplayerhub.com/gallery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
fa1f876cb70f7a711191b9dab191d9cc1c037ae4f5f5ea032dfe742f51c07f65

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 01:48:29 GMT
via
1.1 google
vary
Origin
content-type
application/json
access-control-allow-origin
*
cache-control
private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
pv
api.btloader.com/ 		0
66 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/pv?tid=QrgOxZIu&w=5171088952131584&o=5714937848528896&cv=2.1.17-2-g0b33bd3&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fwww.turtlediary.com%2F&sid=TKazzlgV&upapi=true
Requested by
Host: freestar-io.videoplayerhub.com
URL: https://freestar-io.videoplayerhub.com/gallery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 14 Sep 2023 01:48:29 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
/
nodejs.turtlediary.com/socket.io/ 		2 B
148 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://nodejs.turtlediary.com/socket.io/?EIO=4&transport=polling&t=OgHO1l4&sid=wrabaR59lFKhfDakF5sM
Requested by
Host: nodejs.turtlediary.com
URL: https://nodejs.turtlediary.com/socket.io/socket.io.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.205.53.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-205-53-163.compute-1.amazonaws.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept
*/*
Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.turtlediary.com
date
Thu, 14 Sep 2023 01:48:29 GMT
access-control-allow-credentials
true
content-length
2
vary
Origin
content-type
text/html
/
nodejs.turtlediary.com/socket.io/ 		1 B
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://nodejs.turtlediary.com/socket.io/?EIO=4&transport=polling&t=OgHO1l5&sid=wrabaR59lFKhfDakF5sM
Requested by
Host: nodejs.turtlediary.com
URL: https://nodejs.turtlediary.com/socket.io/socket.io.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.205.53.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-205-53-163.compute-1.amazonaws.com
Software
/
Resource Hash
e7f6c011776e8db7cd330b54174fd76f7d0216b612387a5ffcfb81e6f0919683

Request headers

Accept
*/*
Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-origin
https://www.turtlediary.com
date
Thu, 14 Sep 2023 01:48:30 GMT
access-control-allow-credentials
true
content-length
1
vary
Origin
content-type
text/plain; charset=UTF-8
472808c7bb420c1fa7fb9473d2326669c5ca0734a66bf8
fronttoad.com/confirm/2f617131/ 		284 B
801 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fronttoad.com/confirm/2f617131/472808c7bb420c1fa7fb9473d2326669c5ca0734a66bf8
Requested by
Host: fronttoad.com
URL: https://fronttoad.com/dist/fa1218bde8a6ad2/091934170fd4e1cc42971ab.main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.63.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.63.160.34.bc.googleusercontent.com
Software
/
Resource Hash
3160359428c814be0c907df60d8cf5fc0d211bf9e1708bc0e6a7606d87ef98fc
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Thu, 14 Sep 2023 01:48:30 GMT
via
1.1 google
x-buildnumber
998028631
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
284
x-datacenter
gce-asia-east1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.turtlediary.com
x-hostname
fen-hoothoot-asia-east1-spot-0scq
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Thu, 14 Sep 2023 01:48:29 GMT
IIQUniversalID.js
a.pub.network/core/intentIQ/20230622/ 		55 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/core/intentIQ/20230622/IIQUniversalID.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/e9e7b93c427555a36e127e2afd65a8008f3e0421/pubfig.engine.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.20.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48c76c91f2d42a1668fee310da41b7c1f0d97d7ab0fa55fcf794e2cd3e412242

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 01:48:29 GMT
content-encoding
gzip
cf-cache-status
HIT
age
105167
x-guploader-uploadid
ADPycdunNmAzSk5ajMjDEdm5UEtHq07Bvj8nPtPuS_XHRHKjbmXryoRLsTWELVfx50fGKSNxl14LMpEJ5EkIvVM2BK3A
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
last-modified
Thu, 22 Jun 2023 23:15:14 GMT
server
cloudflare
etag
W/"c45a15a8a50c2a275e14695cf631d08d"
vary
Accept-Encoding
x-goog-hash
crc32c=6m2COg==, md5=xFoVqKUMKideFGlc9jHQjQ==
x-goog-generation
1687475714790007
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=3600
x-goog-stored-content-length
56442
cf-ray
8064f7ce0eeeaae4-SYD
expires
Thu, 14 Sep 2023 02:48:29 GMT
ProfilesEngineServlet
api.intentiq.com/profiles_engine/ 		92 B
930 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=1434517136&pt=17&dpn=1&jsver=5.4&iiqidtype=2&iiqpcid=6fc69c00-6767-458d-aac5-e9447f440adb&iiqpciddate=1694656109791&jaesc=0&jafc=0&jaensc=0&iiqlocalstorageenabled=true&tsrnd=920_1694656109791&cttl=43200000&rrtt=0&dud=0&abtg=A&vrref=www.turtlediary.com&japbjs=true&japs=false
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/intentIQ/20230622/IIQUniversalID.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.111.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-81.syd62.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
0c0d9eaa19e916706042c05e57dd0a59b959a94e2ea59705d30c63ed292adbb6

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 01:48:29 GMT
via
1.1 df166554184adf2da43f53000107ac74.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P2
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
patent
https://www.almondnet.com/ip
alt-svc
h3=":443"; ma=86400
pragma
no-cache
server
Apache-Coyote/1.1
vary
Origin
access-control-allow-methods
POST, GET
content-type
text/html
access-control-allow-origin
https://www.turtlediary.com
access-control-max-age
3600
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type, Accept, X-Requested-With, remember-me
x-amz-cf-id
j9JGfMCUD7z9O_tSyVelqUF_eNk7uZAFSEy_JAnXole5H79REYdYFw==
expires
Thu, 01 Jan 1970 00:00:00 GMT
ProfilesEngineServlet
sync1.intentiq.com/profiles_engine/
Redirect Chain
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=1434517136&rnd=575033&iiqidtype=2&iiqpcid=6fc69c00-6767-458d-aac5-e9447f440adb&iiqpciddate=1694656109791&tsr...
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=1434517136&rnd=575033&iiqidtype=2&iiqpcid=6fc69c00-6767-458d-aac5-e9447f440adb&iiqpciddate=1694656109791&ts...
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=1434517136&rnd=575033&iiqidtype=2&iiqpcid=6fc69c00-6767-458d-aac5-e9447f440adb&iiqpciddate=1694656109791&tsrnd=872_1694656109793&vrref=www.turtlediary.com&jsver=5.4&abtp=95&abtg=A&ckls=true&ci=KfWH3GGccn&nc=false&trid=1444694933
Protocol
H2
Server
13.35.147.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-78.syd1.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:30 GMT
via
1.1 0b26d7ef0f265884570bdb3e6c3750b0.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
SYD1-C1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
nfBm0ObpZAmz0bST6yxeupOnwsy7xswIl8gZV_j2W_PAuHfuU1BEgg==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:29 GMT
via
1.1 0b26d7ef0f265884570bdb3e6c3750b0.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
SYD1-C1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=1434517136&rnd=575033&iiqidtype=2&iiqpcid=6fc69c00-6767-458d-aac5-e9447f440adb&iiqpciddate=1694656109791&tsrnd=872_1694656109793&vrref=www.turtlediary.com&jsver=5.4&abtp=95&abtg=A&ckls=true&ci=KfWH3GGccn&nc=false&trid=1444694933
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
patent
https://www.almondnet.com/ip
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
_GULAbBg5X4vBrTUD5PI_CHHKaiOwp5ULUX8iVp_-Njh0-53DccgHQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT
c
c.pub.network/v2/ 		36 B
53 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/analytics/1.1.1/analytics.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
6145872560198a8b8d96a8783767356ee566ab5f41287c48df9e6fdc228d5f96

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 14 Sep 2023 01:48:30 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://www.turtlediary.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
c
c.pub.network/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.turtlediary.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.turtlediary.com
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 14 Sep 2023 01:48:30 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
via
1.1 google
rtd
id.hadron.ad.gt/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/api/v1/rtd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.4.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.turtlediary.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
allow
POST, OPTIONS, GET
cf-cache-status
DYNAMIC
cf-ray
8064f7cfeb46aaea-SYD
content-length
0
content-type
application/json
date
Thu, 14 Sep 2023 01:48:30 GMT
debug
rtd-nx-sv
server
cloudflare
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.turtlediary.com%2F&domain=www.turtlediary.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.turtlediary.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.turtlediary.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 14 Sep 2023 01:48:30 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
274987
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
liveView.php
live.primis.tech/live/ 		47 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?s=114564&cbuster=1694656110&pubUrl=https://www.turtlediary.com/&x=400&y=272&playerApiId=freestarPrimisPlayer&schain=1.0,1!freestar.com,1564,1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/e9e7b93c427555a36e127e2afd65a8008f3e0421/pubfig.engine.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-19.sin5.r.cloudfront.net
Software
nginx /
Resource Hash
c8317e0c667c3d757c3d64a463940346ef67da96cb8b2dd2269ccaa5cd7f87ae

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:30 GMT
content-encoding
gzip
via
1.1 101fe44f3abacff135b2a73264d75b1e.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SIN5-C1
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
x-amz-cf-id
4fbhUzeUXCbSRP-CfGKyyh_AocIwsMtTZFkgvI6GueHdRto67GRQ9g==
quant.js
secure.quantserve.com/ 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/e9e7b93c427555a36e127e2afd65a8008f3e0421/pubfig.engine.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.171 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7c1b0b0523c8cd715c6a906f13a121cd27392d8e61d58c38c7ceb32ec22e59f4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 01:48:30 GMT
content-encoding
gzip
etag
"6ioqmyHWSWLYz5hkRjy8Uw=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Thu, 21 Sep 2023 01:48:30 GMT
rtd
id.hadron.ad.gt/api/v1/ 		27 B
86 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/api/v1/rtd
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.4.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33c1ab6a01b4049878497c2874d8cbb72e14ee7cf14fafec3c09b45f9874b67e

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 14 Sep 2023 01:48:30 GMT
cf-cache-status
DYNAMIC
server
cloudflare
allow
POST, OPTIONS, GET
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
debug
rtd-nx-sv
access-control-allow-headers
*
content-length
27
cf-ray
8064f7d0fcc4aaea-SYD
json
gum.criteo.com/sid/ 		362 B
674 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.turtlediary.com%2F&domain=www.turtlediary.com&cw=1&lsw=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
51e3c235fcebabd0af9a5437cd1e19d4b8241f262e6a86653943884b940600f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:30 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.turtlediary.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
503758
expires
0
rid
match.adsrvr.org/track/ 		109 B
546 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=6bjin1p&fmt=json
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
459affcb629a474f69a019666578ab4bc82b658550fd42c3f49559b40cdc71d0

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 14 Sep 2023 01:48:30 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.turtlediary.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Sat, 14 Oct 2023 01:48:30 GMT
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309110101/pubads_impl.js?cb=31077786
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 23:22:34 GMT
content-encoding
gzip
age
1909556
x-guploader-uploadid
ADPycduruLX3CkRCvjM4D44BJwbJMdkXirVGl_ZIKT7D8F6JxxeJwBTkUWv34758RtnE9Wk3QelmsLsDnwrBMePD-zM0Cw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Wed, 21 Aug 2024 23:22:34 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309110101/pubads_impl.js?cb=31077786
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-111.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 16:57:09 GMT
content-encoding
gzip
via
1.1 fd2442d18add87f1fea3351cec311828.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:57 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C1
age
31882
etag
W/"e073e71ed7a44e6f9cdd72904fda5940"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
PJCoVnsQYWJ4O8csPwgibAZx2te0V_VxDw_1fz1thqtRZNM_E0nJlQ==
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309110101/pubads_impl.js?cb=31077786
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 01:48:30 GMT
via
1.1 google, 1.1 google
last-modified
Thu, 03 Aug 2023 03:28:51 GMT
server
Google Frontend
etag
fc4e6bfe266081c4873c6f08c8298e5c
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
d07573dc2a241e780edea1a873f58362
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1207
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
901 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309110101/pubads_impl.js?cb=31077786
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.229 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 14 Sep 2023 01:48:30 GMT
x-content-type-options
nosniff
content-encoding
br
age
8693
x-jsd-version
master
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
439
x-served-by
cache-fra-eddf8230042-FRA, cache-bfi-kbfi7400078-BFI
x-jsd-version-type
branch
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
esp.js
cdn.id5-sync.com/api/1.0/ 		139 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309110101/pubads_impl.js?cb=31077786
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.52.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccebb3668d65d3268223556ecdbe14e98305dd0abeffe6308c75e7fb21188fc5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 01:48:30 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 08 Sep 2023 09:30:49 GMT
server
cloudflare
x-amz-request-id
Z038X32Z5SQ4B5CG
age
1686
etag
W/"1a5f44cdb786ba83a7fa05963228f464"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
8064f7d1ec31558d-SYD
x-amz-id-2
FCaazjRpLlRvDX+vPJQoK3dVJNSmbX7flY54sLGNoUQw92AUjOrU2teiwNPVwimpZHbiy7Y28Tg=
publishertag.ids.js
static.criteo.net/js/ld/ 		43 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309110101/pubads_impl.js?cb=31077786
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
c746ca687b3e79023240e45eb684f036fd9a1312b454758a6018b3ece635dafb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 01:48:30 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 07 Sep 2023 09:22:37 GMT
server
nginx
etag
W/"64f9965d-ab99"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 15 Sep 2023 01:48:30 GMT
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.turtlediary.com%2F&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.turtlediary.com%2F&rid=esp&cc=1
85 B
204 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.turtlediary.com%2F&rid=esp&cc=1
Protocol
H2
Server
34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.107.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
238a96f2f9326bcbe2f36f42ff6ad4257169338f3cc8650ef865e3864c68a4a7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 01:48:30 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-+QeaZINwVU8P+xJMPyP9McvKKWs"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.turtlediary.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Thu, 14 Sep 2023 01:48:30 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://www.turtlediary.com
location
/esp?url=https%3A%2F%2Fwww.turtlediary.com%2F&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
map
bcp.crwdcntrl.net/6/ 		235 B
694 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.251.250.53 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-251-250-53.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
ac8f8f89c06657fda770c6c28d203f7dfbe53cf471624efe79eb56309d77d5f8

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:30 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.turtlediary.com
cache-control
no-cache
x-server
10.42.9.24
access-control-allow-credentials
true
content-length
235
expires
0
cookie_sync
s2s.t13.io/ 		2 KB
807 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s2s.t13.io/cookie_sync
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
4c1c47df19d54a62d50b37f0a24217bff9f19ed6736271695dda2067b90810dd

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:30 GMT
content-encoding
gzip
via
1.1 google
content-type
application/json
access-control-allow-origin
https://www.turtlediary.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
590
expires
0
auction
s2s.t13.io/openrtb2/ 		19 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s2s.t13.io/openrtb2/auction
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
8614d7716650389dda7fb5290faffbc1417c4dc0041f25be95cc5d026cfea041

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:30 GMT
content-encoding
gzip
via
1.1 google
x-prebid
pbs-java/1.125.0
content-type
application/json
access-control-allow-origin
https://www.turtlediary.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9269
expires
0
prebidjs
rtb.openx.net/openrtbb/ 		53 B
261 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
4b081453cc5e5c47598d28d440b823956babdccd5f32c1e9769b99a7446c4818

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 14 Sep 2023 01:48:30 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.turtlediary.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
prebid
ib.adnxs.com/ut/v3/ 		0
0
v1
btlr.sharethrough.com/universal/ 		793 B
869 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.251.110.142 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-251-110-142.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
f65520c20c71f3e0eaddd42e5ed97814fb1585fffbef10667f17085d4a910fee

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 14 Sep 2023 01:48:30 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.turtlediary.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
498
v1
btlr.sharethrough.com/universal/ 		522 B
716 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.251.110.142 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-251-110-142.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
04b9870d74f6bea5223495ef7969776b115b80ca40ed50203ad3bb41778353c4

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 14 Sep 2023 01:48:30 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.turtlediary.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
345
prebid
prebid.media.net/rtb/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUJ8GUQF
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
d50af2078e05e46a9d1bb0fdf46f79e92d28e5d63d6671c4a544d6689435be91

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:30 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.turtlediary.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
344
alt-svc
clear
expires
Thu, 14 Sep 2023 01:48:30 GMT
setuid
s2s.t13.io/
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-triple13&gdpr=&gdpr_consent=&us_privacy=
  • https://s2s.t13.io/setuid?bidder=rubicon&uid=LMIIHS1V-P-5LTY
86 B
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2s.t13.io/setuid?bidder=rubicon&uid=LMIIHS1V-P-5LTY
Protocol
H2
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:31 GMT
content-encoding
gzip
via
1.1 google
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s2s.t13.io/setuid?bidder=rubicon&uid=LMIIHS1V-P-5LTY
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6690dc791bf02dde8c4051a04cfd7bb8
Expires
0
increment
id5-sync.com/api/esp/ 		0
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.turtlediary.com
date
Thu, 14 Sep 2023 01:48:31 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
c
c.pub.network/v2/ 		36 B
53 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/analytics/1.1.1/analytics.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
6145872560198a8b8d96a8783767356ee566ab5f41287c48df9e6fdc228d5f96

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 14 Sep 2023 01:48:30 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://www.turtlediary.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
c
c.pub.network/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.turtlediary.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.turtlediary.com
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 14 Sep 2023 01:48:30 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
via
1.1 google
pd
google-bidout-d.openx.net/w/1.0/ Frame 43B8 		484 B
736 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
75182b15e3248b4a6b9f3abc5ee394b41168dbc0af4b01a21bb3ad8b9ab5fac8

Request headers

Referer
https://www.turtlediary.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
309
content-type
text/html
date
Thu, 14 Sep 2023 01:48:30 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
a229e267c71596f5aee8eb4de3257bd7cbb7cdaad239f7
fronttoad.com/31749376/ 		3 B
73 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fronttoad.com/31749376/a229e267c71596f5aee8eb4de3257bd7cbb7cdaad239f7
Requested by
Host: fronttoad.com
URL: https://fronttoad.com/dist/fa1218bde8a6ad2/091934170fd4e1cc42971ab.main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.63.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.63.160.34.bc.googleusercontent.com
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Thu, 14 Sep 2023 01:48:30 GMT
via
1.1 google
x-buildnumber
998028631
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
x-datacenter
gce-asia-east1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.turtlediary.com
x-hostname
fen-hoothoot-asia-east1-spot-0scq
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
sd
us-u.openx.net/w/1.0/ Frame 43B8
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=07396a53-496d-7a82-ebb2-5f7573181e46&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=8fe62721-aec1-4b0f-a07d-1b94d52b81c8&ttd_puid=07396a53-496d-7a82-ebb2-5f7573181e46&gdpr=0&gdpr_consent=
43 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=8fe62721-aec1-4b0f-a07d-1b94d52b81c8&ttd_puid=07396a53-496d-7a82-ebb2-5f7573181e46&gdpr=0&gdpr_consent=
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:30 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:30 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=8fe62721-aec1-4b0f-a07d-1b94d52b81c8&ttd_puid=07396a53-496d-7a82-ebb2-5f7573181e46&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
335
sd
jp-u.openx.net/w/1.0/ Frame 43B8
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=openx
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZQJmbsCo5tIAAE9FkucAAAAA
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZQJmbsCo5tIAAE9FkucAAAAA
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:30 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

X-SO-Cluster-ID
0
Date
Thu, 14 Sep 2023 01:48:30 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":0,"gdpr":false,"ipv4":"66.203.112.163","key":"ZQJmbsCo5tIAAE9FkucAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad158"}
X-SO-Key
ZQJmbsCo5tIAAE9FkucAAAAA
Server
nginx
X-SO-Upstream-ID
m-ad158
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZQJmbsCo5tIAAE9FkucAAAAA
Cache-Control
private
X-SO-HostName
m-ad158.dc4p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
2
Content-Length
0
X-SO-LB-Hostname
a-tgng40014.dc2p.scaleout.jp
X-SO-IP
66.203.112.163
sd
jp-u.openx.net/w/1.0/ Frame 43B8
Redirect Chain
  • https://cr-p3.ladsp.com/cookiesender/3
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AXuG-hSdcGQIks8AD7P3vJTfyM8AAAGKkWAgrQ
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AXuG-hSdcGQIks8AD7P3vJTfyM8AAAGKkWAgrQ
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:30 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:30 GMT
via
1.1 d0c0855de58a470001e3701ff4871f82.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
SYD1-C1
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AXuG-hSdcGQIks8AD7P3vJTfyM8AAAGKkWAgrQ
cache-control
no-cache
content-length
0
x-amz-cf-id
JXtGoJAPzulJzu6Tf2OaZrvRewf1hL8H_2qRWX-v72mcYOUIGT458g==
expires
-1
pixel
cm.g.doubleclick.net/ Frame 43B8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MmI1NmI5OTktODAxYS0yNDI2LWZlNTItMDVjY2I5ZmFkMDI2
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MmI1NmI5OTktODAxYS0yNDI2LWZlNTItMDVjY2I5ZmFkMDI2&google_tc=
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MmI1NmI5OTktODAxYS0yNDI2LWZlNTItMDVjY2I5ZmFkMDI2&google_tc=
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
172.217.167.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:30 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MmI1NmI5OTktODAxYS0yNDI2LWZlNTItMDVjY2I5ZmFkMDI2&google_tc=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 43B8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOydiHD4q6wssFjqOzDgzjE&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOydiHD4q6wssFjqOzDgzjE&google_cver=1
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:30 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:30 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOydiHD4q6wssFjqOzDgzjE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
liveView.php
live.primis.tech/live/ Frame 73E2 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?s=114564&cbuster=1694656110&pubUrl=https://www.turtlediary.com/&x=400&y=272&playerApiId=freestarPrimisPlayer&schain=1.0,1!freestar.com,1564,1&cbuster=1694656110&pubUrlAuto=https%3A%2F%2Fwww.turtlediary.com%2F&videoType=sticky&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=114564&cbuster=1694656110&pubUrl=https://www.turtlediary.com/&x=400&y=272&playerApiId=freestarPrimisPlayer&schain=1.0,1!freestar.com,1564,1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-19.sin5.r.cloudfront.net
Software
nginx /
Resource Hash
07c2a40c21c0ac4b10a96717691010f162edb9fd941b16c2bd310b5086a11c87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:30 GMT
content-encoding
gzip
via
1.1 101fe44f3abacff135b2a73264d75b1e.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SIN5-C1
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
x-amz-cf-id
bEsP61eXl5e4WHqRuwxPmxCjQXhqoRTkSDMmgda_6KYudevC0LBSbQ==
rules-p-UeXruRVtZz7w6.js
rules.quantcount.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-UeXruRVtZz7w6.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-15.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a7b5f5f96f81dea4efc53e1d4dae8b37c28bec27a45b42ccf604ee759e20caec

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 01:39:17 GMT
content-encoding
gzip
via
1.1 e8e5556eec12cd8fd3590100b82fb80a.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD1-C1
age
555
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Thu, 07 Dec 2017 17:06:25 GMT
server
AmazonS3
etag
W/"cbc97d16c77ea1fcbbf42d246001e982"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-id
MLoKqEdlX8VDPlzN5Y9FmJfSa9NmU9phIhLsQ4oDT0fbLgeo3VCmaA==
ads
securepubads.g.doubleclick.net/gampad/ 		286 KB
59 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=529173402229772&correlator=3450902802385289&eid=31077786%2C31077190&output=ldjh&gdfp_req=1&vrg=202309110101&ptt=17&impl=fifs&iu_parts=15184186%3A5358318%2Cturtlediary_rightrail_1%2Cturtlediary_rightrail_2&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=300x250%2C300x250&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1694656110870&lmt=1694627310&adxs=1240%2C1240&adys=32%2C312&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.turtlediary.com%2F&vis=1&psz=400x-1%7C400x-1&msz=400x-1%7C400x-1&fws=516%2C516&ohw=1600%2C1600&ga_vid=1672199384.1694656108&ga_sid=1694656111&ga_hid=452010496&ga_fc=true&a3p=EhsKDGlkNS1zeW5jLmNvbRj5u4CLqTFIAFICCGQSWgoNY3J3ZGNudHJsLm5ldBJAMjViZTJjN2U2ODZmNGQzZmUwZjE5YWRhNWU5YjE2ZDUzOTM4NjdlNWMyMzI4NzA5NTc5YzVjYjlmZWNjMjk2NRjZv4CLqTFIABIZCgpwdWJjaWQub3JnGOLBgIupMUgAUgIIahIXCghydGJob3VzZRi3voCLqTFIAFICCGoSPgoFb3BlbngSLGV5SnBJam9pTVVwV1ZrTjFSSEZTV0ZkNFdrcGxaRVo2T0hSMWR6MDlJbjA9GPe-gIupMUgA&dlt=1694656106956&idt=2198&prev_scp=fsrefresh%3D0%26fsrebid%3D0%26fs_uuid%3D9ab34c2a-ca49-445e-8c7f-f9f73ea5225e%26floors_id%3Dec3bd0%26floors_hour%3D1%26fs_placementName%3Dturtlediary_rightrail_1%26fs_ad_product%3Dbanner%26fsbid%3Dtimeout%7Cfsrefresh%3D0%26fsrebid%3D0%26fs_uuid%3D1b0cd45d-c75f-43ec-aec1-d0df9e4f2800%26floors_id%3Dec3bd0%26floors_hour%3D1%26fs_placementName%3Dturtlediary_rightrail_2%26fs_ad_product%3Dbanner%26fsbid%3Dtimeout&cust_params=fs_session_id%3D6fce717a-746e-4f8d-adad-c2b43e132a6f%26fs_pageview_id%3D8917b79ba9d3f5c62b0c88ba78fb260e%26user-agent%3DChrome%26fs_iiq_enabled%3Dtrue%26fs_used_optimise%3Dtrue%26floors_user%3D0%26floors_rtt%3D2%26fs_clientservermask%3D22033133213321220112%26fs_testgroup%3Doptimised&adks=3587870024%2C1644055147&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309110101/pubads_impl.js?cb=31077786
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.226 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f2.1e100.net
Software
cafe /
Resource Hash
6051116f5e1fb35ae51ec235a9b7f0995fd3de107a2cd788f987154ff976d992
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 01:48:31 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
59415
x-xss-protection
0
google-lineitem-id
-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.turtlediary.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202309110101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309110101/pubads_impl.js?cb=31077786
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.76.98 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f2.1e100.net
Software
cafe /
Resource Hash
9e699231374f8b09fc6dd7d7b81d56f6efdcfe18f2474c9fd727d7ce58e9ce63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 01:48:31 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11632
x-xss-protection
0
container.html
68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D9C8 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309110101/pubads_impl.js?cb=31077786
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.turtlediary.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 14 Sep 2023 01:48:31 GMT
expires
Fri, 13 Sep 2024 01:48:31 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
optimise.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://optimise.net/?k=1&d=www.turtlediary.com&t=desktop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.152.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.152.111.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.turtlediary.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key
access-control-allow-methods
ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
access-control-allow-origin
https://www.turtlediary.com
access-control-expose-headers
fs-client-rtt
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
date
Thu, 14 Sep 2023 01:48:30 GMT
expires
0
fs-client-rtt
6
pragma
no-cache
strict-transport-security
max-age=31536000;includeSubDomains;preload;
via
1.1 google
/
optimise.net/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://optimise.net/?k=1&d=www.turtlediary.com&t=desktop
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/e9e7b93c427555a36e127e2afd65a8008f3e0421/pubfig.engine.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.152.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.152.111.34.bc.googleusercontent.com
Software
/
Resource Hash
c35b1d80823a1846d97432b9476c4d721d33a8c542a67e220e39fc282b5ee053
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload;

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type
application/json

Response headers

strict-transport-security
max-age=31536000;includeSubDomains;preload;
via
1.1 google
date
Thu, 14 Sep 2023 01:42:23 GMT
fs-client-rtt
1
age
368
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1385
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
content-type
application/json
access-control-allow-origin
https://www.turtlediary.com
access-control-expose-headers
fs-client-rtt
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key
expires
0
c
c.pub.network/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.turtlediary.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.turtlediary.com
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 14 Sep 2023 01:48:30 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
via
1.1 google
c
c.pub.network/v2/ 		36 B
53 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/analytics/1.1.1/analytics.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
6145872560198a8b8d96a8783767356ee566ab5f41287c48df9e6fdc228d5f96

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 14 Sep 2023 01:48:31 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://www.turtlediary.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
deflate.min.js
live.primis.tech/main/js/ Frame 73E2 		13 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/main/js/deflate.min.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=114564&cbuster=1694656110&pubUrl=https://www.turtlediary.com/&x=400&y=272&playerApiId=freestarPrimisPlayer&schain=1.0,1!freestar.com,1564,1&cbuster=1694656110&pubUrlAuto=https%3A%2F%2Fwww.turtlediary.com%2F&videoType=sticky&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-19.sin5.r.cloudfront.net
Software
nginx /
Resource Hash
407a567abfabf78843c1dfe24457bb650325d8f93e9396a00ce686172756244f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 01:48:30 GMT
content-encoding
gzip
via
1.1 101fe44f3abacff135b2a73264d75b1e.cloudfront.net (CloudFront)
last-modified
Tue, 15 Aug 2023 09:50:11 GMT
server
nginx
x-amz-cf-pop
SIN5-C1
etag
W/"64db4a53-3217"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
accept-ranges
bytes
x-amz-cf-id
KsPWU7rox8-hU3-X53YzXAklZtm4X0YUhEW8z_T7k7nROAlPiqzzAw==
hls.0.12.4_3.min.js
live.primis.tech/content/video/hls/ Frame 73E2 		258 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=114564&cbuster=1694656110&pubUrl=https://www.turtlediary.com/&x=400&y=272&playerApiId=freestarPrimisPlayer&schain=1.0,1!freestar.com,1564,1&cbuster=1694656110&pubUrlAuto=https%3A%2F%2Fwww.turtlediary.com%2F&videoType=sticky&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-19.sin5.r.cloudfront.net
Software
nginx /
Resource Hash
a20010b26bce05ea3cfc83cf3a162b7c16b5d2fa2bcf2253b0394b0eb322347a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 01:48:31 GMT
content-encoding
gzip
via
1.1 101fe44f3abacff135b2a73264d75b1e.cloudfront.net (CloudFront)
last-modified
Wed, 23 Mar 2022 12:48:40 GMT
server
nginx
x-amz-cf-pop
SIN5-C1
etag
W/"623b1728-409bc"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
x-amz-cf-id
NIV5KS9q8-QHiGPvFPfIJRzbdR9h8XAAzUmY2R9VOqp_I9geD00DdQ==
expires
Fri, 13 Sep 2024 01:48:31 GMT
prebidVid.7.16.0_13.min.js
live.primis.tech/content/prebid/ Frame 73E2 		521 KB
261 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/prebid/prebidVid.7.16.0_13.min.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=114564&cbuster=1694656110&pubUrl=https://www.turtlediary.com/&x=400&y=272&playerApiId=freestarPrimisPlayer&schain=1.0,1!freestar.com,1564,1&cbuster=1694656110&pubUrlAuto=https%3A%2F%2Fwww.turtlediary.com%2F&videoType=sticky&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-19.sin5.r.cloudfront.net
Software
nginx /
Resource Hash
d6c0ab80059e719ab7d9bfb42c59b36704722a203cccf96d00c928a05d617b72

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 01:48:30 GMT
content-encoding
gzip
via
1.1 101fe44f3abacff135b2a73264d75b1e.cloudfront.net (CloudFront)
last-modified
Wed, 23 Aug 2023 10:48:22 GMT
server
nginx
x-amz-cf-pop
SIN5-C1
etag
W/"64e5e3f6-82574"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
x-amz-cf-id
Ov-86TwfDM2uwYpINNqoeVmJk5ZHndUr-XJem0XUFPsUrg6OT7-bSA==
expires
Fri, 13 Sep 2024 01:48:30 GMT
liveVideo.php
live.primis.tech/live/ Frame 73E2 		620 KB
242 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D30392D31345F30347D7B7331373235363937307D7B4337377D7B53643364334C6E5231636E52735A57527059584A354C6D4E7662513D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593237327D7B66317D7B7251554A55494338675430314A5245787062576C305A5752455A58427362336B674C7941784943386759574E3061585A6C7D7B4C373734387DFEFE&userIpAddr=66.203.112.163&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F116.0.5845.187+Safari%2F537.36&debugInformation=ABT+%2F+OMIDLimitedDeploy+%2F+1+%2F+active&isWePassGdpr=1&schain=1.0%2C1%21freestar.com%2C1564%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=20&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1694656110&csuuid=6502666e9c9d4&debugInfo=17256970_ABT+%2F+OMIDLimitedDeploy+%2F+1+%2F+active&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17256970&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed3306uhxzrtjs&secondaryContent=&x=400&y=272&pubUrl=https%3A%2F%2Fwww.turtlediary.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=105&impGap=1&flow_width=400&flow_height=225&videoType=sticky&gdpr=0&gdprConsent=&contentFeedId=&geoLati=-33&geoLong=146&vpTemplate=7748&flowMode=seenboth&isRealPreroll=0&playerApiId=freestarPrimisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=&appName=&appBundleId=https%3A%2F%2Fwww.turtlediary.com%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=114564&cbuster=1694656110&pubUrl=https://www.turtlediary.com/&x=400&y=272&playerApiId=freestarPrimisPlayer&schain=1.0,1!freestar.com,1564,1&cbuster=1694656110&pubUrlAuto=https%3A%2F%2Fwww.turtlediary.com%2F&videoType=sticky&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-19.sin5.r.cloudfront.net
Software
nginx /
Resource Hash
0ec00f82fb3d89a55435495410f56fa72c320a9948ad156f6118e0fe0901d5f1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 01:48:31 GMT
content-encoding
gzip
via
1.1 101fe44f3abacff135b2a73264d75b1e.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SIN5-C1
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
x-amz-cf-id
KkCnv0IbbiKIXB1yTKrpRYJiQ6tV0ix4zmf0amR9243K_hnfrHlOBg==
syncframe
gum.criteo.com/ Frame 33F6 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.turtlediary.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
5ce601e7b4578b3d9889b9f789f0b30ac12eeebb7fc209f5ee61c2a272e89950
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.turtlediary.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 14 Sep 2023 01:48:31 GMT
server
Kestrel
server-processing-duration-in-ticks
369080
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
pixel;r=1936093854;labels=keywords.free%20educational%20games%2Ckeywords.kids%20educational%20games%2Ckeywords.online%20educational%20games%20for%20kids%2Ckeywords.education%20games%20online%2Ckeyw...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1936093854;labels=keywords.free%20educational%20games%2Ckeywords.kids%20educational%20games%2Ckeywords.online%20educational%20games%20for%20kids%2Ckeywords.education%20games%20online%2Ckeywords.educational%20computer%20games%20for%20kids%2Ckeywords.educational%20games%20for%20kids%20online%2Ckeywords.kids%20educational%20videos%2Ckeywords.interactive%20educational%20games%2Ckeywords.kids%20learning%20games%2Ckeywords.free%20online%20learning%20games%2Ckeywords.free%20kids%20learning%20games%2Ckeywords.gudli%2Ckeywords.cookie%20games%2Ckeywords.cookies%20games;rf=0;a=p-UeXruRVtZz7w6;url=https%3A%2F%2Fwww.turtlediary.com%2F;uht=2;fpan=1;fpa=P0-942128272-1694656110820;pbc=;ns=0;ce=1;qjs=1;qv=44310d19-20230908150619;cm=;gdpr=0;ref=;d=turtlediary.com;dst=0;et=1694656111245;tzo=-480;ogl=;ses=0d9137cb-5fdf-4ba7-9689-f0ae8012660e;mdl=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.171 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:31 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
sync
eb2.3lift.com/ Frame 11F1
Redirect Chain
  • https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26...
  • https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26...
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
eb182180c8dc9a9f4b4b7f1638584ff9b7bd7de5cb15251a6179b79281241bb7

Request headers

Referer
https://www.turtlediary.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1439
content-type
text/html; charset=utf-8
date
Thu, 14 Sep 2023 01:48:31 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Thu, 14 Sep 2023 01:48:31 GMT
location
/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309110101/pubads_impl.js?cb=31077786
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 01:48:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 14 Sep 2023 01:48:31 GMT
primisslate.css
live.primis.tech/content/video/css/ 		18 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/video/css/primisslate.css
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D30392D31345F30347D7B7331373235363937307D7B4337377D7B53643364334C6E5231636E52735A57527059584A354C6D4E7662513D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593237327D7B66317D7B7251554A55494338675430314A5245787062576C305A5752455A58427362336B674C7941784943386759574E3061585A6C7D7B4C373734387DFEFE&userIpAddr=66.203.112.163&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F116.0.5845.187+Safari%2F537.36&debugInformation=ABT+%2F+OMIDLimitedDeploy+%2F+1+%2F+active&isWePassGdpr=1&schain=1.0%2C1%21freestar.com%2C1564%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=20&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1694656110&csuuid=6502666e9c9d4&debugInfo=17256970_ABT+%2F+OMIDLimitedDeploy+%2F+1+%2F+active&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17256970&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed3306uhxzrtjs&secondaryContent=&x=400&y=272&pubUrl=https%3A%2F%2Fwww.turtlediary.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=105&impGap=1&flow_width=400&flow_height=225&videoType=sticky&gdpr=0&gdprConsent=&contentFeedId=&geoLati=-33&geoLong=146&vpTemplate=7748&flowMode=seenboth&isRealPreroll=0&playerApiId=freestarPrimisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=&appName=&appBundleId=https%3A%2F%2Fwww.turtlediary.com%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-19.sin5.r.cloudfront.net
Software
nginx /
Resource Hash
dcbb76a8cb268e3ed25b14f8d4a9b8e906f20da34d903111c2d77fc2c34d83cc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 01:48:30 GMT
content-encoding
gzip
via
1.1 101fe44f3abacff135b2a73264d75b1e.cloudfront.net (CloudFront)
last-modified
Mon, 05 Jun 2023 10:07:42 GMT
server
nginx
x-amz-cf-pop
SIN5-C1
etag
W/"647db3ee-469b"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
accept-ranges
bytes
x-amz-cf-id
-VeMy88qrPsHyRB34xH4lQPMHhPqC8cuzoYlKfsojbGJDvDaw0BU_A==
apstag.js
c.amazon-adsystem.com/aax2/ Frame 73E2 		252 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D30392D31345F30347D7B7331373235363937307D7B4337377D7B53643364334C6E5231636E52735A57527059584A354C6D4E7662513D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593237327D7B66317D7B7251554A55494338675430314A5245787062576C305A5752455A58427362336B674C7941784943386759574E3061585A6C7D7B4C373734387DFEFE&userIpAddr=66.203.112.163&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F116.0.5845.187+Safari%2F537.36&debugInformation=ABT+%2F+OMIDLimitedDeploy+%2F+1+%2F+active&isWePassGdpr=1&schain=1.0%2C1%21freestar.com%2C1564%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=20&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1694656110&csuuid=6502666e9c9d4&debugInfo=17256970_ABT+%2F+OMIDLimitedDeploy+%2F+1+%2F+active&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17256970&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed3306uhxzrtjs&secondaryContent=&x=400&y=272&pubUrl=https%3A%2F%2Fwww.turtlediary.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=105&impGap=1&flow_width=400&flow_height=225&videoType=sticky&gdpr=0&gdprConsent=&contentFeedId=&geoLati=-33&geoLong=146&vpTemplate=7748&flowMode=seenboth&isRealPreroll=0&playerApiId=freestarPrimisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=&appName=&appBundleId=https%3A%2F%2Fwww.turtlediary.com%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.151.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-151-131.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
81b49f37a78cff7332e69104bdbe2080c1f3e09c92f976e3647579a56de2cd65

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 01:26:52 GMT
content-encoding
gzip
via
1.1 4bf8b888ab09c75583ef96928f051bfc.cloudfront.net (CloudFront), 1.1 1c65a9672d4009a4b2d2b0463141bfa6.cloudfront.net (CloudFront)
last-modified
Wed, 13 Sep 2023 20:24:09 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C1, SYD1-C1
age
1299
x-amz-server-side-encryption
AES256
etag
W/"e979ec9a5d58fd4b13919c5a10c06dd7"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
Z_LACNR2ZFFyCfv9zTCn7B9g1feOSPFP2q08b1wOsUi3k_TFfDj_mQ==
ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame 73E2 		80 B
819 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=793790479&pt=17&dpn=1&jsver=5.09&dbsaved=false&iiqidtype=2&iiqpcid=6fc69c00-6767-458d-aac5-e9447f440adb&iiqpciddate=1694656109791&iiqcallcount=0&iiqfailcount=0&iiqnodata=false&iiqlocalstorageenabled=true&tsrnd=449_1694656111549&fbp=1120628899&cttl=43200000&rrtt=0&dud=0&abtg=A&iiqppcc=0&vrref=https%3A%2F%2Fwww.turtlediary.com%2F&ref=www.turtlediary.com
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D30392D31345F30347D7B7331373235363937307D7B4337377D7B53643364334C6E5231636E52735A57527059584A354C6D4E7662513D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593237327D7B66317D7B7251554A55494338675430314A5245787062576C305A5752455A58427362336B674C7941784943386759574E3061585A6C7D7B4C373734387DFEFE&userIpAddr=66.203.112.163&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F116.0.5845.187+Safari%2F537.36&debugInformation=ABT+%2F+OMIDLimitedDeploy+%2F+1+%2F+active&isWePassGdpr=1&schain=1.0%2C1%21freestar.com%2C1564%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=20&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1694656110&csuuid=6502666e9c9d4&debugInfo=17256970_ABT+%2F+OMIDLimitedDeploy+%2F+1+%2F+active&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17256970&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed3306uhxzrtjs&secondaryContent=&x=400&y=272&pubUrl=https%3A%2F%2Fwww.turtlediary.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=105&impGap=1&flow_width=400&flow_height=225&videoType=sticky&gdpr=0&gdprConsent=&contentFeedId=&geoLati=-33&geoLong=146&vpTemplate=7748&flowMode=seenboth&isRealPreroll=0&playerApiId=freestarPrimisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=&appName=&appBundleId=https%3A%2F%2Fwww.turtlediary.com%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.111.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-81.syd62.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
108e7c09a9d190083c217592e2059a6278e7f23d92f2190be2daa0b9c80440a9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 01:48:31 GMT
via
1.1 df166554184adf2da43f53000107ac74.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P2
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
patent
https://www.almondnet.com/ip
alt-svc
h3=":443"; ma=86400
pragma
no-cache
server
Apache-Coyote/1.1
vary
Origin
access-control-allow-methods
POST, GET
content-type
text/html
access-control-allow-origin
https://www.turtlediary.com
access-control-max-age
3600
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type, Accept, X-Requested-With, remember-me
x-amz-cf-id
sFUaZXeARL5nroZzeL-xj5VjNeC-g85Zx2qdIEPxPrVvubIhBtZ0Hg==
expires
Thu, 01 Jan 1970 00:00:00 GMT
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 73E2 		43 B
975 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=793790479&rnd=1831&dbsaved=false&iiqidtype=2&iiqpcid=6fc69c00-6767-458d-aac5-e9447f440adb&iiqpciddate=1694656109791&tsrnd=701_1694656111550&fbp=1120628899&vrref=https%3A%2F%2Fwww.turtlediary.com%2F&jsver=5.09
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-78.syd1.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:31 GMT
via
1.1 0b26d7ef0f265884570bdb3e6c3750b0.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
SYD1-C1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
TOIlIcBZbI_NRoYBjY5ZLoAjPF1vYNxMexTE20Lkr81ryNyGpijVog==
expires
Thu, 01 Jan 1970 00:00:00 GMT
container.html
68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B1BF 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202309120957/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.turtlediary.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 14 Sep 2023 01:48:31 GMT
expires
Fri, 13 Sep 2024 01:48:31 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
fslogo-green.svg
a.pub.network/core/imgs/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.pub.network/core/imgs/fslogo-green.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.20.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecc20ed3c5dedbe5bbe73d1e7b14270c65a85f7d0ec4c94c4f0c9f0071e471a2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 01:48:31 GMT
content-encoding
gzip
cf-cache-status
HIT
age
725
x-guploader-uploadid
ADPycduCKtYI4ynjTvg6efxs5umCoVlFO_QAkG9Bc8oNrv-wcrUE9_1XN6RVynSBJwn6omj9x_GePM0lzs6-ML0WZQE62FfWDm52
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
last-modified
Tue, 08 Sep 2020 17:04:37 GMT
server
cloudflare
etag
W/"326d6cbd977657e1205bd616d1f2faca"
vary
Accept-Encoding
x-goog-hash
crc32c=Jh+rSg==, md5=Mm1svZd2V+EgW9YW0fL6yg==
x-goog-generation
1599584677716817
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=3600
x-goog-stored-content-length
1193
cf-ray
8064f7d98aa7aae4-SYD
expires
Thu, 14 Sep 2023 02:48:31 GMT
container.html
68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 82EC 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202309120957/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.turtlediary.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 14 Sep 2023 01:48:31 GMT
expires
Fri, 13 Sep 2024 01:48:31 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 73E2 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.151.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-151-131.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 4bf8b888ab09c75583ef96928f051bfc.cloudfront.net (CloudFront)
date
Wed, 13 Sep 2023 21:02:11 GMT
x-amz-cf-pop
SYD1-C1
age
24566
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
2bYAWzmfae83tryeLrcHXugh4zEos0WXJE4wI1svGQwdPrUkGwxM4g==
xuid
eb2.3lift.com/ Frame 11F1
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=8fe62721-aec1-4b0f-a07d-1b94d52b81c8&dongle=0cfd&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=8fe62721-aec1-4b0f-a07d-1b94d52b81c8&dongle=0cfd&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 14 Sep 2023 01:48:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:31 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=8fe62721-aec1-4b0f-a07d-1b94d52b81c8&dongle=0cfd&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
251
ebda
eb2.3lift.com/ Frame 11F1
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDUwNDk5NjMyOTAyMzc1OTg3Nzc3Mw%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 01:48:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 11F1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESELMrMuDBgwepubREVI32Wv8&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESELMrMuDBgwepubREVI32Wv8&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 14 Sep 2023 01:48:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESELMrMuDBgwepubREVI32Wv8&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 11F1
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDUwNDk5NjMyOTAyMzc1OTg3Nzc3Mw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDUwNDk5NjMyOTAyMzc1OTg3Nzc3Mw%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol
H3
Server
172.217.167.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDUwNDk5NjMyOTAyMzc1OTg3Nzc3Mw%3D%3D
date
Thu, 14 Sep 2023 01:48:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame 11F1 		0
656 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=4504996329023759877773&dbredirect=true&gdpr=0&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 01:48:32 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 546EEFED9F9643FE97BB9EC3C7993C0E Ref B: SYD03EDGE2111 Ref C: 2023-09-14T01:48:32Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-source-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYFR9+Y5EbfZHBKjKSjHw==
xuid
eb2.3lift.com/ Frame 11F1
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/4504996329023759877773?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-EtxoY25E2oQ7NFWgMcko_eAiPCD3JnyrWJL6WcB6Fw--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-EtxoY25E2oQ7NFWgMcko_eAiPCD3JnyrWJL6WcB6Fw--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 14 Sep 2023 01:48:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Thu, 14 Sep 2023 01:48:32 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-EtxoY25E2oQ7NFWgMcko_eAiPCD3JnyrWJL6WcB6Fw--~A&dongle=0883
content-length
0
c.gif
c.bing.com/ Frame 11F1 		42 B
690 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=4504996329023759877773&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:32 GMT
last-modified
Wed, 30 Aug 2023 15:12:21 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 5E06AA4E176C429C8891F0DB34BF5BED Ref B: SYD03EDGE1921 Ref C: 2023-09-14T01:48:32Z
etag
"4b119d5f54dbd91:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42
sync
x.bidswitch.net/ Frame 11F1
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=4504996329023759877773&gdpr=0&gdpr_consent=${GDPR_CONSENT}
  • https://x.bidswitch.net/ul_cb/sync?ssp=triplelift&user_id=4504996329023759877773&gdpr=0&gdpr_consent=${GDPR_CONSENT}
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=0bc62ef8-a900-415e-a8df-5e231d2f7482&ssp=triplelift
43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=0bc62ef8-a900-415e-a8df-5e231d2f7482&ssp=triplelift
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol
HTTP/1.1
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Date
Thu, 14 Sep 2023 01:48:34 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=0bc62ef8-a900-415e-a8df-5e231d2f7482&ssp=triplelift
date
Thu, 14 Sep 2023 01:48:34 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
xuid
eb2.3lift.com/ Frame 11F1
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&gdpr=0&gdpr_consent=&us_privacy=&gpp=${GPP_STRING_28}&gpp_sid=&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3D%40...
  • https://eb2.3lift.com/xuid?mid=2711&xuid=5ad7e647-26b3-46c1-a65b-3b39a5531475&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2711&xuid=5ad7e647-26b3-46c1-a65b-3b39a5531475&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 14 Sep 2023 01:48:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:31 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://eb2.3lift.com/xuid?mid=2711&xuid=5ad7e647-26b3-46c1-a65b-3b39a5531475&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1312756
content-length
0
expires
Thu, 14 Sep 2023 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 11F1
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Feb2.3lift.com%252Fxuid%253Fmid%253D3335%2526xuid%253D%2524UID%2526dongle%253D4d58%2526gdpr%3D0%2526gdpr_consent%3D
  • https://eb2.3lift.com/xuid?mid=3335&xuid=4379871299077307740&dongle=4d58&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=4379871299077307740&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 14 Sep 2023 01:48:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:32 GMT
an-x-request-uuid
8b0817b3-7136-4637-89ec-dfee870438b0
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://eb2.3lift.com/xuid?mid=3335&xuid=4379871299077307740&dongle=4d58&gdpr=0&gdpr_consent=
x-proxy-origin
66.203.112.163; 66.203.112.163; 591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
s2s.t13.io/ Frame 11F1 		0
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2s.t13.io/setuid?bidder=triplelift&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=b&uid=4504996329023759877773
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:32 GMT
via
1.1 google
content-type
text/html
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0
css
fonts.googleapis.com/ Frame B1BF 		2 KB
662 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Requested by
Host: 68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com
URL: https://68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.67.10 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f10.1e100.net
Software
ESF /
Resource Hash
c4f393315ffc75417c9c350e709bbcca2d2e9d5640fa0925b32088ff1ed6c84f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 14 Sep 2023 01:48:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 00:01:14 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 14 Sep 2023 01:48:31 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230912/r20110914/client/ Frame B1BF 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230912/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: 68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com
URL: https://68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
cafe /
Resource Hash
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 19:24:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
23051
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
865
x-xss-protection
0
server
cafe
etag
5051423035144352294
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 27 Sep 2023 19:24:20 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230912/r20110914/ Frame B1BF 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230912/r20110914/abg_lite_fy2021.js
Requested by
Host: 68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com
URL: https://68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
cafe /
Resource Hash
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 19:24:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
23051
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9135
x-xss-protection
0
server
cafe
etag
9583221549990841032
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 27 Sep 2023 19:24:20 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230912/r20110914/client/ Frame B1BF 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230912/r20110914/client/window_focus_fy2021.js
Requested by
Host: 68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com
URL: https://68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 19:24:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
23051
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 27 Sep 2023 19:24:20 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 408A 		1 KB
870 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com
URL: https://68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.76.98 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
3469
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 14 Sep 2023 00:50:43 GMT
etag
48472445140208031
expires
Fri, 15 Sep 2023 00:50:43 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230912/r20110914/client/ Frame B1BF 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230912/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com
URL: https://68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
cafe /
Resource Hash
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 19:24:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
23051
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8275
x-xss-protection
0
server
cafe
etag
7349537481621356269
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 27 Sep 2023 19:24:20 GMT
l
www.google.com/ads/measurement/ Frame B1BF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSFnXj0rqrYWxHyoQoeoclKb9r0cjeYirAsFjduut-SigOa2Cfi71caUyEvpH8fK9e02yhLTftZ-6XXbkcsFJaMTOSxlQ
Requested by
Host: 68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com
URL: https://68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.4 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B1BF 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com
URL: https://68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f2.1e100.net
Software
sffe /
Resource Hash
c9ce932a23de6195c13355d37d42ed655a4a8ad66a66c1754e442577c1d7e407
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 01:48:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57894
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1694432528947753"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Sep 2023 01:48:32 GMT
9041af033b7a690ba70e3134a2c135bf.js
www.gstatic.com/mysidia/ Frame B1BF 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/9041af033b7a690ba70e3134a2c135bf.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com
URL: https://68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f3.1e100.net
Software
sffe /
Resource Hash
8f9d88352b286107f60c320c4c088f718c2a3a273818cd61901edb7f235a9339
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 19:02:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
110760
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15189
x-xss-protection
0
last-modified
Tue, 12 Sep 2023 17:48:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 11 Dec 2023 19:02:32 GMT
pixel
protected-by.clarium.io/ Frame B1BF 		68 B
244 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_OFRsUHM5X0VsRTN3UTJHdzVsSlhraWNSVnR3LzIyNDY0NjA2NDE6MzAweDI1MA==&v=5&s=v31ha8m097e&id=eyJkZnAiOnsiYWQiOjQzMjQyNzg2LCJjIjpudWxsLCJsIjowLCJvIjoyMjQ2NDYwNjQxLCJBIjoiLzE1MTg0MTg2LDUzNTgzMTgvdHVydGxlZGlhcnlfcmlnaHRyYWlsXzEiLCJ5Ijo5NDgwOCwiY28iOjAsInMiOiJ0dXJ0bGVkaWFyeV9yaWdodHJhaWxfMSJ9fQ%3D%3D&cb=7408256&h=www.turtlediary.com&d=eyJ3aCI6Ik9GUnNVSE01WDBWc1JUTjNVVEpIZHpWc1NsaHJhV05TVm5SM0x6SXlORFkwTmpBMk5ERTZNekF3ZURJMU1BPT0iLCJ3ZCI6eyJvIjoyMjQ2NDYwNjQxLCJ3IjoiMzAwIiwiaCI6IjI1MCJ9LCJ3ciI6Mn0=
Requested by
Host: 68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com
URL: https://68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.239.127.146 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-239-127-146.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Thu, 14 Sep 2023 01:48:32 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.18.0 (Ubuntu)
expires
Sat, 26 Jul 1997 05:00:00 GMT
shopping
encrypted-tbn1.gstatic.com/ Frame B1BF 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcTqdFsDC7pNQVUeqQPr1DiKhVP7JBFP7DuoTK48TmmU9yL_5aeRpaiwGNgS5g&usqp=CAI
Requested by
Host: 68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com
URL: https://68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.76.110 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f14.1e100.net
Software
sffe /
Resource Hash
6bec516b9c50ed4b3818f8646e8bbf8650fe630c93acd1fc0309adc763ba7b0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 15:33:33 GMT
x-content-type-options
nosniff
age
555299
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37196
x-xss-protection
0
last-modified
Sun, 24 Sep 2023 04:24:17 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Fri, 06 Sep 2024 15:33:33 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame B1BF 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcSrGoFhxpK_1FXuvmK6B7umY1mtw_lu3eprHcKQzIW-Hp4mASXVw6PxztcGBLU&usqp=CAI
Requested by
Host: 68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com
URL: https://68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f14.1e100.net
Software
sffe /
Resource Hash
9fe07595dfd1a91fafb82a3bfd925e6e11b58ed7f3c9c31e8309a2ad2cb78ae1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 06:15:22 GMT
x-content-type-options
nosniff
age
70390
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22168
x-xss-protection
0
last-modified
Tue, 18 Apr 2023 06:37:49 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Thu, 12 Sep 2024 06:15:22 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame B1BF 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcRAEsG5mC5LDaRyRLV1cN-oUYPLq5Nvqk1flDTzv46gpZPnCatz0k5m-RCfX3w&usqp=CAI
Requested by
Host: 68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com
URL: https://68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f14.1e100.net
Software
sffe /
Resource Hash
2c2c3ae737c0235ab828a5a4789a6fa5f9bd10ce23cc4a367835c3ee64d27964
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 20:02:19 GMT
x-content-type-options
nosniff
age
20773
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8892
x-xss-protection
0
last-modified
Mon, 06 Feb 2023 05:27:46 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Thu, 12 Sep 2024 20:02:19 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame B1BF 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcTaI1znNbeV4KqthSUzBr4RCwAsGpDAXLNy1pLnWJXzM3LgJK91xF_c38Pnuc4&usqp=CAI
Requested by
Host: 68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com
URL: https://68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f14.1e100.net
Software
sffe /
Resource Hash
1dbc5532d0ce7fc49b6dcec4f680d320409e517808057cd2929708ef6d828a4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 18:09:11 GMT
x-content-type-options
nosniff
age
27561
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38081
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 10:31:16 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Thu, 12 Sep 2024 18:09:11 GMT
shopping
encrypted-tbn1.gstatic.com/ Frame B1BF 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcR4K3sG0lyp-RAXwF6CGhMiKMU_RKMjW4ZQqih7BPlcz7BGCfaaoHUXykMNAw&usqp=CAI
Requested by
Host: 68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com
URL: https://68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.76.110 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f14.1e100.net
Software
sffe /
Resource Hash
d0e55d571fce34dc1c0b24e1b31ef195aa462f05a3e5e1248d65816670b93e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 23:44:32 GMT
x-content-type-options
nosniff
age
93840
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29565
x-xss-protection
0
last-modified
Tue, 03 Oct 2023 03:33:54 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Wed, 11 Sep 2024 23:44:32 GMT
shopping
encrypted-tbn1.gstatic.com/ Frame B1BF 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRbWZ9HEQsciqOJgUD9Do6410K676Ck3noVUXGAZsUqmMQ7CUSBKfMS15fqNg&usqp=CAI
Requested by
Host: 68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com
URL: https://68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.76.110 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f14.1e100.net
Software
sffe /
Resource Hash
8253b841bc844880d8b7fc6b97239533f417825647b32407c6ca981c76209281
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 08:09:18 GMT
x-content-type-options
nosniff
age
63554
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16137
x-xss-protection
0
last-modified
Mon, 07 Aug 2023 10:39:11 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Thu, 12 Sep 2024 08:09:18 GMT
13807221044435258780
tpc.googlesyndication.com/simgad/ Frame B1BF
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODq2JicpwEQsAkYsAkyCOmWWTk7j0iF
  • https://tpc.googlesyndication.com/simgad/13807221044435258780
77 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13807221044435258780
Requested by
Host: 68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com
URL: https://68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
142.251.221.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
sffe /
Resource Hash
87a92e159459b46d503d7ca9301e076e886bf1eb91abaae349f8b6a69deb2571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 02:13:22 GMT
x-content-type-options
nosniff
age
603310
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79088
x-xss-protection
0
last-modified
Wed, 29 Mar 2023 14:21:14 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 06 Sep 2024 02:13:22 GMT

Redirect headers

date
Wed, 13 Sep 2023 05:01:34 GMT
x-content-type-options
nosniff
server
cafe
age
74817
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/13807221044435258780
content-type
text/html; charset=UTF-8
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 13 Oct 2023 05:01:34 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1F8E 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.turtlediary.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
89873
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 13 Sep 2023 00:50:38 GMT
expires
Thu, 12 Sep 2024 00:50:38 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame FD53 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.4 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f4.1e100.net
Software
GSE /
Resource Hash
4bc37a93169100d33ae5f49c8735dc378e4d806fefccdce5a28bf4bbb8d39271
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-9KSxAQZMi-4VczJYMEm8ig' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.turtlediary.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
537
content-security-policy
script-src 'report-sample' 'nonce-9KSxAQZMi-4VczJYMEm8ig' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 14 Sep 2023 01:48:32 GMT
expires
Thu, 14 Sep 2023 01:48:32 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
css
fonts.googleapis.com/ Frame 82EC 		2 KB
662 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Requested by
Host: 68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com
URL: https://68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.67.10 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f10.1e100.net
Software
ESF /
Resource Hash
c4f393315ffc75417c9c350e709bbcca2d2e9d5640fa0925b32088ff1ed6c84f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 14 Sep 2023 01:48:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 00:57:15 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 14 Sep 2023 01:48:32 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230912/r20110914/client/ Frame 82EC 		2 KB
926 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230912/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: 68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com
URL: https://68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
cafe /
Resource Hash
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 19:24:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
23051
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
865
x-xss-protection
0
server
cafe
etag
5051423035144352294
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 27 Sep 2023 19:24:20 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230912/r20110914/ Frame 82EC 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230912/r20110914/abg_lite_fy2021.js
Requested by
Host: 68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com
URL: https://68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
cafe /
Resource Hash
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 19:24:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
23051
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9135
x-xss-protection
0
server
cafe
etag
9583221549990841032
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 27 Sep 2023 19:24:20 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230912/r20110914/client/ Frame 82EC 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230912/r20110914/client/window_focus_fy2021.js
Requested by
Host: 68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com
URL: https://68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 19:24:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
23051
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 27 Sep 2023 19:24:20 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 6D52 		1 KB
677 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com
URL: https://68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.76.98 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
3469
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 14 Sep 2023 00:50:43 GMT
etag
48472445140208031
expires
Fri, 15 Sep 2023 00:50:43 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230912/r20110914/client/ Frame 82EC 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230912/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com
URL: https://68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
cafe /
Resource Hash
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 19:24:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
23051
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8275
x-xss-protection
0
server
cafe
etag
7349537481621356269
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 27 Sep 2023 19:24:20 GMT
l
www.google.com/ads/measurement/ Frame 82EC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTaIpbbQAdZs-HFFUJJAakoLx4-z-zHI6gonfJ3mPmJ6ZNEOSz16uZuH2JHakps3M9Vrrfpy8EOWdmLir6wF-dx2C5LXA
Requested by
Host: 68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com
URL: https://68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.4 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 82EC 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com
URL: https://68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f2.1e100.net
Software
sffe /
Resource Hash
c9ce932a23de6195c13355d37d42ed655a4a8ad66a66c1754e442577c1d7e407
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 01:48:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57894
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1694432528947753"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Sep 2023 01:48:32 GMT
9041af033b7a690ba70e3134a2c135bf.js
www.gstatic.com/mysidia/ Frame 82EC 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/9041af033b7a690ba70e3134a2c135bf.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com
URL: https://68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f3.1e100.net
Software
sffe /
Resource Hash
8f9d88352b286107f60c320c4c088f718c2a3a273818cd61901edb7f235a9339
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 19:02:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
110760
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15189
x-xss-protection
0
last-modified
Tue, 12 Sep 2023 17:48:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 11 Dec 2023 19:02:32 GMT
pixel
protected-by.clarium.io/ Frame 82EC 		68 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_OFRsUHM5X0VsRTN3UTJHdzVsSlhraWNSVnR3LzIyNDY0NjA2NDE6MzAweDI1MA==&v=5&s=v31ha8m09bo&id=eyJkZnAiOnsiYWQiOjQzMjQyNzg2LCJjIjpudWxsLCJsIjowLCJvIjoyMjQ2NDYwNjQxLCJBIjoiLzE1MTg0MTg2LDUzNTgzMTgvdHVydGxlZGlhcnlfcmlnaHRyYWlsXzIiLCJ5Ijo5NDgwOCwiY28iOjAsInMiOiJ0dXJ0bGVkaWFyeV9yaWdodHJhaWxfMiJ9fQ%3D%3D&cb=8300359&h=www.turtlediary.com&d=eyJ3aCI6Ik9GUnNVSE01WDBWc1JUTjNVVEpIZHpWc1NsaHJhV05TVm5SM0x6SXlORFkwTmpBMk5ERTZNekF3ZURJMU1BPT0iLCJ3ZCI6eyJvIjoyMjQ2NDYwNjQxLCJ3IjoiMzAwIiwiaCI6IjI1MCJ9LCJ3ciI6Mn0=
Requested by
Host: 68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com
URL: https://68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.239.127.146 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-239-127-146.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Thu, 14 Sep 2023 01:48:32 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.18.0 (Ubuntu)
expires
Sat, 26 Jul 1997 05:00:00 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame 82EC 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcRfjU8SsLgCUjifmYBZp7DBBY49X4W3SUp6LYeBsk-JcF6wAnTmo7VUnBP3GUc&usqp=CAI
Requested by
Host: 68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com
URL: https://68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f14.1e100.net
Software
sffe /
Resource Hash
910e2469719b5d877c634a3d565923cf0570c74884545a4bd0fe9638dc9fe6e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 03:18:16 GMT
x-content-type-options
nosniff
age
513016
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23986
x-xss-protection
0
last-modified
Sun, 12 Mar 2023 14:35:12 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sat, 07 Sep 2024 03:18:16 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame 82EC 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcSrGoFhxpK_1FXuvmK6B7umY1mtw_lu3eprHcKQzIW-Hp4mASXVw6PxztcGBLU&usqp=CAI
Requested by
Host: 68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com
URL: https://68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f14.1e100.net
Software
sffe /
Resource Hash
9fe07595dfd1a91fafb82a3bfd925e6e11b58ed7f3c9c31e8309a2ad2cb78ae1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 06:15:22 GMT
x-content-type-options
nosniff
age
70390
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22168
x-xss-protection
0
last-modified
Tue, 18 Apr 2023 06:37:49 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Thu, 12 Sep 2024 06:15:22 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame 82EC 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcRAEsG5mC5LDaRyRLV1cN-oUYPLq5Nvqk1flDTzv46gpZPnCatz0k5m-RCfX3w&usqp=CAI
Requested by
Host: 68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com
URL: https://68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f14.1e100.net
Software
sffe /
Resource Hash
2c2c3ae737c0235ab828a5a4789a6fa5f9bd10ce23cc4a367835c3ee64d27964
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 20:02:19 GMT
x-content-type-options
nosniff
age
20773
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8892
x-xss-protection
0
last-modified
Mon, 06 Feb 2023 05:27:46 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Thu, 12 Sep 2024 20:02:19 GMT
13807221044435258780
tpc.googlesyndication.com/simgad/ Frame 82EC
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODq2JicpwEQsAkYsAkyCOmWWTk7j0iF
  • https://tpc.googlesyndication.com/simgad/13807221044435258780
77 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13807221044435258780
Requested by
Host: 68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com
URL: https://68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
142.251.221.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
sffe /
Resource Hash
87a92e159459b46d503d7ca9301e076e886bf1eb91abaae349f8b6a69deb2571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 02:13:22 GMT
x-content-type-options
nosniff
age
603310
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79088
x-xss-protection
0
last-modified
Wed, 29 Mar 2023 14:21:14 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 06 Sep 2024 02:13:22 GMT

Redirect headers

date
Wed, 13 Sep 2023 05:01:34 GMT
x-content-type-options
nosniff
server
cafe
age
74818
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/13807221044435258780
content-type
text/html; charset=UTF-8
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 13 Oct 2023 05:01:34 GMT
css
fonts.googleapis.com/ 		2 KB
658 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto&display=swap
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D30392D31345F30347D7B7331373235363937307D7B4337377D7B53643364334C6E5231636E52735A57527059584A354C6D4E7662513D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593237327D7B66317D7B7251554A55494338675430314A5245787062576C305A5752455A58427362336B674C7941784943386759574E3061585A6C7D7B4C373734387DFEFE&userIpAddr=66.203.112.163&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F116.0.5845.187+Safari%2F537.36&debugInformation=ABT+%2F+OMIDLimitedDeploy+%2F+1+%2F+active&isWePassGdpr=1&schain=1.0%2C1%21freestar.com%2C1564%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=20&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1694656110&csuuid=6502666e9c9d4&debugInfo=17256970_ABT+%2F+OMIDLimitedDeploy+%2F+1+%2F+active&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17256970&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed3306uhxzrtjs&secondaryContent=&x=400&y=272&pubUrl=https%3A%2F%2Fwww.turtlediary.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=105&impGap=1&flow_width=400&flow_height=225&videoType=sticky&gdpr=0&gdprConsent=&contentFeedId=&geoLati=-33&geoLong=146&vpTemplate=7748&flowMode=seenboth&isRealPreroll=0&playerApiId=freestarPrimisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=&appName=&appBundleId=https%3A%2F%2Fwww.turtlediary.com%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.67.10 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f10.1e100.net
Software
ESF /
Resource Hash
c87b7f745cfb4a994801488584e6e0e78d6c4f0ad567e985a781fc0b86074724
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 14 Sep 2023 01:48:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 00:58:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 14 Sep 2023 01:48:32 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame DA86 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D30392D31345F30347D7B7331373235363937307D7B4337377D7B53643364334C6E5231636E52735A57527059584A354C6D4E7662513D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593237327D7B66317D7B7251554A55494338675430314A5245787062576C305A5752455A58427362336B674C7941784943386759574E3061585A6C7D7B4C373734387DFEFE&userIpAddr=66.203.112.163&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F116.0.5845.187+Safari%2F537.36&debugInformation=ABT+%2F+OMIDLimitedDeploy+%2F+1+%2F+active&isWePassGdpr=1&schain=1.0%2C1%21freestar.com%2C1564%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=20&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1694656110&csuuid=6502666e9c9d4&debugInfo=17256970_ABT+%2F+OMIDLimitedDeploy+%2F+1+%2F+active&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17256970&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed3306uhxzrtjs&secondaryContent=&x=400&y=272&pubUrl=https%3A%2F%2Fwww.turtlediary.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=105&impGap=1&flow_width=400&flow_height=225&videoType=sticky&gdpr=0&gdprConsent=&contentFeedId=&geoLati=-33&geoLong=146&vpTemplate=7748&flowMode=seenboth&isRealPreroll=0&playerApiId=freestarPrimisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=&appName=&appBundleId=https%3A%2F%2Fwww.turtlediary.com%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.215.59.10 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-215-59-10.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://www.turtlediary.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=114899
content-encoding
gzip
content-length
5606
content-type
text/html
date
Thu, 14 Sep 2023 01:48:32 GMT
expires
Fri, 15 Sep 2023 09:43:31 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame FBDD
Redirect Chain
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26gdpr%3D0%26gdpr_consent%3D%26adv...
  • https://live.primis.tech/live/liveCS.php?source=external&gdpr=0&gdpr_consent=&advId=98&advUuid=f09c8ce3-052b-4271-afd7-c9569f505d53
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1486637409&3rdpcid=f09c8ce3-052b-4271-afd7-c9569f505d53
43 B
878 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1486637409&3rdpcid=f09c8ce3-052b-4271-afd7-c9569f505d53
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D30392D31345F30347D7B7331373235363937307D7B4337377D7B53643364334C6E5231636E52735A57527059584A354C6D4E7662513D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593237327D7B66317D7B7251554A55494338675430314A5245787062576C305A5752455A58427362336B674C7941784943386759574E3061585A6C7D7B4C373734387DFEFE&userIpAddr=66.203.112.163&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F116.0.5845.187+Safari%2F537.36&debugInformation=ABT+%2F+OMIDLimitedDeploy+%2F+1+%2F+active&isWePassGdpr=1&schain=1.0%2C1%21freestar.com%2C1564%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=20&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1694656110&csuuid=6502666e9c9d4&debugInfo=17256970_ABT+%2F+OMIDLimitedDeploy+%2F+1+%2F+active&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17256970&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed3306uhxzrtjs&secondaryContent=&x=400&y=272&pubUrl=https%3A%2F%2Fwww.turtlediary.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=105&impGap=1&flow_width=400&flow_height=225&videoType=sticky&gdpr=0&gdprConsent=&contentFeedId=&geoLati=-33&geoLong=146&vpTemplate=7748&flowMode=seenboth&isRealPreroll=0&playerApiId=freestarPrimisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=&appName=&appBundleId=https%3A%2F%2Fwww.turtlediary.com%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.35.147.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-78.syd1.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Referer
https://www.turtlediary.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
date
Thu, 14 Sep 2023 01:48:32 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 6defb821ef88eaf5ac6c82035b5646e2.cloudfront.net (CloudFront)
x-amz-cf-id
Nkecb10YErrvB4tk1JccruYbPZPgfcLELZnuOOR0NzWEUs8HDPCSgA==
x-amz-cf-pop
SYD1-C1
x-cache
Miss from cloudfront

Redirect headers

age
0
cache-control
no-store
content-type
text/html; charset=utf-8
date
Thu, 14 Sep 2023 01:48:31 GMT
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1486637409&3rdpcid=f09c8ce3-052b-4271-afd7-c9569f505d53
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
pragma
no-cache
server
nginx
via
1.1 101fe44f3abacff135b2a73264d75b1e.cloudfront.net (CloudFront)
x-amz-cf-id
6fvwLukLrgwZu6QQ042FcDc-dMlzoMLVihXoqbVWBUvyvMBcRYtknQ==
x-amz-cf-pop
SIN5-C1
x-cache
Miss from cloudfront
liveView.php
live.primis.tech/live/ Frame 73E2 		65 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0jJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMwIyMxZ2nWRyolUlRaVmZXJmJTJGY29hqzVlqGVxJTJGMwQ0ODUyMxZ2nWRyomE1MTY1NDY5MmYyMxZ2nWQ1ZGIkYzYlMDNxODp0MwMlMwA1MmU4Lz1jNCUmRaRinlUmRGV3o2qJQ0FaSW1Gp1c5STZJQ0cJVXcJMU5cSXNDnUFaSUNBnWRIoHqJnz9aSWgjWFZDSUgzUS5yq29aSUNBZ0ygoHcwrUx2SUNKUWNgoHRuWE1cTEFiZ0yDQWqJox4kWWyJNxyDSXZxWEJmYwJGn2N5OWcvnxy5TDNnpFcHVaZMM1Z6WyuKrxjlTaZvoycfY25SoFcDOHyORFE0TyM5MzFXUzkvrxUkTVRZMU5EWTVNryy2ZG1fn05XUzyNV0cgTWcBrycEZmNOREy6TWcJq05UTTFPQmV0Y0RRnUkBo2qJQ0FaSW01nVccSTZJREUlT1RRMU5USTBNREFmQ2yBZ0yDQWynWGu3SWciZ01UWTVORGMjT0RNq01BpDxhqEElp1qXOG9iZwEmoUZQpTFyn2VuqyMgn2ZLSFq6WEjloUR2VWuXNDRfOCZ2nWRsY29hqGVhqF9cZD01NTQ0OTtzqzyxX2NioaRyoaRsZGVmYm0lMCgxnXxeYzFlYzyyK21cozyuqHVlZSgjqXJmZSUlQlgbYW5xYzFaJTJDK2JuZlZ2nWRsY29hqGVhqF90nXRfZT0lMCgxnXxeYzFlYzyyK21cozyuqHVlZSgjqXJmZSUlQlgbYW5xYzFaJTJDK2JuZlZ2nWRsY29hqGVhqF9xqXJuqGyiow02ODUzpGkuY2VgZW50U3RlZWFgVHyjZT0mJzRyYaVaSW5zo3JgYXRco249QUJUKlUlRvgPTUyETGygnXRyZERypGkirSfyMxYeMSfyMxYeYWN0nXZyJaBfYXyfnXN0SWQ9MTMjNwIzrD00MDAzrT0lMwUzpHVvVXJfPWu0qHBmJTNBJTJGJTJGq3q3LaR1paRfZWRcYXJ5LzNioSUlRvZlnT02QmY5NmY2NTUmNmQ2MTp0NmM3QmpmNxImMTqCNTQmMDqEN0I2NDMlMmAmMwMmMxQmMDM5MxQmMTM0NUYmMDM0N0Q3QwpmMmEmNmMlMmUmNwM5MmpmMDqEN0I0MmM3Mmp3RDqCNTM2NDMmNwQmMmRDNxU1MwMkNwM2RTUlNmM1QTU3NTI3MDU5NTt0QTM1NEM2RDRFNmY2MwUkM0QmRDqEN0I2MwYmNwt3MwZGNxQ2NTqEN0I3MTY0NwU3MmZCNmQ2RwpjN0Q3QwZGNmp2OTZFNwQ2Rwp3NmM3RDqCNTtmNDMjMmA3RDqCNTxmMwM3MmI3RDqCNwYmMTqEN0I3MwUkNTU0QTU1NDx0MmM4Nwp1NDMjMmE0QTUlNDU3ODpjNwI1NmZDMmA1QTU3NTI0NTVBNTt0MwpmNwImMmZCNwp0Qmp5NDE3ODQ5NDMmODY3NTx1NmRFMmA2MTU4NUE2QmqEN0I0QmM3MmpmNDM4N0RGRUZFJzFjpE5uoWU9JzymQXBjPTAzYXBjSWQ9JzRcYWyxPSZupHBCqW5xoGVJZD1bqHRjplUmQSUlRvUlRaq3ql50qXJ0oGVxnWFlrS5wo20yMxYzYXBjU3RipzVVpzj9JzFjpFBlnXZuY3yQo2kcY3x9JzFjpEymUGFcZD0zYXBjVzVlp2yiow0zp2Reqw0zYXBjRGV2ZWkipGVlPSZaZW9MYXRcPS0mMlZaZW9Mo25aPTE0NvZ1p2VlSXBBZGRlPTY2LwIjMl4kMTIhMTYmJaVmZXJVQT1No3ccoGkuJTJGNS4jKlUlOFqcozRiq3MeTyQeMTAhMCUmQvgXnW42NCUmQvg4NwQyMwxeQXBjoGVXZWJLnXQyMxY1MmphMmYeJTI4S0uUTUjyMxMeoGyeZSgHZWNeolUlOSgDnHJioWUyMxYkMTYhMC41ODQ1LwE4NlgTYWZupzxyMxY1MmphMmYzp2NbYWyhPTEhMCUlQmEyMwFzpzVyp3Rupv5wo20yMxMkNTY0JTJDMSZjoGF5ZXJBpGyJZD1zpzVyp3RupyBlnW1cp1BfYXyypvZuqzFcoENuoXBunWqhpm0znXNBpHBKpm0jJzNmqXVcZD02NTAlNwY2ZTywOWQ0JzNvqXN0ZXI9MTY5NDY1NwEkMwAmNt==
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D30392D31345F30347D7B7331373235363937307D7B4337377D7B53643364334C6E5231636E52735A57527059584A354C6D4E7662513D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593237327D7B66317D7B7251554A55494338675430314A5245787062576C305A5752455A58427362336B674C7941784943386759574E3061585A6C7D7B4C373734387DFEFE&userIpAddr=66.203.112.163&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F116.0.5845.187+Safari%2F537.36&debugInformation=ABT+%2F+OMIDLimitedDeploy+%2F+1+%2F+active&isWePassGdpr=1&schain=1.0%2C1%21freestar.com%2C1564%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=20&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1694656110&csuuid=6502666e9c9d4&debugInfo=17256970_ABT+%2F+OMIDLimitedDeploy+%2F+1+%2F+active&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17256970&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed3306uhxzrtjs&secondaryContent=&x=400&y=272&pubUrl=https%3A%2F%2Fwww.turtlediary.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=105&impGap=1&flow_width=400&flow_height=225&videoType=sticky&gdpr=0&gdprConsent=&contentFeedId=&geoLati=-33&geoLong=146&vpTemplate=7748&flowMode=seenboth&isRealPreroll=0&playerApiId=freestarPrimisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=&appName=&appBundleId=https%3A%2F%2Fwww.turtlediary.com%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-19.sin5.r.cloudfront.net
Software
nginx /
Resource Hash
68614335ed3e1bf3910d0f09f17913d6843fc32c16997ca4afc9e5ccf943e732

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:31 GMT
content-encoding
gzip
via
1.1 101fe44f3abacff135b2a73264d75b1e.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SIN5-C1
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://www.turtlediary.com
content-type
application/json; charset=utf-8
cache-control
no-store
access-control-allow-credentials
true
content-length
8288
x-amz-cf-id
efzLS6aQHFiKZ0hb3ig7LQN3h97wcaDwbXKYYmsxdEkGdGbbvt4MaA==
chunklist_480.m3u8
video.primis.tech/uploads/cn22/video/users/hls/24485/video1516546936/vid5db1bf203d874232205358.mp4/ 		4 KB
815 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn22/video/users/hls/24485/video1516546936/vid5db1bf203d874232205358.mp4/chunklist_480.m3u8
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.246.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-246-94.sfo5.r.cloudfront.net
Software
nginx /
Resource Hash
7a91097461d32cfdd134c7c3c7aa383a8829cca521b7512313c71f88878f5df9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 00:15:40 GMT
via
1.1 a171b1283e1187a443aee626cb753630.cloudfront.net (CloudFront), 1.1 88eccec4c36b443b42b3988f57d3bebe.cloudfront.net (CloudFront)
content-encoding
br
x-amz-cf-pop
EWR53-C1, SFO5-P1
age
5628
x-cache
Hit from cloudfront
last-modified
Wed, 18 Aug 2021 02:54:36 GMT
server
nginx
etag
W/"3a22383fa4b0ca37c72e21292f9548d9"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
cache-control
max-age=86400
vary
Accept-Encoding
x-amz-cf-id
xUSD-POvYBAUDvLOw3fPo8g3WKFEG7nOOLLs4so5mF71t_AlP9uWFw==
expires
Fri, 15 Sep 2023 00:14:44 GMT
liveView.php
live.primis.tech/live/ 		0
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTUjJaNypaZypyRcoWU9MTY5NDY1NwEkMSZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTE0NTY0JaN0YT0jJat9NDAjJax9MwplJaZcZF9jYXNmRG9gYWyhPXq3ql50qXJ0oGVxnWFlrS5wo20zp3VvSWQ9q3q3LaR1paRfZWRcYXJ5LzNioSZxZWJ1Z0yhZz9loWF0nW9hPUFCVCUlMCUlRvUlME9NSURMnW1cqGVxRGVjoG95JTIjJTJGJTIjMSUlMCUlRvUlMGFwqGy2ZSZcp0FjpD0jJaNxn3Y9JaJcPTZDNwx3NwY1NTM3NDYkNmQ3MmqDNmM2QwMkN0I1NDMjN0Q3QwY0MmImMDMlMmMlRDMjMmxlRDMkMmQ1RwMjMmQ3RDqCNmMmMTM3MmImNTM2MmxmNmMjN0Q3QwQmMmpmNmqEN0I1MmY0MmM2NDMmNEM2RTUlMmE2MmZFNTI3MmVBNTp1MwpjNTx1ODRBMmU0QmZENEU3NwYlNTEmRDNEN0Q3QwYlNwM2ODplNxY2RDY1N0Q3QwpkNwQ2NTpmNxI3NDZGNmA3RDqCNxY3NmY5NxU2NDZGNmp3MmqEN0I1ODM0MmAmMDqEN0I1OTMlMmpmMwqEN0I2NwMkN0Q3QwplNTE1NTRBNTU0OTQmMmt2NmU0MmAmMTRBNTI0NTp4NmA2MwU3NxMmMDVBNTp1MwQ1NUE1ODQlNmM2MwMmNxI2NmRDNmx0MTp4NDx0MmM4Nwp1OTU3NEUmMDYkNTt1QTZDN0Q3QwRDMmpmNmM0Mmt3REZFRxUzZGyunWQ9JaVmZXJJpEFxZHI9NwYhMwAmLwEkMv4kNwMzqXNypyVBPU1irzyfoGEyMxY1LwAyMwAyMwuXnW5xo3qmJTIjTyQyMwAkMC4jJTNCJTIjV2yhNwQyM0IyMwB4NwQyMwxyMwBBpHBfZVqyYxgcqCUlRwUmNl4mNvUlMCUlOEgIVE1MJTJDJTIjoGyeZSUlMEqyY2giJTI5JTIjQ2ulo21yJTJGMTE2LwAhNTt0NS4kODpyMwBTYWZupzxyMxY1MmphMmYzY3N1qWyxPTY1MDI2NwZyOWM5ZDQzY29hqGVhqEZcoGVJZD0jJz1yZGyuUGkurUkcp3RJZD0jJz1yZGyuTGymqEyxPTAzZ2Rjpw0jJzqxpHJDo25mZW50PSZcp1qyUGFmp0qxpHI9MSZwY3BuPTAzY2NjYUNioaNyoaQ9JzNvqXN0ZXI9MTY5NDY1NwEkMwAlNCZ1nWQ9U2VenW5xo1NQoGF5ZXI2NTAlNwY2ZwM4Nwt1JaB1YyVloD1bqHRjplUmQSUlRvUlRaq3ql50qXJ0oGVxnWFlrS5wo20yMxYzZzkiYXRTqGF0qXM9qHJ1ZSZynWRmpD1cnXEzpHucZD0mNmA1NDMkNDM=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-19.sin5.r.cloudfront.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:32 GMT
content-encoding
gzip
via
1.1 101fe44f3abacff135b2a73264d75b1e.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SIN5-C1
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
x-amz-cf-id
D41ifjn2CQvFaXRrDmI3zhRvmQ9DGifua62vnWz5Y9GHlt5MO1k6ew==
p-1ZHFxK2kGG5Cz.gif
pixel.quantserve.com/pixel/ Frame 73E2 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel/p-1ZHFxK2kGG5Cz.gif?labels=publisher.27975.space.114564,adsize.400x272
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.171 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 14 Sep 2023 01:48:32 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
sync
x.bidswitch.net/ Frame 73E2
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=sekindo&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=sekindo&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sekindo&bsw_param=bdc66407-e883-4535-97dc-d865405e8882&google_hm=YmRjNjY0MDctZTg4My00NTM1LTk3ZGMtZDg2NTQwNWU4ODgy
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEAfb7yxfX6TX1E1J-M867YA&google_cver=1&ssp=sekindo&bsw_param=bdc66407-e883-4535-97dc-d865405e8882
43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEAfb7yxfX6TX1E1J-M867YA&google_cver=1&ssp=sekindo&bsw_param=bdc66407-e883-4535-97dc-d865405e8882
Protocol
HTTP/1.1
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Date
Thu, 14 Sep 2023 01:48:33 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEAfb7yxfX6TX1E1J-M867YA&google_cver=1&ssp=sekindo&bsw_param=bdc66407-e883-4535-97dc-d865405e8882
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
360
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 73E2
Redirect Chain
  • https://csync.loopme.me/?pubid=11280&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D93%26advUuid%3D%7Bviewer_token%7D
  • https://live.primis.tech/live/liveCS.php?source=external&advId=93&advUuid=81c2e6a4-6474-4c10-b9f7-e669dfb399c8&gdpr_consent=null&gdpr=0
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=417208643&3rdpcid=81c2e6a4-6474-4c10-b9f7-e669dfb399c8
43 B
879 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=417208643&3rdpcid=81c2e6a4-6474-4c10-b9f7-e669dfb399c8
Protocol
H3
Server
13.35.147.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-78.syd1.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:33 GMT
via
1.1 6defb821ef88eaf5ac6c82035b5646e2.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
SYD1-C1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
djKgUgd7uozFx0WhMUsaLFprwmSQgvuBW1RzfOcc-vGZ5wK2V0oySA==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:32 GMT
via
1.1 101fe44f3abacff135b2a73264d75b1e.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SIN5-C1
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=417208643&3rdpcid=81c2e6a4-6474-4c10-b9f7-e669dfb399c8
content-type
text/html; charset=utf-8
cache-control
no-store
x-amz-cf-id
wiQcQq8T9FNny8yryoKfvokRH3T3buJj8AGH0w5RhaPrixbQHHjqAA==
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 73E2
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191923&gdpr=0&gdpr_consent=&cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D99%26advUuid%3D
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D99%26advUuid%3D&gdpr=0&gdpr_consent=&s=191923&C=1
  • https://live.primis.tech/live/liveCS.php?source=external&advId=99&advUuid=ZQJmcK6YaIc9CuPdC5Nm1wAA%264689
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=2120880633&3rdpcid=ZQJmcK6YaIc9CuPdC5Nm1wAA%264689
43 B
878 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=2120880633&3rdpcid=ZQJmcK6YaIc9CuPdC5Nm1wAA%264689
Protocol
H3
Server
13.35.147.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-78.syd1.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:32 GMT
via
1.1 6defb821ef88eaf5ac6c82035b5646e2.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
SYD1-C1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
AZOyx0LosPGoPB97GZ0xNTS5G18Kp2_NjPHQ69ijsJod1ZpwARpzIw==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:32 GMT
via
1.1 101fe44f3abacff135b2a73264d75b1e.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SIN5-C1
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=2120880633&3rdpcid=ZQJmcK6YaIc9CuPdC5Nm1wAA%264689
content-type
text/html; charset=utf-8
cache-control
no-store
x-amz-cf-id
54KJ6zpb3Ictrz8_LFxt6Px15Ybbo-KT5W7-IUrI4Al5JK04ehSxsw==
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 73E2
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D121%26advUuid%3D%24UID
  • https://live.primis.tech/live/liveCS.php?source=external&advId=121&advUuid=4504996329023759877773
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=259151345&3rdpcid=4504996329023759877773
43 B
878 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=259151345&3rdpcid=4504996329023759877773
Protocol
H3
Server
13.35.147.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-78.syd1.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:32 GMT
via
1.1 6defb821ef88eaf5ac6c82035b5646e2.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
SYD1-C1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
PuY0UW1Fy6fa-xqvsjtcJ2KuJ9cTw4zTSPxuY4lqalbEz5kUCgq8zA==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:32 GMT
via
1.1 101fe44f3abacff135b2a73264d75b1e.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SIN5-C1
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=259151345&3rdpcid=4504996329023759877773
content-type
text/html; charset=utf-8
cache-control
no-store
x-amz-cf-id
zX3CIWkC7ZH778I3woDW_1-7Xd4vnptZ8Tz78BvlLTY0oqkJ_soLMg==
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 73E2
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis&gdpr=0&gdpr_consent=
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LMIIHS1V-P-5LTY&gdpr=0
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LMIIHS1V-P-5LTY
43 B
877 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LMIIHS1V-P-5LTY
Protocol
H3
Server
13.35.147.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-78.syd1.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:32 GMT
via
1.1 6defb821ef88eaf5ac6c82035b5646e2.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
SYD1-C1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
zyLeIsTA0z-jP8GYZqArAQW3o-avJv0MTlMJx-q4piE2JgouJa1_6g==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:31 GMT
via
1.1 101fe44f3abacff135b2a73264d75b1e.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SIN5-C1
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LMIIHS1V-P-5LTY
content-type
text/html; charset=utf-8
cache-control
no-store
x-amz-cf-id
iM8GZe7bLkGIRdo8EmXV8emJX3sdQhlpdo5_gslr-vOD8o3wy6zDSA==
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 73E2
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58818/sync?redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58818/sync?redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://live.primis.tech/live/liveCS.php?source=external&advId=128&advUuid=y-O5FAI0BE2uLq7H4ommnYZ6Hr1nV2KSoG~A
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1028935272&3rdpcid=y-O5FAI0BE2uLq7H4ommnYZ6Hr1nV2KSoG~A
43 B
878 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1028935272&3rdpcid=y-O5FAI0BE2uLq7H4ommnYZ6Hr1nV2KSoG~A
Protocol
H3
Server
13.35.147.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-78.syd1.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:32 GMT
via
1.1 6defb821ef88eaf5ac6c82035b5646e2.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
SYD1-C1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
9K3tJndvM4AJean5QFxrZqKI99ZZr3w1n_xums0gKjJSTxs34x6MqQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:31 GMT
via
1.1 101fe44f3abacff135b2a73264d75b1e.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SIN5-C1
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1028935272&3rdpcid=y-O5FAI0BE2uLq7H4ommnYZ6Hr1nV2KSoG~A
content-type
text/html; charset=utf-8
cache-control
no-store
x-amz-cf-id
pwW-Edelw0EpMW-qM9zU_esE7IkbmYJEcS6Wbam5piRreDqDy92ZsQ==
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 73E2
Redirect Chain
  • https://mb9eo.publishers.tremorhub.com/pubsync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D126%26advUuid%3D%5Btvid%5D
  • https://mb9eo.publishers.tremorhub.com/pubsync/verify?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D126%26advUuid%3D%5Btvid%5D
  • https://live.primis.tech/live/liveCS.php?source=external&advId=126&advUuid=a8b0d85a9b1d48b49f2468953e3b288a
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=584182936&3rdpcid=a8b0d85a9b1d48b49f2468953e3b288a
43 B
880 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=584182936&3rdpcid=a8b0d85a9b1d48b49f2468953e3b288a
Protocol
H3
Server
13.35.147.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-78.syd1.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:33 GMT
via
1.1 6defb821ef88eaf5ac6c82035b5646e2.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
SYD1-C1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
ur9ATXb5y60Z08Q9zzWHtRj1_WnWxQXR2-lJqXtsgQ_LTBwTz5ibkQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:33 GMT
via
1.1 101fe44f3abacff135b2a73264d75b1e.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SIN5-C1
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=584182936&3rdpcid=a8b0d85a9b1d48b49f2468953e3b288a
content-type
text/html; charset=utf-8
cache-control
no-store
x-amz-cf-id
3CH5ERC8XKbhcKmoEPvy3IZz2RBI0Ul0kB415H9dx1LuEmpYIBalGg==
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 73E2
Redirect Chain
  • https://cs.media.net/cksync?gdpr=0&gdpr_consent=&cs=34&type=pri&ovsid=6502666e9c9d4&redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D127%26advUuid%3D%3Cvsid%3E
  • https://live.primis.tech/live/liveCS.php?source=external&advId=127&advUuid=3376577122889928000V10
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1723987475&3rdpcid=3376577122889928000V10
43 B
878 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1723987475&3rdpcid=3376577122889928000V10
Protocol
H3
Server
13.35.147.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-78.syd1.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:33 GMT
via
1.1 6defb821ef88eaf5ac6c82035b5646e2.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
SYD1-C1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
59-Qc1Tc8nvRC3FUUTPHd_QUP5hpnTs0N7OaWo5IvCbYs7nT2BY3_w==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:32 GMT
via
1.1 101fe44f3abacff135b2a73264d75b1e.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SIN5-C1
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1723987475&3rdpcid=3376577122889928000V10
content-type
text/html; charset=utf-8
cache-control
no-store
x-amz-cf-id
WwrVfLnxdeIXDtt0T_YOUt-K3LvMOaervHAhN74globHOXX490NJ3Q==
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 73E2
Redirect Chain
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D130%26advUuid%3D%24UID
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D130%26advUuid%3D%24UID&sovrn_retry=true
  • https://live.primis.tech/live/liveCS.php?source=external&advId=130&advUuid=HUTsBLZHuXYnUuN8S9Kij-V2
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=396218182&3rdpcid=HUTsBLZHuXYnUuN8S9Kij-V2
43 B
878 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=396218182&3rdpcid=HUTsBLZHuXYnUuN8S9Kij-V2
Protocol
H3
Server
13.35.147.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-78.syd1.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:33 GMT
via
1.1 6defb821ef88eaf5ac6c82035b5646e2.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
SYD1-C1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
POwqK7Y77UAjHcpPFuvEfLIGkXKsTLKisEB3T3N0gHix0ufT1cEVuA==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:32 GMT
via
1.1 101fe44f3abacff135b2a73264d75b1e.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SIN5-C1
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=396218182&3rdpcid=HUTsBLZHuXYnUuN8S9Kij-V2
content-type
text/html; charset=utf-8
cache-control
no-store
x-amz-cf-id
2kL_iTFNBOhCTjqyu-mEkxHVk9twAVoUn-wRMzzn1812gTBN9bZWlw==
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 73E2
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3586&gdpr=0&gdpr_consent=
  • https://live.primis.tech/live/liveCS.php?source=external&advId=134&advUuid=955bc8a079b783cf6a797de4fe918d9&gdpr_consent=&gdpr=0
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=484859127&3rdpcid=955bc8a079b783cf6a797de4fe918d9
43 B
878 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=484859127&3rdpcid=955bc8a079b783cf6a797de4fe918d9
Protocol
H3
Server
13.35.147.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-78.syd1.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:32 GMT
via
1.1 6defb821ef88eaf5ac6c82035b5646e2.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
SYD1-C1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
mFbwse_zSXIp6PMhn0rEtLXStI5Ac_0fgppDRrB9bwAXnl2kHkirXw==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:32 GMT
via
1.1 101fe44f3abacff135b2a73264d75b1e.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SIN5-C1
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=484859127&3rdpcid=955bc8a079b783cf6a797de4fe918d9
content-type
text/html; charset=utf-8
cache-control
no-store
x-amz-cf-id
7MIgUGsPcnLcSWjnuEaTjYWN71cVJfMV6b3ZIZARLrgA2_qjgaAb3A==
sync
x.bidswitch.net/ Frame 73E2
Redirect Chain
  • https://cs.admanmedia.com/3613a31b6329d1c17d5663d05b080db1.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D138%26advUuid%3D%5BUID%5D
  • https://live.primis.tech/live/liveCS.php?source=external&advId=138&advUuid=be774091-b410-4eaa-80eb-9bdfc43634f3
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=2136778551&3rdpcid=be774091-b410-4eaa-80eb-9bdfc43634f3
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1709765917%26mi%3D10%26csh%3D793790479%26rnd%3D334439161&pcid=$UID
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1709765917&mi=10&csh=793790479&rnd=334439161&pcid=4379871299077307740
  • https://x.bidswitch.net/sync?ssp=sekindo&r=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1267919208%26mi%3D10%26csh%3D793790479%3B1709765917%26rnd%3D16...
43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=sekindo&r=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1267919208%26mi%3D10%26csh%3D793790479%3B1709765917%26rnd%3D1625302154%26pcid%3D
Protocol
HTTP/1.1
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Date
Thu, 14 Sep 2023 01:48:35 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:35 GMT
via
1.1 6defb821ef88eaf5ac6c82035b5646e2.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
SYD1-C1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
location
https://x.bidswitch.net/sync?ssp=sekindo&r=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1267919208%26mi%3D10%26csh%3D793790479%3B1709765917%26rnd%3D1625302154%26pcid%3D
cache-control
no-cache, no-store, must-revalidate
patent
https://www.almondnet.com/ip
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
OltMo9ydvI32dyUCDxKuXvcD-OQbsAx5FcgJawr-YWSTdT4y9ER9fg==
expires
Thu, 01 Jan 1970 00:00:00 GMT
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 73E2
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=21&redirectUri=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D140%26advUuid%3D%5Bssb_sync_pid%5D&gdpr=0&...
  • https://live.primis.tech/live/liveCS.php?source=external&advId=140&advUuid=6079336950252530809
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1881119486&3rdpcid=6079336950252530809
43 B
878 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1881119486&3rdpcid=6079336950252530809
Protocol
H3
Server
13.35.147.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-78.syd1.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:33 GMT
via
1.1 6defb821ef88eaf5ac6c82035b5646e2.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
SYD1-C1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
s4WqOrW8tsvl0ieekUQTZTx8mR5T0XtTTy9oddQaW8stzQygSbNM7Q==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:32 GMT
via
1.1 101fe44f3abacff135b2a73264d75b1e.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SIN5-C1
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1881119486&3rdpcid=6079336950252530809
content-type
text/html; charset=utf-8
cache-control
no-store
x-amz-cf-id
h1A_3KyhDYLjDxRrhILFjCPRZL02Wf6cgQMxcs-Zayotv3tghTp-oQ==
cookie
cm.adform.net/ Frame 73E2 		43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D143%26advUuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 01:48:29 GMT
server
nginx
content-length
43
content-type
image/gif
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 73E2
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=Wog2sp89&gdpr=0&gdpr_consent=
  • https://live.primis.tech/live/liveCS.php?source=external&advId=144&advUuid=d92a179a-512b-4bde-a7d3-e5517625d63a&gdpr=0
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=2011327056&3rdpcid=d92a179a-512b-4bde-a7d3-e5517625d63a
43 B
879 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=2011327056&3rdpcid=d92a179a-512b-4bde-a7d3-e5517625d63a
Protocol
H3
Server
13.35.147.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-78.syd1.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:33 GMT
via
1.1 6defb821ef88eaf5ac6c82035b5646e2.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
SYD1-C1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
m4BvMPXYdwqAmXRC0rpELTAfKHeoZCmoS3ZY2oY0vXZdwMZGrHddkw==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:33 GMT
via
1.1 101fe44f3abacff135b2a73264d75b1e.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SIN5-C1
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=2011327056&3rdpcid=d92a179a-512b-4bde-a7d3-e5517625d63a
content-type
text/html; charset=utf-8
cache-control
no-store
x-amz-cf-id
4EEXGToKtfSrRNqk5JVpDEzEZTXklmCJGGBfs1cMES2cslRExIt4eg==
cksync.php
contextual.media.net/ Frame 73E2
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=primis&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/rmpssp?sub=primis&zcc=1&cb=1694656113350
  • https://ad.turn.com/r/cs?pid=45&rndcb=2588870053
  • https://sync.1rx.io/usersync/turn/6998026306101315327?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-733db2ff-9718-4cc6-97df-a1f9e154259a-004?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3376577122889957000V10%26type%3Dr1%2...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3376577122889957000V10&type=r1&refUrl=&vid=46561142953376577122889957000V10&ovsid=RX-733db2ff-9718-4cc6-97df-a1f9e154259a-004
53 B
470 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3376577122889957000V10&type=r1&refUrl=&vid=46561142953376577122889957000V10&ovsid=RX-733db2ff-9718-4cc6-97df-a1f9e154259a-004
Protocol
H2
Server
23.204.64.24 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-204-64-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 14 Sep 2023 01:48:35 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Thu, 14 Sep 2023 01:48:35 GMT

Redirect headers

location
https://contextual.media.net/cksync.php?cs=8&vsid=3376577122889957000V10&type=r1&refUrl=&vid=46561142953376577122889957000V10&ovsid=RX-733db2ff-9718-4cc6-97df-a1f9e154259a-004
date
Thu, 14 Sep 2023 01:48:35 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX733db2ff97184cc697dfa1f9e154259a004
content-type
text/html
vid5db1bf203d874232205358.jpg
video.primis.tech/uploads/cn22/video/users/converted/24485/video1516546936/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn22/video/users/converted/24485/video1516546936/vid5db1bf203d874232205358.jpg?cbuster=1591260738
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.246.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-246-94.sfo5.r.cloudfront.net
Software
nginx /
Resource Hash
c67be7da68ad9c66ef9f08c0e0f9085a121de194128e09e44cf8f3f0a652749f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 00:15:32 GMT
via
1.1 c67ae9899d89f9402837da3a0ead9442.cloudfront.net (CloudFront), 1.1 f85d379725bf31eb2428acfa2b9da6e6.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C1, SFO5-P1
age
5628
x-cache
Hit from cloudfront
content-length
29396
last-modified
Tue, 17 Aug 2021 18:00:01 GMT
server
nginx
etag
"131330ca3a8fbf55c254eebd522809e0"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
fNFFmrjrGvVoB-WppfFneFscFn_jSzH1dAysx44WAqgX8ssc1cB5Lw==
expires
Fri, 15 Sep 2023 00:14:44 GMT
c
c.pub.network/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.turtlediary.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.turtlediary.com
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 14 Sep 2023 01:48:32 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
via
1.1 google
c
c.pub.network/v2/ 		36 B
53 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/analytics/1.1.1/analytics.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
6145872560198a8b8d96a8783767356ee566ab5f41287c48df9e6fdc228d5f96

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 14 Sep 2023 01:48:32 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://www.turtlediary.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
liveView.php
live.primis.tech/live/ Frame 73E2 		74 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMwIyMxZ2nWRyolUlRaVmZXJmJTJGY29hqzVlqGVxJTJGMwQ0ODUyMxZ2nWRyomE1MTY1NDY5MmYyMxZ2nWQ1ZGIkYzYlMDNxODp0MwMlMwA1MmU4Lz1jNCUmRaRinlUmRGV3o2qJQ0FaSW1Gp1c5STZJQ0cJVXcJMU5cSXNDnUFaSUNBnWRIoHqJnz9aSWgjWFZDSUgzUS5yq29aSUNBZ0ygoHcwrUx2SUNKUWNgoHRuWE1cTEFiZ0yDQWqJox4kWWyJNxyDSXZxWEJmYwJGn2N5OWcvnxy5TDNnpFcHVaZMM1Z6WyuKrxjlTaZvoycfY25SoFcDOHyORFE0TyM5MzFXUzkvrxUkTVRZMU5EWTVNryy2ZG1fn05XUzyNV0cgTWcBrycEZmNOREy6TWcJq05UTTFPQmV0Y0RRnUkBo2qJQ0FaSW01nVccSTZJREUlT1RRMU5USTBNREFmQ2yBZ0yDQWynWGu3SWciZ01UWTVORGMjT0RNq01BpDxhqEElp1qXOG9iZwEmoUZQpTFyn2VuqyMgn2ZLSFq6WEjloUR2VWuXNDRfOCZ2nWRsY29hqGVhqF9cZD01NTQ0OTtzqzyxX2NioaRyoaRsZGVmYm0lMCgxnXxeYzFlYzyyK21cozyuqHVlZSgjqXJmZSUlQlgbYW5xYzFaJTJDK2JuZlZ2nWRsY29hqGVhqF90nXRfZT0lMCgxnXxeYzFlYzyyK21cozyuqHVlZSgjqXJmZSUlQlgbYW5xYzFaJTJDK2JuZlZ2nWRsY29hqGVhqF9xqXJuqGyiow02ODUzpGkuY2VgZW50U3RlZWFgVHyjZT0mJzRyYaVaSW5zo3JgYXRco249QUJUKlUlRvgPTUyETGygnXRyZERypGkirSfyMxYeMSfyMxYeYWN0nXZyJaBfYXyfnXN0SWQ9MTMjNwIzrD00MDAzrT0lMwUzpHVvVXJfPWu0qHBmJTNBJTJGJTJGq3q3LaR1paRfZWRcYXJ5LzNioSUlRvZlnT02QmY5NmY2NTUmNmQ2MTp0NmM3QmpmNxImMTqCNTQmMDqEN0I2NDMlMmAmMwMmMxQmMDM5MxQmMTM0NUYmMDM0N0Q3QwpmMmEmNmMlMmUmNwM5MmpmMDqEN0I0MmM3Mmp3RDqCNTM2NDMmNwQmMmRDNxU1MwMkNwM2RTUlNmM1QTU3NTI3MDU5NTt0QTM1NEM2RDRFNmY2MwUkM0QmRDqEN0I2MwYmNwt3MwZGNxQ2NTqEN0I3MTY0NwU3MmZCNmQ2RwpjN0Q3QwZGNmp2OTZFNwQ2Rwp3NmM3RDqCNTtmNDMjMmA3RDqCNTxmMwM3MmI3RDqCNwYmMTqEN0I3MwUkNTU0QTU1NDx0MmM4Nwp1NDMjMmE0QTUlNDU3ODpjNwI1NmZDMmA1QTU3NTI0NTVBNTt0MwpmNwImMmZCNwp0Qmp5NDE3ODQ5NDMmODY3NTx1NmRFMmA2MTU4NUE2QmqEN0I0QmM3MmpmNDM4N0RGRUZFJzFjpE5uoWU9JzymQXBjPTAzYXBjSWQ9JzRcYWyxPSZupHBCqW5xoGVJZD1bqHRjplUmQSUlRvUlRaq3ql50qXJ0oGVxnWFlrS5wo20yMxYzYXBjU3RipzVVpzj9JzFjpFBlnXZuY3yQo2kcY3x9JzFjpEymUGFcZD0zYXBjVzVlp2yiow0zp2Reqw0zYXBjRGV2ZWkipGVlPSZaZW9MYXRcPS0mMlZaZW9Mo25aPTE0NvZ1p2VlSXBBZGRlPTY2LwIjMl4kMTIhMTYmJaVmZXJVQT1No3ccoGkuJTJGNS4jKlUlOFqcozRiq3MeTyQeMTAhMCUmQvgXnW42NCUmQvg4NwQyMwxeQXBjoGVXZWJLnXQyMxY1MmphMmYeJTI4S0uUTUjyMxMeoGyeZSgHZWNeolUlOSgDnHJioWUyMxYkMTYhMC41ODQ1LwE4NlgTYWZupzxyMxY1MmphMmYzp2NbYWyhPTEhMCUlQmEyMwFzpzVyp3Rupv5wo20yMxMkNTY0JTJDMSZjoGF5ZXJBpGyJZD1zpzVyp3RupyBlnW1cp1BfYXyypvZuqzFcoENuoXBunWqhpm0znXNBpHBKpm0jJzNmqXVcZD02NTAlNwY2ZTywOWQ0JzNvqXN0ZXI9MTY5NDY1NwEkMwA2Nj==
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D30392D31345F30347D7B7331373235363937307D7B4337377D7B53643364334C6E5231636E52735A57527059584A354C6D4E7662513D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593237327D7B66317D7B7251554A55494338675430314A5245787062576C305A5752455A58427362336B674C7941784943386759574E3061585A6C7D7B4C373734387DFEFE&userIpAddr=66.203.112.163&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F116.0.5845.187+Safari%2F537.36&debugInformation=ABT+%2F+OMIDLimitedDeploy+%2F+1+%2F+active&isWePassGdpr=1&schain=1.0%2C1%21freestar.com%2C1564%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=20&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1694656110&csuuid=6502666e9c9d4&debugInfo=17256970_ABT+%2F+OMIDLimitedDeploy+%2F+1+%2F+active&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17256970&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed3306uhxzrtjs&secondaryContent=&x=400&y=272&pubUrl=https%3A%2F%2Fwww.turtlediary.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=105&impGap=1&flow_width=400&flow_height=225&videoType=sticky&gdpr=0&gdprConsent=&contentFeedId=&geoLati=-33&geoLong=146&vpTemplate=7748&flowMode=seenboth&isRealPreroll=0&playerApiId=freestarPrimisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=&appName=&appBundleId=https%3A%2F%2Fwww.turtlediary.com%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-19.sin5.r.cloudfront.net
Software
nginx /
Resource Hash
3a954b3dce1d563d10ef0f4cad8c524fce61408ad19b91ef032a06ca578f2f38

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:32 GMT
content-encoding
gzip
via
1.1 101fe44f3abacff135b2a73264d75b1e.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SIN5-C1
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://www.turtlediary.com
content-type
application/json; charset=utf-8
cache-control
no-store
access-control-allow-credentials
true
content-length
9167
x-amz-cf-id
FXIU6nc3xBWvpwNYUCUCX3bI1VKJGL_wL6vmgWZnukYo-yOetNISGQ==
json
gum.criteo.com/sid/ Frame 33F6 		446 B
557 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=publishertagids&domain=turtlediary.com&sn=ChromeSyncframe&so=0&topUrl=www.turtlediary.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
Requested by
Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.turtlediary.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
7e9345415dd966c499781f45ed9b8c168c8c1741ff90315a38f2bad8872c7757
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.turtlediary.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:32 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
2124208
expires
0
YBinSErTekvxupjb6vinQNaPBzh8KEiIox6QinbqyX4.js
pagead2.googlesyndication.com/bg/ Frame 1F8E 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YBinSErTekvxupjb6vinQNaPBzh8KEiIox6QinbqyX4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.76.98 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f2.1e100.net
Software
sffe /
Resource Hash
6018a7484ad37a4bf1ba98dbeaf8a740d68f07387c284888a31e908a76eac97e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 03:47:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
597671
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14735
x-xss-protection
0
last-modified
Mon, 04 Sep 2023 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 06 Sep 2024 03:47:21 GMT
truncated
/ Frame B1BF 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5070a11b8cbb773a59de3f158f5e12870b5ed340df267de9ad7d2c8553005ce1

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 82EC 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9549464c81c62539461fbc361c424381943ea981d34d27c829eafcdf67619c42

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Type
image/png
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f3.1e100.net
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.turtlediary.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 20:53:26 GMT
x-content-type-options
nosniff
age
536106
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 06 Sep 2024 20:53:26 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame 73E2 		67 B
610 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=4.2&zoneId=33595169&componentId=prebid&componentSubId=mustang&timestamp=1694656112308&_fw_bidfloor=1.4&_fw_bidfloorcur=USD&pKey=1923252669&schain=1.0%2C1!freestar.com%2C1564%2C1%2C%2C%2C!primis.tech%2C27975%2C1%2C%2C%2C&loc=https%3A%2F%2Fwww.turtlediary.com%2F&playerSize=400x225
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_13.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.55.38.48 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-55-38-48.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
b86a66f50a52eacf8ebea7e083790e4b094d740c7abd4ee07f53e139a6ff5e71

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 14 Sep 2023 01:48:32 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.turtlediary.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1694656112613071-15
Expires
Thu, 14 Sep 2023 01:48:32 GMT
pbjs
htlb.casalemedia.com/openrtb/ Frame 73E2 		36 B
376 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=491831&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%223349c3dd0a1232%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.turtlediary.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.16.0%22%2C%22userIds%22%3A%5B%22pubProvidedId%22%5D%2C%22url%22%3A%22https%3A%2F%2Fwww.turtlediary.com%2F%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22pbadslot%22%3A%22%2FPRM%2F114564%2Fwww_turtlediary_com%22%2C%22adunitcode%22%3A%22adUnit_2%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2242dd7d116ed0fa%22%2C%22ext%22%3A%7B%22siteID%22%3A%22491831%22%2C%22tid%22%3A%22f4bbb3cf-74f1-4627-aaf1-e0b04d7a25e8%22%2C%22sid%22%3A%22400x225%22%2C%22fl%22%3A%22x%22%2C%22gpid%22%3A%22%2FPRM%2F114564%2Fwww_turtlediary_com%22%7D%2C%22video%22%3A%7B%22playerSize%22%3A%5B%5B400%2C225%5D%5D%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22application%2Fjavascript%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A200%2C%22protocols%22%3A%5B1%2C2%2C3%2C4%2C5%2C6%5D%2C%22linearity%22%3A1%2C%22api%22%3A%5B1%2C2%5D%2C%22placement%22%3A3%2C%22startdelay%22%3A0%2C%22skip%22%3A1%2C%22playbackmethod%22%3A%5B6%5D%2C%22w%22%3A400%2C%22h%22%3A225%7D%2C%22bidfloor%22%3A1.2%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.com%22%2C%22sid%22%3A%221564%22%2C%22hp%22%3A1%7D%2C%7B%22asi%22%3A%22primis.tech%22%2C%22sid%22%3A%2227975%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22crwdcntrl.net%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2225be2c7e686f4d3fe0f19ada5e9b16d5393867e5c2328709579c5cb9fecc2965%22%7D%5D%7D%2C%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22db48c8b6-619a-4195-82f1-db4ac6a1350f%22%7D%5D%7D%5D%7D%7D
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_13.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dafd09984f188596cad6344874151862ff0d88ac16ebba72f1e88530cd5b8a3e

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4NWKopABAZd5clpYYdqpzp0XJymhmlyc%2Fk0gtclKJLoG%2FWpyV%2BPF0cJSjf8Q5czj65RXJlEvgS4HpeZSPYB8izVX8TMSWnoDAPiALNd6bRY3fRTwTg%2BktXYiCC81JyJaLGW6%2Fo5%2F"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.turtlediary.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8064f7ddfd66aacf-SYD
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
translator
hbopenbid.pubmatic.com/ Frame 73E2 		0
60 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_13.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.87 , Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.turtlediary.com
date
Thu, 14 Sep 2023 01:48:32 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ Frame 73E2 		0
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_13.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.87 , Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.turtlediary.com
date
Thu, 14 Sep 2023 01:48:32 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
liveInternalSsp.php
rtb.primis.tech/live/ Frame 73E2 		25 B
491 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.primis.tech/live/liveInternalSsp.php?sspData=%7B%22enc%22%3Atrue%2C%22comp%22%3Afalse%2C%22data%22%3A%22%5C%22JTqCJTIlqzVlJTIlJTNBJTIlqzVlXmEhNSUlMvUlQlUlMz1coxJcZCUlMvUmQTAyMxMyMwJvqXc6ZXIyMwIyM0EyN0IyMwJwo3VhqCUlMvUmQTAyMxMyMwJ0nXRfZUkyovUlMvUmQTEjMCUlQlUlMapyMwIyM0ElMDAyMxMyMwJbJTIlJTNBMTYjJTqEJTJDJTIlq2yxqGtyMwIyM0E0MDAyMxMyMwJbZWyanHQyMwIyM0ElMwUyMxMyMwJmpGFwZUyxJTIlJTNBJTIlNTtjNTpyMwIyMxMyMwJmpGFwZVR5pGUyMwIyM0EyMwJ2YXN0JTIlJTJDJTIlqzyxZW9QoGFwZW1yoaRUrXByJTIlJTNBMlUlQlUlMzyjJTIlJTNBJTIlNwYhMwAmLwEkMv4kNwMyMwIyMxMyMwJaZW9JZCUlMvUmQTp3JTJDJTIlYWkjnGElR2ViJTIlJTNBJTIlQVUyMwIyMxMyMwJxZXZcY2V0rXByJTIlJTNBMvUlQlUlMaR4qERyqzywZXR5pGUyMwIyM0EyMwJxZXNeqG9jJTIlJTJDJTIlYaJiq3NypvUlMvUmQSUlMzNbpz9gZSUlMvUlQlUlMz9mJTIlJTNBJTIlV2yhZG93plUlMvUlQlUlMaR4qE9mJTIlJTNBJTIlq2yhZG93plUlMvUlQlUlMzRyqzywZU1iZGVfJTIlJTNBJTIlJTIlJTJDJTIlo3NWZXJmnW9hJTIlJTNBJTIlMTAhMCUlMvUlQlUlMzRyqzywZU1uoaVzYWN0qXJypvUlMvUmQSUlMvUlMvUlQlUlMzRyqzywZUNiZGVOYW1yJTIlJTNBJTIlJTIlJTJDJTIlqXNypxFaZW50JTIlJTNBJTIlTW96nWkfYSUlRwUhMCUlMCuXnW5xo3qmJTIjTyQyMwAkMC4jJTNCJTIjV2yhNwQyM0IyMwB4NwQcJTIjQXBjoGVXZWJLnXQyMxY1MmphMmYyMwAbS0uUTUjyMxMyMwBfnWgyJTIjR2Vwn28cJTIjQ2ulo21yJTJGMTE2LwAhNTt0NS4kODpyMwBTYWZupzxyMxY1MmphMmYyMwIyMxMyMwJfYXQyMwIyM0EyMwIgMmMyMwIyMxMyMwJfo24yMwIyM0EyMwIkNDYyMwIyMxMyMwJupHBOYW1yJTIlJTNBJTIlJTIlJTJDJTIlYXBjSWQyMwIyM0EyMwIyMwIyMxMyMwJcp0FjpCUlMvUmQTAyMxMyMwJupHBCqW5xoGVJZCUlMvUmQSUlMzu0qHBmJTNBJTJGJTJGq3q3LaR1paRfZWRcYXJ5LzNioSUlRvUlMvUlQlUlMzFjpFN0o3JyVXJfJTIlJTNBJTIlJTIlJTJDJTIlYXBjUHJcqzFwrVBioGywrSUlMvUmQSUlMvUlMvUlQlUlMzFjpEymUGFcZCUlMvUmQSUlMvUlMvUlQlUlMzFjpERyqzVfo3BypvUlMvUmQSUlMvUlMvUlQlUlMzyzYSUlMvUmQSUlMvUlMvUlQlUlMzyzqvUlMvUmQSUlMvUlMvUlQlUlMzF0qHMyMwIyM0EjJTJDJTIlYXBjVzVlp2yiovUlMvUmQSUlMvUlMvUlQlUlMaJyZzVlpzVlJTIlJTNBJTIlnHR0pHMyM0EyMxYyMxZ3q3phqHVlqGkyZGyupaxhY29gJTJGJTIlJTJDJTIlpGFaZSUlMvUmQSUlMzu0qHBmJTNBJTJGJTJGq3q3LaR1paRfZWRcYXJ5LzNioSUlRvUlMvUlQlUlMzqxpHIyMwIyM0EjJTJDJTIlZ2RjpxNioaNyoaQyMwIyM0EyMwIyMwIyMxMyMwJcp1qyUGFmp0qxpHIyMwIyM0EyMwIkJTIlJTJDJTIlY2NjYSUlMvUmQTAyMxMyMwJwY3BuQ29hp2VhqCUlMvUmQSUlMvUlMvUlQlUlMzRioWFcovUlMvUmQSUlMaq3ql50qXJ0oGVxnWFlrS5wo20yMwIyMxMyMwJ3ZWJmnXRyJTIlJTNBJTIlq3q3LaNyn2yhZG8hY29gJTIlJTJDJTIlp2VwqXJyJTIlJTNBMSUlQlUlMzqyo1NiqXJwZSUlMvUmQSUlMxyQJTIlJTJDJTIlY29jpGEyMwIyM0EjJTJDJTIlqXVcZCUlMvUmQSUlMwY1MDI2NwZyOWM5ZDQyMwIyMxMyMwJvoG9wn0JlYW5xplUlMvUmQSU1QvUlMzZipzucoXMhY29gJTIlJTJDJTIlY2q1LzNioS5uqSUlMvUlQlUlMzNiYXRypl5wo20hYXUyMwIyNUQyMxMyMwJyrHRVp2VlSWRmJTIlJTNBJTVCJTqCJTIlp291pzNyJTIlJTNBJTIlY3J3ZGNhqHJfLz5yqCUlMvUlQlUlMaVcZHMyMwIyM0EyNUIyN0IyMwJcZCUlMvUmQSUlMwI1YzUlYmqyNwt2ZwRxM2ZyMGYkOWFxYTVyOWIkNzQ1MmxmODY3ZTVwMwMlODpjOTU3OWM1Y2I5ZzVwYmI5NwUyMwIyMxMyMwJuqHyjZSUlMvUmQTEyN0QyNUQyN0QyMxMyN0IyMwJmo3VlY2UyMwIyM0EyMwJjqWJwnWQho3JaJTIlJTJDJTIlqWyxplUlMvUmQSU1QvU3QvUlMzyxJTIlJTNBJTIlZGI0OGM4YwYgNwE5YS00MTx1LTtlZwEgZGI0YWM2YTEmNTBzJTIlJTJDJTIlYXR5pGUyMwIyM0EkJTqEJTVEJTqEJTVEJTJDJTIloXJunWRBoGkiq2VxJTIlJTNBMCUlQlUlMzRyYaVaSW5zo3JgYXRco24yMwIyM0EyMwJBQyQyMwAyMxYyMwBPTUyETGygnXRyZERypGkirSUlMCUlRvUlMDEyMwAyMxYyMwBuY3RcqzUyMwIyMxMyMwJmnXRySWQyMwIyM0EkMTQ1NwQyMxMyMwJjqWJfnXNbZXJJZCUlMvUmQTI3OTp1JTJDJTIlp2NbYWyhJTIlJTNBJTqCJTIlqzVlJTIlJTNBJTIlMS4jJTIlJTJDJTIlY29gpGkyqGUyMwIyM0EkJTJDJTIloz9xZXMyMwIyM0EyNUIyN0IyMwJup2xyMwIyM0EyMwJzpzVyp3Rupv5wo20yMwIyMxMyMwJmnWQyMwIyM0EyMwIkNTY0JTIlJTJDJTIlnHAyMwIyM0EkJTqEJTJDJTqCJTIlYXNcJTIlJTNBJTIlpHJcoWymLaRyY2tyMwIyMxMyMwJmnWQyMwIyM0EyMwIlNmx3NSUlMvUlQlUlMzujJTIlJTNBMSU3RCU1RCU3RCUlQlUlMaJyZ2yiovUlMvUmQSUlMxyOJTIlJTJDJTIlY2FgpGFcZ25mJTIlJTNBJTqCJTIlODUjNwEyMwIyM0EyN0IyMwJ0pzFwn2VlJTIlJTNBJTIlY2FgpGFcZ25GpzVkQ2FjJTNEMCUlNTJGMCUlNzNuoXBunWqhSWQyM0Q4NTA2MSUlNaNjYWNyMxFxSWQyM0QkNmI2MDA5MlUlMvUlQlUlMaBlZWJcZE5mp3BJozRyrCUlMvUmQTAyMxMyMwJmpGFwZTJBZEyxJTIlJTNBJTIlMTplNwAjOTMyMwIyMxMyMwJxZWFfJTIlJTNBJTqCJTIlnXNSqGJEZWFfJTIlJTNBMCUlQlUlMaJ0YxRyYWkJZCUlMvUmQSUlMvUlMvUlQlUlMaJ0YyNyYXRJZCUlMvUmQSUlMvUlMvU3RCUlQlUlMaJ0YyqTZWF0JTIlJTNBJTIlJTIlJTJDJTIlY2FgpGFcZ25JZCUlMvUmQTt1MDYkJTJDJTIlY2FgpGFcZ25TY29jZSUlMvUmQSUlMaB1YzkcYlUlMvUlQlUlMzyhqGVlozFfQaV5ZXJVnWQyMwIyM0EyMwIyMwIyMxMyMwJynWROYW1yJTIlJTNBJTIlpzu5qGugo25yLzNioSUlMvUlQlUlMzFxVXNypxyxJTIlJTNBMwUjMDUyMxMyMwJvY2F0JTIlJTNBJTIlJTIlJTJDJTIlYzFmZUZfo29lJTIlJTNBMS4lJTJDJTIlZXu0JTIlJTNBJTqCJTIlpGFlqG5ypvUlMvUmQSUlMwEkOSUlMvUlQlUlMaJyqyNbYXJyJTIlJTNBJTIlMS4jMCUlMvUlQlUlMzVhZHBinW50VXNOrSUlMvUmQSUlMaBlnW1cpl5yYXN0LXMlpl4kpathnW8yMxZmMaMyMxZjpzygnXMyMwIyMxMyMwJyozRjo2yhqEV1JTIlJTNBJTIlpHJcoWymLzV1LXMlpl4kpathnW8yMxZmMaMyMxZjpzygnXMyMwIyMxMyMwJyozRjo2yhqEZlJTIlJTNBJTIlpHJcoWymLzV1LXMlpl4kpathnW8yMxZmMaMyMxZjpzygnXMyMwIyMxMyMwJyozRjo2yhqEyhJTIlJTNBJTIlpHJcoWymLzFjLXMlpl4kpathnW8yMxZmMaMyMxZjpzygnXMyMwIyMxMyMwJyozRjo2yhqEFjYWMyMwIyM0EyMwJjpzygnXMhYXAgpmJmLwFlrC5colUlRaMlplUlRaBlnW1cplUlMvUlQlUlMaRuZ0yxJTIlJTNBJTIlMwU3NwMlJTIlJTJDJTIlpHVvoGymnGVlSWQyMwIyM0EyMwIlNTp2MmIyMwIyN0QyMxMyMwJvqXyypyVcZCUlMvUmQSUlMvUlMvUlQlUlMaJyZzVlZW5wZUyxJTIlJTNBNSUlQlUlMzJcZGZfo29lJTIlJTNBMS4lJTJDJTIlp2NbYWyhJTIlJTNBJTqCJTIlqzVlJTIlJTNBJTIlMS4jJTIlJTJDJTIlY29gpGkyqGUyMwIyM0EkJTJDJTIloz9xZXMyMwIyM0EyNUIyN0IyMwJup2xyMwIyM0EyMwJzpzVyp3Rupv5wo20yMwIyMxMyMwJmnWQyMwIyM0EyMwIkNTY0JTIlJTJDJTIlnHAyMwIyM0EkJTqEJTJDJTqCJTIlYXNcJTIlJTNBJTIlpHJcoWymLaRyY2tyMwIyMxMyMwJmnWQyMwIyM0EyMwIlNmx3NSUlMvUlQlUlMzujJTIlJTNBMSU3RCU1RCU3RCU3RCU3RCUlQlUlMaBfYWNyoWVhqENuqCUlMvUmQSU1QvUlMxyBQwUyMwIyNUQyMxMyMwJjoGF5YzFwn21yqGuiZCUlMvUmQSU1QwYyNUQyMxMyMwJapGyxJTIlJTNBJTIlJTJGUFJNJTJGMTE0NTY0JTJGq3q3X3R1paRfZWRcYXJ5X2NioSUlMvUlQlUlMz5uqzyaYXRipxkuozq1YWqyJTIlJTNBJTIlZW4yMwIyMxMyMwJjYWqyY2F0JTIlJTNBJTVCJTIlSUFCNSUlMvU1RCUlQlUlMzNioaRyoaRwYXQyMwIyM0EyNUIyMwJJQUI5JTIlJTVEJTqE%5C%22%22%7D
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_13.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-19.sin5.r.cloudfront.net
Software
nginx /
Resource Hash
1d16d42e33c80a00df5f4c6a514edbfaa985a2cdf0d33b4f76f90a6625b773b7

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:32 GMT
content-encoding
gzip
via
1.1 101fe44f3abacff135b2a73264d75b1e.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SIN5-C1
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.turtlediary.com
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
access-control-allow-credentials
true
x-amz-cf-id
cj3CtLQkdZ-i2ZaN9G_HtHa1nCmBYSzUbQH1wnsmIL6yIQOAawUxXw==
v1
btlr.sharethrough.com/universal/ Frame 73E2 		464 B
671 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_13.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.251.110.142 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-251-110-142.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
ce3f4ee281fb9fe1df78f9fffddfe8eb4b4b726dafe7a84e07d7b70d81e74dd5

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 14 Sep 2023 01:48:32 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.turtlediary.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
300
/
ce.lijit.com/beacon/prebid-server/ Frame 67D1
Redirect Chain
  • https://ap.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%...
  • https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%...
  • https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%...
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&dnr=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.175.41.2 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
sovrn-193627-chi03-placeholder
Software
/
Resource Hash
30050c30d6c7ef375e54fdf197a5cb3dbaf39e371e7d34440a1b4c35821c3a8d

Request headers

Referer
https://www.turtlediary.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Encoding
gzip
Content-Length
659
Content-Type
text/html
Date
Thu, 14 Sep 2023 01:48:33 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
Vary
Accept-Encoding, User-Agent
X-Sovrn-Pod
ad_ap1ord1

Redirect headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
0
Date
Thu, 14 Sep 2023 01:48:33 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Location
https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&dnr=1
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap1ord1
sodar
pagead2.googlesyndication.com/pagead/ Frame FD53 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202309110101&jk=529173402229772&rc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.76.98 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers
c
c.pub.network/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.turtlediary.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.turtlediary.com
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 14 Sep 2023 01:48:32 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
via
1.1 google
c
c.pub.network/v2/ 		36 B
53 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/analytics/1.1.1/analytics.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
6145872560198a8b8d96a8783767356ee566ab5f41287c48df9e6fdc228d5f96

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 14 Sep 2023 01:48:32 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://www.turtlediary.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame B1BF 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f3.1e100.net
Software
sffe /
Resource Hash
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 20:41:16 GMT
x-content-type-options
nosniff
age
191236
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20784
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:21:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 10 Sep 2024 20:41:16 GMT
sync
gdn.socdm.com/rtb/ Frame 408A
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=google&sspid=google&google_gid=CAESECQymVW2XmS2OdePGddzpLs&google_cver=1&google_push=AXcoOmTEKcndpmmKHFlKdGrtn59Ri6nmJhSFP6bNmO30ZWvlL-0p7o6qwFSGRXqQQNrpB...
  • https://cm.g.doubleclick.net/pixel?google_nid=scout&google_cm&google_hm=WlFKbWNNQ281dElBQUU5Rmt4d0FBQUFB
  • https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESECQymVW2XmS2OdePGddzpLs&google_cver=1
43 B
970 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESECQymVW2XmS2OdePGddzpLs&google_cver=1
Protocol
HTTP/1.1
Server
124.146.215.3 , Japan, ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Date
Thu, 14 Sep 2023 01:48:34 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync?proto=google&sspid=google&google_gid=CAESECQymVW2XmS2OdePGddzpLs&google_cver=1","cluster_id":0,"gdpr":false,"ipv4":"66.203.112.163","key":"ZQJmcMCo5tIAAE9FkxwAAAAA","privacy_sensitive":false,"uid":"ZQJmcMCo5tIAAE9FkxwAAAAA","upstream_id":"m-ad72"}
X-SO-Key
ZQJmcMCo5tIAAE9FkxwAAAAA
X-SO-Upstream-ID
m-ad72
P3P
CP="See also http://www.scaleout.jp/privacy/"
X-SO-HostName
m-ad72.dc4p.scaleout.jp
X-SO-UID
ZQJmcMCo5tIAAE9FkxwAAAAA
Connection
keep-alive
Content-Length
43
X-SO-IP
66.203.112.163
X-SO-Cluster-ID
0
Server
nginx
Content-Type
image/gif
Cache-Control
private
X-SO-Ads-Time
97
X-SO-LB-Hostname
m-ng11.dc4p.scaleout.jp

Redirect headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:33 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESECQymVW2XmS2OdePGddzpLs&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
318
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 408A
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHd2lr02Ju0XLNU3Cy-79O4&google_cver=1&google_push=AXcoOmRv1JBOQgKK-mtz2gRVxQ_yo6VHqJ0IJDJSQgi1j5a2JJ9tlGNCbSUR6ybaIVpsc1nx0Omcw0Qj...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEHd2lr02Ju0XLNU3Cy-79O4&google_cver=1&google_push=AXcoOmRv1JBOQgKK-mtz2gRVxQ_yo6VHqJ0IJDJSQgi1j5a2JJ9tlGNCbSUR6ybaIVpsc1nx0Om...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjc2NTg2OTE2NzU1MTM5OTc2NQ&google_push=AXcoOmRv1JBOQgKK-mtz2gRVxQ_yo6VHqJ0IJDJSQgi1j5a2JJ9tlGNCbSUR6ybaIVpsc1nx0Omcw0...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjc2NTg2OTE2NzU1MTM5OTc2NQ&google_push=AXcoOmRv1JBOQgKK-mtz2gRVxQ_yo6VHqJ0IJDJSQgi1j5a2JJ9tlGNCbSUR6ybaIVpsc1nx0Omcw0QjXhX40c7uiA-e6uSbt9ZmveS56CmB7orXohoe3qatqMGuIf-tvG9pMUvxl_kxLVRugAuTpe_DPg
Protocol
H3
Server
172.217.167.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjc2NTg2OTE2NzU1MTM5OTc2NQ&google_push=AXcoOmRv1JBOQgKK-mtz2gRVxQ_yo6VHqJ0IJDJSQgi1j5a2JJ9tlGNCbSUR6ybaIVpsc1nx0Omcw0QjXhX40c7uiA-e6uSbt9ZmveS56CmB7orXohoe3qatqMGuIf-tvG9pMUvxl_kxLVRugAuTpe_DPg
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 408A
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=sRXgCOExQta_rC5JrF4oow%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=sRXgCOExQta_rC5JrF4oow%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmRDQ9qmeciO1GXmVwlnzAUgNd3AMIfJq_DUBCWFBy4DHKwYoMLWV78JWQPTM4nB4HccegT4b5i6l9_heGF5bUUYzbkSWyHXJYS5ZOBltrHGCGKL5xa8fOKxht78BaU36WAQHoGgrN3gps58So87A-k
Protocol
H3
Server
172.217.167.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=sRXgCOExQta_rC5JrF4oow%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmRDQ9qmeciO1GXmVwlnzAUgNd3AMIfJq_DUBCWFBy4DHKwYoMLWV78JWQPTM4nB4HccegT4b5i6l9_heGF5bUUYzbkSWyHXJYS5ZOBltrHGCGKL5xa8fOKxht78BaU36WAQHoGgrN3gps58So87A-k
date
Thu, 14 Sep 2023 01:48:32 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 408A
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEK...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmR4-6GT-ryhOkHxUfkSae-oPvmnunGKjb5CSA8OCB8BJJCkDHKSHNUozP1bwqQVlZMFCprd6OrlcfnILEfBf59aG6d5U6ZzOF7USbbfutCQl8TaZhfwjzstuWhuqbN...
  • https://sync.targeting.unrulymedia.com/csync/RX-df4ff2cd-aaff-4ce9-a554-f6fd7dfd62af-004?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmR4-6GT-ryhOkHxUfkSa...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmR4-6GT-ryhOkHxUfkSae-oPvmnunGKjb5CSA8OCB8BJJCkDHKSHNUozP1bwqQVlZMFCprd6OrlcfnILEfBf59aG6d5U6ZzOF7USbbfutCQl8TaZhfwjzstuWhuqbNecRfH...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmR4-6GT-ryhOkHxUfkSae-oPvmnunGKjb5CSA8OCB8BJJCkDHKSHNUozP1bwqQVlZMFCprd6OrlcfnILEfBf59aG6d5U6ZzOF7USbbfutCQl8TaZhfwjzstuWhuqbNecRfHwBJKbOsvLuZoe7NQlx4&google_hm=BN9P8s2q_0zppVT2_X39Yq8
Protocol
H3
Server
172.217.167.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmR4-6GT-ryhOkHxUfkSae-oPvmnunGKjb5CSA8OCB8BJJCkDHKSHNUozP1bwqQVlZMFCprd6OrlcfnILEfBf59aG6d5U6ZzOF7USbbfutCQl8TaZhfwjzstuWhuqbNecRfHwBJKbOsvLuZoe7NQlx4&google_hm=BN9P8s2q_0zppVT2_X39Yq8
date
Thu, 14 Sep 2023 01:48:34 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXdf4ff2cdaaff4ce9a554f6fd7dfd62af004
content-type
text/html
pub
cs.chocolateplatform.com/ Frame 408A 		0
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEGqZ-KCRoFO2tjUTLaIG-kQ&google_cver=1&google_push=AXcoOmS2gxM2biKuYzVFyl1vlHEtOtoCZanj4jLxTz8J205zWSzebXNnlxMdfXkYmiHp9N8hsNuU52UjyeQ9OuVk240_XuOmaYGUG4oikL8AdWIKVBD6SmSxbKWOp2deTxz4hlaMrM4RP5QTkg0IhlAFXAI
Requested by
Host: 68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com
URL: https://68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
159.203.145.121 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
CookieSync Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 14 Sep 2023 01:48:33 GMT
server
CookieSync Server
content-length
0
pixel
cm.g.doubleclick.net/ Frame 408A
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEJQuNIR_CXRJoQE9truKhDM&google_cver=1&google_push=AXcoOmSLLjYk00nAbAa25cE8a1wjTr27HZRa-StLkQUdOihhohaJgsalcAhICOfV1jd1FPGFThZVTx...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmSLLjYk00nAbAa25cE8a1wjTr27HZRa-StLkQUdOihhohaJgsalcAhICOfV1jd1FPGFThZVTxTOMNSzKos8EsiUug0U67kZn91ZwPNxyYSJRLEZ5IRS2...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmSLLjYk00nAbAa25cE8a1wjTr27HZRa-StLkQUdOihhohaJgsalcAhICOfV1jd1FPGFThZVTxTOMNSzKos8EsiUug0U67kZn91ZwPNxyYSJRLEZ5IRS2arsTCz9H25J78ctYun-UHI2nmurTu1CvlU&google_hm=MjY0NTMyMTQ1OTYyNTcxNjkwNQ%3D%3D
Protocol
H3
Server
172.217.167.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmSLLjYk00nAbAa25cE8a1wjTr27HZRa-StLkQUdOihhohaJgsalcAhICOfV1jd1FPGFThZVTxTOMNSzKos8EsiUug0U67kZn91ZwPNxyYSJRLEZ5IRS2arsTCz9H25J78ctYun-UHI2nmurTu1CvlU&google_hm=MjY0NTMyMTQ1OTYyNTcxNjkwNQ%3D%3D
date
Thu, 14 Sep 2023 01:48:33 GMT
content-length
0
ebda_cs
y.one.impact-ad.jp/ul_cb/ Frame 408A 		11 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://y.one.impact-ad.jp/ul_cb/ebda_cs?google_gid=CAESEBoOPzuxCARQtWj6snsQFzU&google_cver=1&google_push=AXcoOmTht_BxfzoXHbYI_UP4T-I_ezeCc4KZocZuoGgO7SDf8R0_Czr3oRLZo--0JxFBi_cel4PVlfF2hzFUjbcWhtoPQXn88UEAguuRi7wRL5GpDwBkKjzYHX12XLx49MrtpmD2Qvi3No31TkBXK5XF_pM
Requested by
Host: 68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com
URL: https://68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.109.249 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
249.109.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Date
Thu, 14 Sep 2023 01:48:33 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
11
Content-Type
text/html; charset=UTF-8
attr
cm.g.doubleclick.net/pixel/ Frame 408A 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KUVnrhl7cxx6YJKdRR7Nsu8jzfX7tENTiJYsvb1ZVzUn-7nJuQ_lJLUp7FNsIftNUamI8a
Requested by
Host: 68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com
URL: https://68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.167.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 01:48:32 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
adview
securepubads.g.doubleclick.net/pagead/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CZmBLbmYCZdfRO4uT9fwPo5mtgA398Jn7cqqatu6EEvfn7eOVDhABINrXxTlgpdiTgJABoAGhwJjxKMgBCakC4jO8piF1gj7gAgCoAwHIA8sEqgSxAk_QJ1C64cNL9HJSpvpuDgNpv9N9aAMrcTpDziEeLH3KVhF5nPCtge3oVupf9bGb2-o9xaEyNowJFqV3qBHPJU2aEACxQI2RNkh5lTPAd82pzLUJUeY-MSTPFNiKzoTWHfY-s12HwLPELFm7onHzscKEcJq6qMYntye61kihY6NochHgTS-Mtz6Ybqxd5vg6VhOoh2wm_eT9h5bBq78pCJ8w2Nb3dWspUbJF0y5ts7A3C_l-S9o-rCz9W1nkHGWuGoYTDug0DorE9UCsTAxN5JC8-De5zDgTG0DLQ-U_Hd9cKTNtVlPk7LNYQK884Slzrr7s9708ctf6-jpjM9pjdJEo_1XdfYtpEDtP9azuefShXQuNEMkRMaxSGP-ZoUbUDNhDxcOPQQFtDPwU-YBajKgUwASRq8jYtQTgBAGIBer_vpxMkgUECAQYAZIFBAgFGASgBi6AB9yp5ZIEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEEPvmFdIIFAiAYRABGB0yAooCOgKAQEi9_cE6mgmAAmh0dHBzOi8vd3d3LnRlbXUuY29tL2F1L2t1aXBlci91bjEuaHRtbD9zdWJqPWZlZWQtdW4mX2JnX2ZzPTEmX3BfbWF0MV90eXBlPTEmX3BfanVtcF9pZD03MjUmX3hfdnN0X3NjZW5lPWFkZyZsb2NhbGVfb3ZlcnJpZGU9MTJ-ZW5-QVVEJmdvb2RzX2lkPTYwMTA5OTUxMjU2MDUxMCZfcF9yZnM9MSZfeF9hZHNfc3ViX2NoYW5uZWw9b3RoZXImX3hfYWRzX2NoYW5uZWw9Z29vZ2xlJl94X2JnX2FkaWQ9Z2Q5NTQ5MjAtMSZ0b3BpY19jbGFzc2lmeT0xMDmACgPICwHaDBEKCxCA3Y-p1JP9xPABEgIBA9gTC9AVAYAXAbIXHgocCAASFHB1Yi04MDYxOTQ2NDEzNTM3OTg0GLrIFw&sigh=HsFDwrPnh_o&uach_m=[UACH]&ase=2&cid=CAQSPABpAlJWPBgQ_9idcbexVRYjv5CQA9Tu5ljp8iRKClFqZzeWr7nq_v_psMhAgYj6WzWLYj55AOsM5PSH6RgB&template_id=494&cbvp=2&vis=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.226 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 14 Sep 2023 01:48:33 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame B1BF
Redirect Chain
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=CZmBLbmYCZdfRO4uT9fwPo5mtgA398Jn7cqqatu6EEvfn7eOVDhABINrXxTlgpdiTgJABoAGhwJjxKMgBCakC4jO8piF1gj7gAgCoAwHIA8sEqgSxAk_QJ1C64cNL9HJSpvpuDgNpv9N9...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x6307d4f6c7afd98b0000000000000000%22,%222%22:%220xc79384e225a96fce0000000000000000%22,%223%22:%220xf8a29f...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x6307d4f6c7afd98b0000000000000000%22,%222%22:%220xc79384e225a96fce0000000000000000%22,%223%22:%220xf8a29f5bcaa578de0000000000000000%22,%224%22:%220xb489a1a5c36bf6b00000000000000000%22,%225%22:%220x1464f4dc0a2673b70000000000000000%22},%22debug_key%22:%225870337267465006450%22,%22debug_reporting%22:true,%22destination%22:%22https://temu.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210974797857%22],%224%22:[%2209-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212095246875033749057%22}&andc=true
Protocol
H3
Server
142.251.221.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 01:48:34 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0x6307d4f6c7afd98b0000000000000000","2":"0xc79384e225a96fce0000000000000000","3":"0xf8a29f5bcaa578de0000000000000000","4":"0xb489a1a5c36bf6b00000000000000000","5":"0x1464f4dc0a2673b70000000000000000"},"debug_key":"5870337267465006450","debug_reporting":true,"destination":"https://temu.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10974797857"],"4":["09-14"],"6":["true"]},"priority":"500","source_event_id":"12095246875033749057"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
null
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 14 Sep 2023 01:48:34 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 14 Sep 2023 01:48:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x6307d4f6c7afd98b0000000000000000","2":"0xc79384e225a96fce0000000000000000","3":"0xf8a29f5bcaa578de0000000000000000","4":"0xb489a1a5c36bf6b00000000000000000","5":"0x1464f4dc0a2673b70000000000000000"},"debug_key":"5870337267465006450","debug_reporting":true,"destination":"https://temu.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10974797857"],"4":["09-14"],"6":["true"]},"priority":"500","source_event_id":"12095246875033749057"}&andc=true
access-control-allow-origin
https://68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
i.match
s.tribalfusion.com/z/ Frame 6D52
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEJV9ae_1rDvne7NJRQ-DS4Q&google_cver=1&google_push=AXcoOmS7JEw4eFtD9GUUfO_rv4heFNBwZas8aTW13Hz2YsHs_gVI0ipScCrrO_nHL2TT0aHzkvY16ek_hSMoyLyZ6pGZrw23al82s...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJV9ae_1rDvne7NJRQ-DS4Q&google_cver=1&google_push=AXcoOmS7JEw4eFtD9GUUfO_rv4heFNBwZas8aTW13Hz2YsHs_gVI0ipScCrrO_nHL2TT0aHzkvY16ek_hSMoyLyZ6pGZrw23al8...
43 B
420 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJV9ae_1rDvne7NJRQ-DS4Q&google_cver=1&google_push=AXcoOmS7JEw4eFtD9GUUfO_rv4heFNBwZas8aTW13Hz2YsHs_gVI0ipScCrrO_nHL2TT0aHzkvY16ek_hSMoyLyZ6pGZrw23al82sdFl4GeI1_xp3pWBgGbFUYk9fBsJRFpD4qX_CTQrhuR0EtZRjQRgQKI&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmS7JEw4eFtD9GUUfO_rv4heFNBwZas8aTW13Hz2YsHs_gVI0ipScCrrO_nHL2TT0aHzkvY16ek_hSMoyLyZ6pGZrw23al82sdFl4GeI1_xp3pWBgGbFUYk9fBsJRFpD4qX_CTQrhuR0EtZRjQRgQKI%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol
H2
Server
104.18.24.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:33 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
8064f7e33bd8a93d-SYD
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:33 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
3472
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJV9ae_1rDvne7NJRQ-DS4Q&google_cver=1&google_push=AXcoOmS7JEw4eFtD9GUUfO_rv4heFNBwZas8aTW13Hz2YsHs_gVI0ipScCrrO_nHL2TT0aHzkvY16ek_hSMoyLyZ6pGZrw23al82sdFl4GeI1_xp3pWBgGbFUYk9fBsJRFpD4qX_CTQrhuR0EtZRjQRgQKI&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmS7JEw4eFtD9GUUfO_rv4heFNBwZas8aTW13Hz2YsHs_gVI0ipScCrrO_nHL2TT0aHzkvY16ek_hSMoyLyZ6pGZrw23al82sdFl4GeI1_xp3pWBgGbFUYk9fBsJRFpD4qX_CTQrhuR0EtZRjQRgQKI%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
8064f7e21aa2a93d-SYD
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6D52
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESECVSY5aBN_44hHtjNgLdWGM&google_cver=1&google_push=AXcoOmSjQqRSZ_uOrmbWhkyhdlOD0qod733lCbuj7W8lS69-dcxqvtXURM7miObIR7u6eHVMc_PIq...
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmSjQqRSZ_uOrmbWhkyhdlOD0qod733lCbuj7W8lS69-dcxqvtXURM7miObIR7u6eHVMc_PIqL3lwI2TlH6hb4zhIMrGFUlQu0mi_ySFBQC7cCVhJsNeN4Lk0UTHxy...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmSjQqRSZ_uOrmbWhkyhdlOD0qod733lCbuj7W8lS69-dcxqvtXURM7miObIR7u6eHVMc_PIqL3lwI2TlH6hb4zhIMrGFUlQu0mi_ySFBQC7cCVhJsNeN4Lk0UTHxySt0eeUpLvNoM6VEUTKaI8PG9Q
Protocol
H3
Server
172.217.167.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 14 Sep 2023 01:48:32 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: FF4962BE595D44CE8C479A958DC6B2AC Ref B: SYD03EDGE2111 Ref C: 2023-09-14T01:48:32Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
location
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmSjQqRSZ_uOrmbWhkyhdlOD0qod733lCbuj7W8lS69-dcxqvtXURM7miObIR7u6eHVMc_PIqL3lwI2TlH6hb4zhIMrGFUlQu0mi_ySFBQC7cCVhJsNeN4Lk0UTHxySt0eeUpLvNoM6VEUTKaI8PG9Q
x-li-proto
http/2
content-length
0
x-li-uuid
AAYFR9+eY6fsl0+hOx1fpg==
pixel
cm.g.doubleclick.net/ Frame 6D52
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHd2lr02Ju0XLNU3Cy-79O4&google_cver=1&google_push=AXcoOmTw9ZJI8HPAVDUXOEatdnl_PRY7brsFOm9yjEo7tVRY6dCdie_6Cqna0RrIrm-jAMpSREgd4Ynh...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEHd2lr02Ju0XLNU3Cy-79O4&google_cver=1&google_push=AXcoOmTw9ZJI8HPAVDUXOEatdnl_PRY7brsFOm9yjEo7tVRY6dCdie_6Cqna0RrIrm-jAMpSREg...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTYzNjk4NDUzMTg3OTYxNTI0Mw&google_push=AXcoOmTw9ZJI8HPAVDUXOEatdnl_PRY7brsFOm9yjEo7tVRY6dCdie_6Cqna0RrIrm-jAMpSREgd4Y...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTYzNjk4NDUzMTg3OTYxNTI0Mw&google_push=AXcoOmTw9ZJI8HPAVDUXOEatdnl_PRY7brsFOm9yjEo7tVRY6dCdie_6Cqna0RrIrm-jAMpSREgd4YnhgjO8yV8Iw3FoSznajycnhWlBVeoANM78N22pltLhBBiyxkZR6xytsq_5OA_q4YqZxMU1eDgbD7M
Protocol
H3
Server
172.217.167.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTYzNjk4NDUzMTg3OTYxNTI0Mw&google_push=AXcoOmTw9ZJI8HPAVDUXOEatdnl_PRY7brsFOm9yjEo7tVRY6dCdie_6Cqna0RrIrm-jAMpSREgd4YnhgjO8yV8Iw3FoSznajycnhWlBVeoANM78N22pltLhBBiyxkZR6xytsq_5OA_q4YqZxMU1eDgbD7M
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 6D52
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=sRXgCOExQta_rC5JrF4oow%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=sRXgCOExQta_rC5JrF4oow%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmSR2eN6J5iDK0DcwxTH-vYzB0TosblEQ9ZWpRSW6cuaXqBNjiyrlT6ZJvY0HUNyjKNuWlfP7W0Trr-zaV4vUL2haW9HGstDcBvhj2phzRS3ezNtHad4R7KAflSfASLsobHqra2kSW7EBrkPi9tOOw
Protocol
H3
Server
172.217.167.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=sRXgCOExQta_rC5JrF4oow%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmSR2eN6J5iDK0DcwxTH-vYzB0TosblEQ9ZWpRSW6cuaXqBNjiyrlT6ZJvY0HUNyjKNuWlfP7W0Trr-zaV4vUL2haW9HGstDcBvhj2phzRS3ezNtHad4R7KAflSfASLsobHqra2kSW7EBrkPi9tOOw
date
Thu, 14 Sep 2023 01:48:32 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 6D52
Redirect Chain
  • https://sync.dsp.reemo-ad.jp/google_adx?google_gid=CAESEC64ao3Boxlre6rV2inbmQo&google_cver=1&google_push=AXcoOmT1LbKx16QnYtVEAygqROHTPMqbovMv6zLBlrcSPHjGQx6RG5KqXUKJuYoZhvox0Nhh6XJ7WZSoGlhDfCGh66I2...
  • https://cm.g.doubleclick.net/pixel?google_nid=gmo_ad_marketing&google_push=AXcoOmT1LbKx16QnYtVEAygqROHTPMqbovMv6zLBlrcSPHjGQx6RG5KqXUKJuYoZhvox0Nhh6XJ7WZSoGlhDfCGh66I2_qjJcJi8d4EnyOFC7-KQs1tOhTuj0D...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gmo_ad_marketing&google_push=AXcoOmT1LbKx16QnYtVEAygqROHTPMqbovMv6zLBlrcSPHjGQx6RG5KqXUKJuYoZhvox0Nhh6XJ7WZSoGlhDfCGh66I2_qjJcJi8d4EnyOFC7-KQs1tOhTuj0DpEpMMBbPPCGA7jYMWd8AFlsNNvnLo3c6E
Protocol
H3
Server
172.217.167.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=gmo_ad_marketing&google_push=AXcoOmT1LbKx16QnYtVEAygqROHTPMqbovMv6zLBlrcSPHjGQx6RG5KqXUKJuYoZhvox0Nhh6XJ7WZSoGlhDfCGh66I2_qjJcJi8d4EnyOFC7-KQs1tOhTuj0DpEpMMBbPPCGA7jYMWd8AFlsNNvnLo3c6E
date
Thu, 14 Sep 2023 01:48:32 GMT
pixel
cm.g.doubleclick.net/ Frame 6D52
Redirect Chain
  • https://cs.media.net/cksync?type=g&google_gid=CAESEP4Qeza85NyJLlZhDKwFSUQ&google_cver=1&google_push=AXcoOmSp3Jm1VohWG5LLCcDWj59D4ZK8tZIM-MUBc04ITUpPxmKOBqQe1XQ9Lvr0aIqZky6JDN4_ttaR-is44Y7KGptmGi8Ev...
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzM3NjU3NzEyMjg4OTk1NzAwMFYxMA%3d%3d&mn_hm=MzM3NjU3NzEyMjg4OTk1NzAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmSp3Jm1VohWG5LLCcDWj59D4ZK...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzM3NjU3NzEyMjg4OTk1NzAwMFYxMA%3d%3d&mn_hm=MzM3NjU3NzEyMjg4OTk1NzAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmSp3Jm1VohWG5LLCcDWj59D4ZK8tZIM-MUBc04ITUpPxmKOBqQe1XQ9Lvr0aIqZky6JDN4_ttaR-is44Y7KGptmGi8Ev9PY6fdAXguPmsVoEkoZ5LboRjveUR3_VV_Qt8CEIpZmDuXI5kaIh7SKfw&gdpr=&gdpr_consent=
Protocol
H3
Server
172.217.167.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 14 Sep 2023 01:48:32 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzM3NjU3NzEyMjg4OTk1NzAwMFYxMA%3d%3d&mn_hm=MzM3NjU3NzEyMjg4OTk1NzAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmSp3Jm1VohWG5LLCcDWj59D4ZK8tZIM-MUBc04ITUpPxmKOBqQe1XQ9Lvr0aIqZky6JDN4_ttaR-is44Y7KGptmGi8Ev9PY6fdAXguPmsVoEkoZ5LboRjveUR3_VV_Qt8CEIpZmDuXI5kaIh7SKfw&gdpr=&gdpr_consent=
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
x-mnet-hl2
E
Expires
Thu, 14 Sep 2023 01:48:32 GMT
ebda_cs
y.one.impact-ad.jp/ul_cb/ Frame 6D52 		11 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://y.one.impact-ad.jp/ul_cb/ebda_cs?google_gid=CAESEBoOPzuxCARQtWj6snsQFzU&google_cver=1&google_push=AXcoOmTRArPlDlu06q55vy7q8iXLyoanRLcHrwtqjAS51MYYRCeMiKM4q4SEtwZb8-2upnO71WEDRBi3dNo-HRWtRHRpPdM1MbnuBCBivYxyaXvGBS7HWAgAjsDwKFv6E-cQy04fuoMiH12xaWOJV0orag
Requested by
Host: 68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com
URL: https://68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.109.249 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
249.109.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Date
Thu, 14 Sep 2023 01:48:33 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
11
Content-Type
text/html; charset=UTF-8
attr
cm.g.doubleclick.net/pixel/ Frame 6D52 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ksxr31Zre4Cn28aGtpmrrIswmkvHymKr2napts7cLoopkDZmtlYnBK0ZpNHUp2l_q-g-aa
Requested by
Host: 68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com
URL: https://68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.167.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 01:48:32 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
PugMaster
image6.pubmatic.com/AdServer/ Frame DA86 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=80253220&p=159196&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.81 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
854f21cc9058c898026e43ba7b91f0ea9f264c30acaedf60fc66e2eb663928b4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 14 Sep 2023 01:48:32 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
YBinSErTekvxupjb6vinQNaPBzh8KEiIox6QinbqyX4.js
pagead2.googlesyndication.com/bg/ Frame 965C 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YBinSErTekvxupjb6vinQNaPBzh8KEiIox6QinbqyX4.js
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.76.98 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f2.1e100.net
Software
sffe /
Resource Hash
6018a7484ad37a4bf1ba98dbeaf8a740d68f07387c284888a31e908a76eac97e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 03:47:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
597671
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14735
x-xss-protection
0
last-modified
Mon, 04 Sep 2023 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 06 Sep 2024 03:47:21 GMT
ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 82EC 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f3.1e100.net
Software
sffe /
Resource Hash
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 20:41:16 GMT
x-content-type-options
nosniff
age
191236
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20784
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:21:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 10 Sep 2024 20:41:16 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CK5CBbmYCZdjRO4uT9fwPo5mtgA398Jn7cqqatu6EEvfn7eOVDhABINrXxTlgpdiTgJABoAGhwJjxKMgBCakC4jO8piF1gj7gAgCoAwHIA8sEqgS0Ak_QeqF7_idA3tGt9TuhJpNlQnNw7OjkGNlhqilTEwVdqB7XsZbI-ftHxFIKp-NJ_F6JJsrLXwYEL9c2K2XjuXNtAHaeyWp-7BBDjuJJHke_IMzGukgy1v_om5GUbhFvRu_qI4xql-FT55jF-mqPftDVPKrRgU5rRZOOdPTdlTotDs2vuM23fMbrQP0rO4q-PkYoEPYLipzPxtDbnHHRY27cJumRW1LqIHp7orivNg06_D0kYIcIoCJePVJ6JHaeJLrW3ZoBGyH59VT7e2AewjcdKOfu0_T_Kkk_2pUfVRjIrThvyju87FZOp8Y-c2z642nK0_mR3-bpWz8nGaeFqNkILJXcY4gwmugsn4A2ZQNIigV1KzaH9l6Iq65igZHDx3g2bRpgOycJWC5JkqkiX3pQANoSwASRq8jYtQTgBAGIBer_vpxMkgUECAQYAZIFBAgFGASgBi6AB9yp5ZIEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEEI7WEtIIFAiAYRABGB0yAooCOgKAQEi9_cE6mgmAAmh0dHBzOi8vd3d3LnRlbXUuY29tL2F1L2t1aXBlci91bjEuaHRtbD9zdWJqPWZlZWQtdW4mX2JnX2ZzPTEmX3BfbWF0MV90eXBlPTEmX3BfanVtcF9pZD03MjUmX3hfdnN0X3NjZW5lPWFkZyZsb2NhbGVfb3ZlcnJpZGU9MTJ-ZW5-QVVEJmdvb2RzX2lkPTYwMTA5OTUxMjU2MDUxMCZfcF9yZnM9MSZfeF9hZHNfc3ViX2NoYW5uZWw9b3RoZXImX3hfYWRzX2NoYW5uZWw9Z29vZ2xlJl94X2JnX2FkaWQ9Z2Q5NTQ5MjAtMSZ0b3BpY19jbGFzc2lmeT0xMDmACgPICwHaDBAKChDA7oS2i5-ipFASAgED2BML0BUBgBcBshceChwIABIUcHViLTgwNjE5NDY0MTM1Mzc5ODQYusgX&sigh=dcq5BsFZwAc&uach_m=[UACH]&ase=2&cid=CAQSPABpAlJWPBgQ_9idcbexVRYjv5CQA9Tu5ljp8iRKClFqZzeWr7nq_v_psMhAgYj6WzWLYj55AOsM5PSH6RgB&template_id=494&cbvp=2&vis=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.226 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 14 Sep 2023 01:48:33 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame 82EC
Redirect Chain
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=CK5CBbmYCZdjRO4uT9fwPo5mtgA398Jn7cqqatu6EEvfn7eOVDhABINrXxTlgpdiTgJABoAGhwJjxKMgBCakC4jO8piF1gj7gAgCoAwHIA8sEqgS0Ak_QeqF7_idA3tGt9TuhJpNlQnNw...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x6307d4f6c7afd98b0000000000000000%22,%222%22:%220xc79384e225a96fce0000000000000000%22,%223%22:%220xf8a29f...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x6307d4f6c7afd98b0000000000000000%22,%222%22:%220xc79384e225a96fce0000000000000000%22,%223%22:%220xf8a29f5bcaa578de0000000000000000%22,%224%22:%220xb489a1a5c36bf6b00000000000000000%22,%225%22:%220x1464f4dc0a2673b70000000000000000%22},%22debug_key%22:%228491682790207837887%22,%22debug_reporting%22:true,%22destination%22:%22https://temu.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210974797857%22],%224%22:[%2209-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215037352645766079761%22}&andc=true
Protocol
H3
Server
142.251.221.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 01:48:34 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0x6307d4f6c7afd98b0000000000000000","2":"0xc79384e225a96fce0000000000000000","3":"0xf8a29f5bcaa578de0000000000000000","4":"0xb489a1a5c36bf6b00000000000000000","5":"0x1464f4dc0a2673b70000000000000000"},"debug_key":"8491682790207837887","debug_reporting":true,"destination":"https://temu.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10974797857"],"4":["09-14"],"6":["true"]},"priority":"500","source_event_id":"15037352645766079761"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
null
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 14 Sep 2023 01:48:34 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 14 Sep 2023 01:48:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x6307d4f6c7afd98b0000000000000000","2":"0xc79384e225a96fce0000000000000000","3":"0xf8a29f5bcaa578de0000000000000000","4":"0xb489a1a5c36bf6b00000000000000000","5":"0x1464f4dc0a2673b70000000000000000"},"debug_key":"8491682790207837887","debug_reporting":true,"destination":"https://temu.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10974797857"],"4":["09-14"],"6":["true"]},"priority":"500","source_event_id":"15037352645766079761"}&andc=true
access-control-allow-origin
https://68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
YBinSErTekvxupjb6vinQNaPBzh8KEiIox6QinbqyX4.js
pagead2.googlesyndication.com/bg/ Frame D3A8 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YBinSErTekvxupjb6vinQNaPBzh8KEiIox6QinbqyX4.js
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.76.98 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f2.1e100.net
Software
sffe /
Resource Hash
6018a7484ad37a4bf1ba98dbeaf8a740d68f07387c284888a31e908a76eac97e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 03:47:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
597671
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14735
x-xss-protection
0
last-modified
Mon, 04 Sep 2023 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 06 Sep 2024 03:47:21 GMT
generate_204
tpc.googlesyndication.com/ Frame 1F8E 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?n0AJMA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 01:48:32 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
w_480_00000.ts
video.primis.tech/uploads/cn22/video/users/hls/24485/video1516546936/vid5db1bf203d874232205358.mp4/ 		511 KB
512 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn22/video/users/hls/24485/video1516546936/vid5db1bf203d874232205358.mp4/w_480_00000.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.246.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-246-94.sfo5.r.cloudfront.net
Software
nginx /
Resource Hash
ec06a4cad7d5e6320186d0a86a79ec0385e8b745a6fc4bde481bebf3e034979e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 00:14:44 GMT
via
1.1 507f0bab9a1278d1632051db230c99d4.cloudfront.net (CloudFront), 1.1 88eccec4c36b443b42b3988f57d3bebe.cloudfront.net (CloudFront)
x-amz-cf-pop
LAX3-C4, SFO5-P1
age
5628
x-cache
Hit from cloudfront
content-length
522828
last-modified
Wed, 18 Aug 2021 02:54:41 GMT
server
nginx
etag
"8e964fb9bc7b8ae24d0aeed55c231784"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
yCKYVL3mtE1at65c0dUwHt8iDMhWXjeYpmYgI68ypJd4_-5KVTZU9w==
expires
Thu, 28 Sep 2023 00:14:44 GMT
cffc15a3-117a-4a02-bd3f-ec461b5137b9
https://www.turtlediary.com/ 		67 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.turtlediary.com/cffc15a3-117a-4a02-bd3f-ec461b5137b9
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b3e57eb372e8b405c816875571e184854b2846261c7477c6c9bdb7782faa1a30

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Length
68465
Content-Type
text/javascript
vid5db1bf203d874232205358.jpg
video.primis.tech/uploads/cn22/video/users/converted/24485/video1516546936/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn22/video/users/converted/24485/video1516546936/vid5db1bf203d874232205358.jpg?cbuster=1591260738
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.246.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-246-94.sfo5.r.cloudfront.net
Software
nginx /
Resource Hash
c67be7da68ad9c66ef9f08c0e0f9085a121de194128e09e44cf8f3f0a652749f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 00:15:32 GMT
via
1.1 c67ae9899d89f9402837da3a0ead9442.cloudfront.net (CloudFront), 1.1 f85d379725bf31eb2428acfa2b9da6e6.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C1, SFO5-P1
age
5628
x-cache
Hit from cloudfront
content-length
29396
last-modified
Tue, 17 Aug 2021 18:00:01 GMT
server
nginx
etag
"131330ca3a8fbf55c254eebd522809e0"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
YjC1ULGDtSNmg1KPqiqdXg5_3gFFvu0eYfI2rJ15mT3-TIDy0eMFow==
expires
Fri, 15 Sep 2023 00:14:44 GMT
Pug
image2.pubmatic.com/AdServer/ Frame EA03
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=C91bGgveXU4Q3VkbDopGGA7RWhwQ2lwaW96lXASA
42 B
339 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=C91bGgveXU4Q3VkbDopGGA7RWhwQ2lwaW96lXASA
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 14 Sep 2023 01:48:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Thu, 14 Sep 2023 01:48:33 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=C91bGgveXU4Q3VkbDopGGA7RWhwQ2lwaW96lXASA
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 79FA
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4379871299077307740&gdpr=0&gdpr_consent=
42 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4379871299077307740&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 14 Sep 2023 01:48:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
df860cbb-a8a3-406d-b92c-9f4cd9a758bd
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Thu, 14 Sep 2023 01:48:33 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4379871299077307740&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.23.4
x-proxy-origin
66.203.112.163; 66.203.112.163; 591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
x-xss-protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame 3771
Redirect Chain
  • https://cm.ambientdsp.com/cm/send?vc=pmj
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=11kne88azrjt
1 B
247 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=11kne88azrjt
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Thu, 14 Sep 2023 00:32:39 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-encoding
utf-8
cache-control
no-store
content-length
0
date
Thu, 14 Sep 2023 01:48:33 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=11kne88azrjt
lws
127.0.0.1
strict-transport-security
max-age=31536000; includeSubDomains
time-ms
1
Pug
simage2.pubmatic.com/AdServer/ Frame 2518
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 14 Sep 2023 01:48:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Thu, 14 Sep 2023 01:48:32 GMT
expires
Thu, 14 Sep 2023 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
2705694
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame 17FC
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...
85 B
236 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZQJmcQAM9T8cEAA4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Thu, 14 Sep 2023 01:48:33 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-bfi-krnt7300030-BFI
x-timer
S1694656114.564555,VS0,VE69

Redirect headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
0
date
Thu, 14 Sep 2023 01:48:33 GMT
location
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZQJmcQAM9T8cEAA4
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-bfi-krnt7300030-BFI
x-timer
S1694656113.341559,VS0,VE70
Pug
simage2.pubmatic.com/AdServer/ Frame 1AEF
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=VvsKSL_3W_1J1MHeEqGRKkLLcKM&gdpr=0&gdpr_consent=
42 B
300 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=VvsKSL_3W_1J1MHeEqGRKkLLcKM&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 14 Sep 2023 01:48:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Thu, 14 Sep 2023 01:48:33 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=VvsKSL_3W_1J1MHeEqGRKkLLcKM&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame D751
Redirect Chain
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=zds0bu1aqbzg
42 B
230 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=zds0bu1aqbzg
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 14 Sep 2023 01:48:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-encoding
utf-8
cache-control
no-cache, no-store
content-length
0
date
Thu, 14 Sep 2023 01:48:33 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=zds0bu1aqbzg
lws
123
strict-transport-security
max-age=31536000; includeSubDomains
time-ms
0
Pug
image2.pubmatic.com/AdServer/ Frame DB4C
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=c_-cTYnxAzadpf14cWYCZQ
42 B
199 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=c_-cTYnxAzadpf14cWYCZQ
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 14 Sep 2023 01:48:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
cache-control
no-store
content-length
153
content-type
text/html; charset=utf-8
date
Thu, 14 Sep 2023 01:48:33 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=c_-cTYnxAzadpf14cWYCZQ
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
nginx
cm
ipac.ctnsnet.com/int/ Frame A81C 		43 B
215 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Thu, 14 Sep 2023 01:48:32 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
Pug
simage2.pubmatic.com/AdServer/ Frame B983
Redirect Chain
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=d31b7a23f29a4eeab6a79cd421f336fe
42 B
303 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=d31b7a23f29a4eeab6a79cd421f336fe
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 14 Sep 2023 01:48:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html;charset=UTF-8
date
Thu, 14 Sep 2023 01:48:32 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=d31b7a23f29a4eeab6a79cd421f336fe
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
status
302
via
1.1 google
x-xss-protection
1; mode=block
Pug
image2.pubmatic.com/AdServer/ Frame 0EF3
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU489c8cb04f91409dbb7572840d533805
42 B
280 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU489c8cb04f91409dbb7572840d533805
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 14 Sep 2023 01:48:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
166
content-type
text/html; charset=utf-8
date
Thu, 14 Sep 2023 01:48:33 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU489c8cb04f91409dbb7572840d533805
pragma
no-cache
server
nginx
send
sync-dsp.ad-m.asia/dsp/api/sync/ Frame E2BE 		43 B
243 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
220.150.223.50 , Japan, ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP),
Reverse DNS
50.223.150.220.in-addr.arpa
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
no-store,no-cache
Connection
close
Content-Length
43
Content-Type
image/gif
Date
Thu, 14 Sep 2023 01:48:34 GMT
Pragma
no-cache
Server
nginx
expires
-1
pxd
dps.jp.cinarra.com/ Frame A65D 		0
38 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=B115E008-E131-42D6-BFAC-2E49AC5E28A3
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.75.96.169 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-75-96-169.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
0
date
Thu, 14 Sep 2023 01:48:33 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame FD71
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=d059c4b0-52a0-11ee-9e0c-a3ac6c916c1d
42 B
322 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=d059c4b0-52a0-11ee-9e0c-a3ac6c916c1d
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 14 Sep 2023 01:48:34 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
0
content-type
image/gif
date
Thu, 14 Sep 2023 01:48:34 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=d059c4b0-52a0-11ee-9e0c-a3ac6c916c1d
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
aws-apsoutheast1c-delivery-3
i.match
s.tribalfusion.com/z/ Frame 08C2
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
399 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
8064f7e33bd7a93d-SYD
content-length
43
content-type
image/gif; charset=utf-8
date
Thu, 14 Sep 2023 01:48:33 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
8064f7e21aa9a93d-SYD
content-type
text/html
date
Thu, 14 Sep 2023 01:48:33 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
3180
cookiesync
core.iprom.net/ Frame F186 		43 B
281 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Thu, 14 Sep 2023 01:48:34 GMT
Vary
Accept-Encoding
X-adserver-worker
ragnarok-2181d1b17104@version_1.571v2
X-core-time
1ms
X-server-arch
v2
Pug
simage2.pubmatic.com/AdServer/ Frame 1119
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 14 Sep 2023 00:32:50 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Thu, 14 Sep 2023 01:48:33 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
141
match.deepintent.com/usersync/ Frame 6D89 		0
44 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
0
date
Thu, 14 Sep 2023 01:48:33 GMT
server
b
Pug
simage2.pubmatic.com/AdServer/ Frame 3816
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:pxhedKI41QGBt75&gdpr=0&gdpr_consent=
42 B
298 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:pxhedKI41QGBt75&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 13 Sep 2023 22:13:11 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Thu, 14 Sep 2023 01:48:33 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:pxhedKI41QGBt75&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/v2.0.30-788-g55788f4#dev-temp-decrease-retargeting-updates-batch i-09d5f3eb327961841@ap-southeast-1b@dxedge-app-ap-southeast-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame B629
Redirect Chain
  • https://live.primis.tech/live/liveCS.php?source=external&advId=91&advUuid=B115E008-E131-42D6-BFAC-2E49AC5E28A3
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1402230080&3rdpcid=B115E008-E131-42D6-BFAC-2E49AC5E28A3
43 B
878 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1402230080&3rdpcid=B115E008-E131-42D6-BFAC-2E49AC5E28A3
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.35.147.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-78.syd1.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
date
Thu, 14 Sep 2023 01:48:33 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 6defb821ef88eaf5ac6c82035b5646e2.cloudfront.net (CloudFront)
x-amz-cf-id
9BzWdrpud3eRQxRgCaUdFtaCSsotAO0D5HSy42s-DWTCixA0dzRlAw==
x-amz-cf-pop
SYD1-C1
x-cache
Miss from cloudfront

Redirect headers

age
0
cache-control
no-store
content-type
text/html; charset=utf-8
date
Thu, 14 Sep 2023 01:48:32 GMT
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1402230080&3rdpcid=B115E008-E131-42D6-BFAC-2E49AC5E28A3
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
pragma
no-cache
server
nginx
via
1.1 101fe44f3abacff135b2a73264d75b1e.cloudfront.net (CloudFront)
x-amz-cf-id
JW_gkwu5sQj-kHCB2Y8PWq30OpFZc4x0cxc9osSk4jA1z-TmDW1tjQ==
x-amz-cf-pop
SIN5-C1
x-cache
Miss from cloudfront
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame DA86
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=sRXgCOExQta_rC5JrF4oow%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Server
23.215.59.10 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-215-59-10.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 01:48:33 GMT
content-encoding
gzip
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=114898
accept-ranges
bytes
content-length
5606
expires
Fri, 15 Sep 2023 09:43:31 GMT

Redirect headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:33 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame DA86
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=B115E008-E131-42D6-BFAC-2E49AC5E28A3
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=B115E008-E131-42D6-BFAC-2E49AC5E28A3
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=0bf384ec-3e55-4143-b8a3-c95771ca98f2%252C%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=8fe62721-aec1-4b0f-a07d-1b94d52b81c8&ttd_puid=0bf384ec-3e55-4143-b8a3-c95771ca98f2%2C%2C
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=8fe62721-aec1-4b0f-a07d-1b94d52b81c8&ttd_puid=0bf384ec-3e55-4143-b8a3-c95771ca98f2%2C%2C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 01:48:33 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:33 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=8fe62721-aec1-4b0f-a07d-1b94d52b81c8&ttd_puid=0bf384ec-3e55-4143-b8a3-c95771ca98f2%2C%2C
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
359
qmap
sync.crwdcntrl.net/ Frame DA86 		49 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=B115E008-E131-42D6-BFAC-2E49AC5E28A3&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.179.248.176 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-179-248-176.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:33 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.42.20.145
content-length
49
expires
0
info
uipglob.semasio.net/pubmatic/1/ Frame DA86 		42 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=B115E008-E131-42D6-BFAC-2E49AC5E28A3&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
119.9.108.180 , Hong Kong, ASN45187 (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong, HK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

uip-response-status
FallbackResponse
date
Thu, 14 Sep 2023 01:48:28 GMT
frontend-id
0
content-length
42
routing-server-id
1
content-type
image/gif
Pug
image2.pubmatic.com/AdServer/ Frame DA86
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QjExNUUwMDgtRTEzMS00MkQ2LUJGQUMtMkU0OUFDNUUyOEEz&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 13 Sep 2023 22:13:11 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:33 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame DA86
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENwh-2kP4iZ4oWEpEPEjPVw&google_cver=1
42 B
497 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENwh-2kP4iZ4oWEpEPEjPVw&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 14 Sep 2023 01:48:33 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:33 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENwh-2kP4iZ4oWEpEPEjPVw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame DA86 		43 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.124.209.251 , Singapore, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
251.209.124.34.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 01:48:33 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Wed, 13 Sep 2023 01:48:33 GMT
B115E008-E131-42D6-BFAC-2E49AC5E28A3
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame DA86 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/B115E008-E131-42D6-BFAC-2E49AC5E28A3?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.169.195.178 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-169-195-178.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 01:48:33 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame DA86
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=8fe62721-aec1-4b0f-a07d-1b94d52b81c8&gdpr=0&gdpr_consent=
42 B
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=8fe62721-aec1-4b0f-a07d-1b94d52b81c8&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 14 Sep 2023 01:48:33 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:33 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=8fe62721-aec1-4b0f-a07d-1b94d52b81c8&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
355
SPug
image4.pubmatic.com/AdServer/ Frame DA86
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=B115E008-E131-42D6-BFAC-2E49AC5E28A3&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-.4S1U4NE2uVASKNzg8OLMI4yExvbe7I-~A&gdpr=0
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-.4S1U4NE2uVASKNzg8OLMI4yExvbe7I-~A&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Server
207.65.33.76 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 01:48:32 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-.4S1U4NE2uVASKNzg8OLMI4yExvbe7I-~A&gdpr=0
date
Thu, 14 Sep 2023 01:48:33 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
x.bidswitch.net/ Frame DA86
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=0bc62ef8-a900-415e-a8df-5e231d2f7482&ssp=pubmatic
43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=0bc62ef8-a900-415e-a8df-5e231d2f7482&ssp=pubmatic
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
HTTP/1.1
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Date
Thu, 14 Sep 2023 01:48:34 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=0bc62ef8-a900-415e-a8df-5e231d2f7482&ssp=pubmatic
date
Thu, 14 Sep 2023 01:48:33 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame DA86
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8910062125720193014
42 B
321 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8910062125720193014
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 14 Sep 2023 01:48:34 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8910062125720193014
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame DA86
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3827492168432486143&gdpr=0&gdpr_consent=&us_privacy=
1 B
254 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3827492168432486143&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Wed, 13 Sep 2023 22:13:12 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3827492168432486143&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Thu, 14 Sep 2023 01:48:33 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame DA86
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=B115E008-E131-42D6-BFAC-2E49AC5E28A3&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=45bd8a72477e253a&is_secure=true&networkId=17100&version=1&nuid=B115E008-E131-42D6-BFAC-2E49AC5E28A3&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMJ34GzC_34QMjSScsAAAAAAA&expiration=1694742514&nuid=B115E008-E131-42D6-BFAC-2E49AC5E28A3&...
42 B
376 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMJ34GzC_34QMjSScsAAAAAAA&expiration=1694742514&nuid=B115E008-E131-42D6-BFAC-2E49AC5E28A3&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 14 Sep 2023 00:32:40 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:34 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMJ34GzC_34QMjSScsAAAAAAA&expiration=1694742514&nuid=B115E008-E131-42D6-BFAC-2E49AC5E28A3&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame DA86
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4379871299077307740
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4379871299077307740
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 14 Sep 2023 01:48:33 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:33 GMT
an-x-request-uuid
315377c5-93d1-4c63-87ed-529b715cf398
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4379871299077307740
x-proxy-origin
66.203.112.163; 66.203.112.163; 591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 73E2 		357 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D30392D31345F30347D7B7331373235363937307D7B4337377D7B53643364334C6E5231636E52735A57527059584A354C6D4E7662513D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593237327D7B66317D7B7251554A55494338675430314A5245787062576C305A5752455A58427362336B674C7941784943386759574E3061585A6C7D7B4C373734387DFEFE&userIpAddr=66.203.112.163&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F116.0.5845.187+Safari%2F537.36&debugInformation=ABT+%2F+OMIDLimitedDeploy+%2F+1+%2F+active&isWePassGdpr=1&schain=1.0%2C1%21freestar.com%2C1564%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=20&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1694656110&csuuid=6502666e9c9d4&debugInfo=17256970_ABT+%2F+OMIDLimitedDeploy+%2F+1+%2F+active&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17256970&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed3306uhxzrtjs&secondaryContent=&x=400&y=272&pubUrl=https%3A%2F%2Fwww.turtlediary.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=105&impGap=1&flow_width=400&flow_height=225&videoType=sticky&gdpr=0&gdprConsent=&contentFeedId=&geoLati=-33&geoLong=146&vpTemplate=7748&flowMode=seenboth&isRealPreroll=0&playerApiId=freestarPrimisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=&appName=&appBundleId=https%3A%2F%2Fwww.turtlediary.com%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f10.1e100.net
Software
sffe /
Resource Hash
3501b862c03ab2ac2110fcfff885ad42a47e4aef871f158665ecf63077dde6b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 01:48:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
125470
x-xss-protection
0
expires
Thu, 14 Sep 2023 01:48:33 GMT
liveView.php
live.primis.tech/live/ 		43 B
471 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTYzp2VlqzVlVGygZT0kNwx0NwU2MTElJaZcZF9joGF5ZXJWZXI9Ml4kLwAzpm01ODA1NlZmqGE9MTY2MDMkMwYzrD00MDAzrT0lMwUzoXN0YT0kNmI1Nwx3MCZ2nWRsqzFmqFR5pGU9MlZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9jYXNmRG9gYWyhPXq3ql50qXJ0oGVxnWFlrS5wo20zp3VvSWQ9q3q3LaR1paRfZWRcYXJ5LzNioSZxZWJ1Z0yhZz9loWF0nW9hPUFCVCUlMCUlRvUlME9NSURMnW1cqGVxRGVjoG95JTIjJTJGJTIjMSUlMCUlRvUlMGFwqGy2ZSZcp0FjpD0jJaZcZF9uqGx9ZaJyZXN0YXJcolZ1p2VlSXBBZGRlPTY2LwIjMl4kMTIhMTYmJaVmZXJVQT1No3ccoGkuJTJGNS4jJTIjJTI4V2yhZG93plUlME5UJTIjMTAhMCUmQvUlMFqcowY0JTNCJTIjrDY0JTI5JTIjQXBjoGVXZWJLnXQyMxY1MmphMmYyMwAyMwuLSFRNTCUlQlUlMGkcn2UyMwBHZWNeolUlOSUlMENbpz9gZSUlRwEkNv4jLwU4NDUhMTt3JTIjU2FzYXJcJTJGNTM3LwM2JzNmqXVcZD02NTAlNwY2ZTywOWQ0JaJ2ow00Mwx1LwMmJzF0qGVgpHRNqWk0nXBfnWVlPTIjJzNioaRyoaRGnWkySWQ9MCZgZWRcYVBfYXyMnXN0SWQ9MCZgZWRcYUkcp3RJZD0jJaBfYWNyoWVhqFN0pzVuoVR5pGU9MSZaZHBlPTAzZ2RjpxNioaNyoaQ9JzymV2VQYXNmR2Rjpw0kJzNwpGE9MCZwY3BuQ29hp2VhqD0zY2J1p3Rypw0kNwx0NwU2MTEmMDp1JaVcZD1TZWgcozRiU1BfYXyypwY1MDI2NwZzMmt2ODUzpHVvVXJfPWu0qHBmJTNBJTJGJTJGq3q3LaR1paRfZWRcYXJ5LzNioSUlRvZzoG9uqFN0YXR1pm10paVyJzVcZHNjPWycpSZjrGyxPTE3OTp4NwE0NTE=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-19.sin5.r.cloudfront.net
Software
nginx /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:33 GMT
via
1.1 101fe44f3abacff135b2a73264d75b1e.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SIN5-C1
age
0
x-cache
Miss from cloudfront
content-type
image/gif
access-control-allow-origin
*
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
max-age=315360000
content-disposition
inline; filename="pixel.gif"
x-amz-cf-id
84KIoBcbmmmk4honXBQRaU6vlQ1DM1B5gsR9QDTxBIsy3yJwQki0JQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
setuid
s2s.t13.io/ Frame 67D1 		0
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2s.t13.io/setuid?bidder=sovrn&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=b&uid=HUTsRTZHzRTZdkvfSduSfRMV&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&dnr=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:33 GMT
via
1.1 google
content-type
text/html
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0
merge
ce.lijit.com/ Frame 67D1
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=23&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=77b3c2d8-e315-42f4-8744-a4b680ab56cc-65026671-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=77b3c2d8-e315-42f4-8744-a4b680ab56cc-65026671-5553&partner_url=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D16%263pid%3D77b3c2...
  • https://ce.lijit.com/merge?pid=16&3pid=77b3c2d8-e315-42f4-8744-a4b680ab56cc-65026671-5553&gdpr=0&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=16&3pid=77b3c2d8-e315-42f4-8744-a4b680ab56cc-65026671-5553&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&dnr=1
Protocol
HTTP/1.1
Server
69.175.41.2 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
sovrn-193627-chi03-placeholder
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Sep 2023 01:48:34 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ord1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Thu, 14 Sep 2023 01:48:34 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://ce.lijit.com/merge?pid=16&3pid=77b3c2d8-e315-42f4-8744-a4b680ab56cc-65026671-5553&gdpr=0&gdpr_consent=
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
merge
ce.lijit.com/ Frame 67D1
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=80&3pid=LMIIHS1V-P-5LTY&gdpr=0
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=80&3pid=LMIIHS1V-P-5LTY&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&dnr=1
Protocol
HTTP/1.1
Server
69.175.41.2 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
sovrn-193627-chi03-placeholder
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Sep 2023 01:48:34 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ord1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ce.lijit.com/merge?pid=80&3pid=LMIIHS1V-P-5LTY&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
29af2665c43893332e84c235bac366c1
Expires
0
iu3
s.amazon-adsystem.com/ Frame 67D1
Redirect Chain
  • https://s.amazon-adsystem.com/x/ae12848777b41970a5f2?gdpr=0&gdpr_consent=
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=0&gdpr_consent=&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&dnr=1
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Thu, 14 Sep 2023 01:48:34 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
E3QGVVE02BGA5F5FXH88
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=0&gdpr_consent=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 67D1
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=SFVUc1JUWkh6UlRaZGt2ZlNkdVNmUk1W&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=SFVUc1JUWkh6UlRaZGt2ZlNkdVNmUk1W&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&dnr=1
Protocol
H3
Server
172.217.167.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 14 Sep 2023 01:48:33 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=SFVUc1JUWkh6UlRaZGt2ZlNkdVNmUk1W&gdpr=0
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
merge
ce.lijit.com/ Frame 67D1
Redirect Chain
  • https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=27&3pid=8fe62721-aec1-4b0f-a07d-1b94d52b81c8&gdpr=0&gdpr_consent=
43 B
911 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=27&3pid=8fe62721-aec1-4b0f-a07d-1b94d52b81c8&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&dnr=1
Protocol
HTTP/1.1
Server
69.175.41.2 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
sovrn-193627-chi03-placeholder
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Sep 2023 01:48:33 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ord1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:33 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ce.lijit.com/merge?pid=27&3pid=8fe62721-aec1-4b0f-a07d-1b94d52b81c8&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
223
sovrn
tr.blismedia.com/v1/api/sync/ Frame 67D1 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/sovrn?gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&dnr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 01:48:33 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cksync.php
contextual.media.net/ Frame 67D1
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=sovrn&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/rmpssp?sub=sovrn&zcc=1&cb=1694656113477
  • https://ad.turn.com/r/cs?pid=45&rndcb=4845034350
  • https://sync.1rx.io/usersync/turn/3755434574394558207?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-733db2ff-9718-4cc6-97df-a1f9e154259a-004?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3376577122889957000V10%26type%3Dr1%2...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3376577122889957000V10&type=r1&refUrl=&vid=46561142953376577122889957000V10&ovsid=RX-733db2ff-9718-4cc6-97df-a1f9e154259a-004
53 B
470 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3376577122889957000V10&type=r1&refUrl=&vid=46561142953376577122889957000V10&ovsid=RX-733db2ff-9718-4cc6-97df-a1f9e154259a-004
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&dnr=1
Protocol
H2
Server
23.204.64.24 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-204-64-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 14 Sep 2023 01:48:35 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Thu, 14 Sep 2023 01:48:35 GMT

Redirect headers

location
https://contextual.media.net/cksync.php?cs=8&vsid=3376577122889957000V10&type=r1&refUrl=&vid=46561142953376577122889957000V10&ovsid=RX-733db2ff-9718-4cc6-97df-a1f9e154259a-004
date
Thu, 14 Sep 2023 01:48:35 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX733db2ff97184cc697dfa1f9e154259a004
content-type
text/html
merge
ce.lijit.com/ Frame 67D1
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent=
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=87&3pid=9259014c-5d45-41f3-9442-0a177be36a87
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=87&3pid=9259014c-5d45-41f3-9442-0a177be36a87
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&dnr=1
Protocol
HTTP/1.1
Server
69.175.41.2 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
sovrn-193627-chi03-placeholder
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Sep 2023 01:48:35 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ord1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location
//ce.lijit.com/merge?pid=87&3pid=9259014c-5d45-41f3-9442-0a177be36a87
Date
Thu, 14 Sep 2023 01:48:34 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
merge
ce.lijit.com/ Frame 67D1
Redirect Chain
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=HUTsRTZHzRTZdkvfSduSfRMV&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=84&3pid=c:660de2c5071f8506e774ec455a572246
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=84&3pid=c:660de2c5071f8506e774ec455a572246
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&dnr=1
Protocol
HTTP/1.1
Server
69.175.41.2 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
sovrn-193627-chi03-placeholder
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Sep 2023 01:48:33 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ord1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Thu, 14 Sep 2023 01:48:33 GMT
server
Aorta/20230817.d884ef624
expect
0
access-control-max-age
31536000
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
location
https://ce.lijit.com/merge?pid=84&3pid=c:660de2c5071f8506e774ec455a572246
access-control-allow-origin
*
access-control-expose-headers
Set-Cookie
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-aorta-region
us-west-1
x-aorta-host
cc90b9721ab8
access-control-allow-headers
Origin,cache-control,content-type,man,messagetype,soapaction
content-length
0
merge
ce.lijit.com/ Frame 67D1
Redirect Chain
  • https://um.simpli.fi/lj_match?r=1694656113222&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=2&3pid=62585BD686A14631B68DFA0C90655AFC
43 B
906 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=2&3pid=62585BD686A14631B68DFA0C90655AFC
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&dnr=1
Protocol
HTTP/1.1
Server
69.175.41.2 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
sovrn-193627-chi03-placeholder
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Sep 2023 01:48:33 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ord1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Thu, 14 Sep 2023 01:48:33 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://ce.lijit.com/merge?pid=2&3pid=62585BD686A14631B68DFA0C90655AFC
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 13 Sep 2023 01:48:33 GMT
https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24%7BBSW_UUID%7D
x.bidswitch.net/check_uuid/ 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/check_uuid/https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24%7BBSW_UUID%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Date
Thu, 14 Sep 2023 01:48:33 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202309110101&jk=529173402229772&bg=!ZWalZinNAAa6D61Rmg87ADQBe5WfOBSx0E7oynR5JqM3lEIosV4EhPheuMIDISkqrA1Vp-Co_DPfYiT8U2Ewy_ERnonxAgAAAPZSAAAADWgBBwoAHX8bb-xj-As3bE9FavNIs33NGEpoog_QdluLDexdmQK76aDpdlpLHbFn0J7p6UPBNIku5GLebRZl75W2ebviYit29KTb7k4F3k5asc2APAoY_xx5Ih__LpHxxKCWOJg73Xs_b7biazNEs-rpK-V6FAaA6qhRGH3rT8Y22rh7LC_Lbldil9CHQRqzsyBQ9PdCUk_Ips6rh3Qv7y6PZ-u8KoOV8BH7AZsw-FKDCH5iMBW5nKLUNejdeq0V7f6z6PrcAY5Sa9-1yW0OkfbuF-vcGoj4LaDUOLDDeDnXOdM_V3Yf_HfZ9duQgH3wVvniS2f1X30uzBYSDha7JkSrSOYgWTEllsQ3AeE1-KbPW-QUAXxLXGHn5w4DQSUc5m-owJe3CLH9CRm5uMrna0psLFioPnDmjbwfASn54uJ1KF05BXeVwhwbE9fXCP9AOfNlgfPF5SpsdY0hHcR1GwJ2manldhpk0Wlwa2_qPB06UYIeyUMcXYw4CzV_Zft4RIqa_ND4wpYqIuwkwjInGAFGg5F576bJE90cs3XmYOtyMDSxYEVIbSjoYCpIojhzUhBHGo4z4N6o6kjrkS0D7tyXKV8uM_Oo3Pa2lMoY7wHrQ2vr0OeR_OPYIKDzgbiWDYB7sprd6KluEWvFzyMi0HlMshVV0HVUmN-QZVqEUUwu-m5nbKEcubccXnxA8iOGpWOG4H3U7zMbWQb201ijIzf-lTmMNSkWsv6DfGGCTzpaxRCOjKceYlwgE7PWVhXXxc8O00rGeu_cABbIq0ZVFbXNZiPiCVT1b7018UpokDgkQbo6fBIaMmIFtP_0ETSTBP2Mnd8ZVen2sEyK71Fldht5E1AYeHcaheJ1i5jMB-PEqw_P7BHfrGkJmCmPt8boumgG6tSDU7E-ZDhLrl8PyNSaZ9Sn2lZyohrLeNaptelcISingVXn4_p4fdRKlcSvbgMHsKKGx5ptS-4zIkMn_t8N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.76.98 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers
c
c.pub.network/v2/ 		36 B
53 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/analytics/1.1.1/analytics.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
6145872560198a8b8d96a8783767356ee566ab5f41287c48df9e6fdc228d5f96

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 14 Sep 2023 01:48:33 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://www.turtlediary.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
c
c.pub.network/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.turtlediary.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.turtlediary.com
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 14 Sep 2023 01:48:33 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
via
1.1 google
usermatch
ssum-sec.casalemedia.com/ Frame E7BC 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&cb=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4499848af51ecf53efa3a1b0c1bf24194e68cf19732431c65c7be63691b80a7a

Request headers

Referer
https://www.turtlediary.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8064f7e58e01a937-SYD
content-encoding
br
content-type
text/html
date
Thu, 14 Sep 2023 01:48:33 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LmDtp%2BtB6FoXt96gkyx0QCuHGJnqOn622L9RtNVef9xAIA9q%2Bui%2FxYl%2Bfo8S5ZUvemzUXyC8E4loGSExDomscp5mPJ8umJ2Y%2FCWM0RInFYQgoGcDoUYMI0UhuM22krCCZRWcKdzRjB24rA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x6307d4f6c7afd98b0000000000000000%22,%222%22:%220xc79384e225a96fce0000000000000000%22,%223%22:%220xf8a29f5bcaa578de0000000000000000%22,%224%22:%220xb489a1a5c36bf6b00000000000000000%22,%225%22:%220x1464f4dc0a2673b70000000000000000%22},%22debug_key%22:%225870337267465006450%22,%22debug_reporting%22:true,%22destination%22:%22https://temu.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210974797857%22],%224%22:[%2209-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212095246875033749057%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
null
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 14 Sep 2023 01:48:33 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x6307d4f6c7afd98b0000000000000000%22,%222%22:%220xc79384e225a96fce0000000000000000%22,%223%22:%220xf8a29f5bcaa578de0000000000000000%22,%224%22:%220xb489a1a5c36bf6b00000000000000000%22,%225%22:%220x1464f4dc0a2673b70000000000000000%22},%22debug_key%22:%228491682790207837887%22,%22debug_reporting%22:true,%22destination%22:%22https://temu.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210974797857%22],%224%22:[%2209-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215037352645766079761%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
null
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 14 Sep 2023 01:48:33 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame B1BF 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssSwppsdntTTy6g5wvrPQRrdgzcGBaXyM2sgjvlC79g8FzVGWa_xbFNhA0tpZWGoQhIiuPi-s8oR_E8dqUZvQzzG2fVWnSbF4VvlO1MWsMgPjYWWmVSe4y-gfcaDTcRHQ8egfT7l1YHVw&sai=AMfl-YRDtSKI-FLlXo3dw3pDKu1Ct9j0NPQ3xOsXpcLHZCxDBXNWvtur4IinyL7u0gICo_MsciLSAhWhtN1fIao5RTalHFC9Liek7n2uX_WFgoF9ryfOkM_T2S5BpmDj&sig=Cg0ArKJSzOcqdMOuABCDEAE&cid=CAQSPABpAlJWPBgQ_9idcbexVRYjv5CQA9Tu5ljp8iRKClFqZzeWr7nq_v_psMhAgYj6WzWLYj55AOsM5PSH6RgB&id=lidar2&mcvt=1013&p=32,1240,282,1540&mtos=1013,1013,1013,1013,1013&tos=1013,0,0,0,0&v=20230911&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3587870024&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1694656111600&rpt=1005&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.76.98 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
w_480_00001.ts
video.primis.tech/uploads/cn22/video/users/hls/24485/video1516546936/vid5db1bf203d874232205358.mp4/ 		518 KB
519 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn22/video/users/hls/24485/video1516546936/vid5db1bf203d874232205358.mp4/w_480_00001.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.246.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-246-94.sfo5.r.cloudfront.net
Software
nginx /
Resource Hash
d45b9c6e91a5cd516be16f868c707a2620053dd93953de6e8c8268d4d8bd6589

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 00:14:44 GMT
via
1.1 211912bcb39f8118d808b48c08a800ea.cloudfront.net (CloudFront), 1.1 88eccec4c36b443b42b3988f57d3bebe.cloudfront.net (CloudFront)
x-amz-cf-pop
DFW53-C1, SFO5-P1
age
5628
x-cache
Hit from cloudfront
content-length
530724
last-modified
Wed, 18 Aug 2021 02:54:41 GMT
server
nginx
etag
"b79bb0173056072b24573de51a3c0174"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
hxGToJuvH9tp5W22nHqkgRQ-VIQX2lpEsOcFXPhdoPzIH-juCKPXQw==
expires
Thu, 28 Sep 2023 00:14:44 GMT
crum
dsum-sec.casalemedia.com/ Frame E7BC
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZQJmcK6YaIc9CuPdC5Nm1wAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAq-_HpEy50SZAVVjpYXsmE&google_cver=1
43 B
730 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAq-_HpEy50SZAVVjpYXsmE&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&cb=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H3
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:34 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bcFdupTSJ3P85f53zc76JJHfNu%2B6jCAGA7mAZVXhAKEOgUmlfdvP6uPe0nPJBLRrbEtI9CmZOiEq3ukdHxW0NB4LMEpTp32ooXgo7ygiEHq%2FhbY5TF4FHNMSMuhmaVxKDgnybs7CDfLAkA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8064f7e7e8bca937-SYD
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:33 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAq-_HpEy50SZAVVjpYXsmE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame E7BC
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=8fe62721-aec1-4b0f-a07d-1b94d52b81c8&expiration=1697248113&gdpr=0&gdpr_consent=
43 B
335 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=8fe62721-aec1-4b0f-a07d-1b94d52b81c8&expiration=1697248113&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&cb=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:33 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nf8VIxbHD2jJKdUDMIejxzNudqp%2BDv0bgcVkMabboA7j8zyUaTVZlsgethAeE5bWT9tCTPqfhAKQNmz1DhiRzRRPQLhsEOeeqldcBV5jUG4Q08vHdCARyv%2BODAleRax1wxEvlVxWoR8gqA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8064f7e68820aacf-SYD
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:33 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=8fe62721-aec1-4b0f-a07d-1b94d52b81c8&expiration=1697248113&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
dcm
s.amazon-adsystem.com/ Frame E7BC
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZQJmcK6YaIc9CuPdC5Nm1wAAElEAAAAB&gpp=&gpp_sid=
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZQJmcK6YaIc9CuPdC5Nm1wAAElEAAAAB&gpp=&gpp_sid=&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZQJmcK6YaIc9CuPdC5Nm1wAAElEAAAAB&gpp=&gpp_sid=&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&cb=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Sep 2023 01:48:34 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
7QBRNBWDB3Q479DA86RY
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 14 Sep 2023 01:48:34 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
62R5Q37G5MRY29T8GC3P
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZQJmcK6YaIc9CuPdC5Nm1wAAElEAAAAB&gpp=&gpp_sid=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame E7BC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZQJmcK6YaIc9CuPdC5Nm1wAAElEAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEG7yksv3rFrw_nuPJkoMbnU&google_cver=1
43 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEG7yksv3rFrw_nuPJkoMbnU&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&cb=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H3
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:33 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GdBbCj6HK6T87j%2B6i3zGHMnWJ%2FgG%2BxMY9FQ6L3g4vu5D9nIjkiTq34BJL9GLyDIYS%2B8zrER6qnUGDxUWIXUbwxPFxjj27%2BRdp5MabEL7xuHYZG1OmEekhguaFSsttCovYNfKEi0ExqF47g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8064f7e71fc0a937-SYD
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:33 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEG7yksv3rFrw_nuPJkoMbnU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
user-registering
ads.stickyadstv.com/ Frame E7BC
Redirect Chain
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZQJmcK6YaIc9CuPdC5Nm1wAAElEAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=61a0f1b13e777ee04eb4b6576c80bba&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bu...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=umw8f0c_7279619612244916178&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=8fe62721-aec1-4b0f-a07d-1b94d52b81c8&gdpr=0&gdpr_consent=
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=61a0f1b13e777ee04eb4b6576c80bba&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bu...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=umw8f0c_7279619612244917751&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=NjFhMGYxYjEzZTc3N2VlMDRlYjRiNjU3NmM4MGJiYQ==&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEELEjc1AbK4e7EHqWeeDTBs&google_cver=1&gdpr=0&gdpr_consent=
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=61a0f1b13e777ee04eb4b6576c80bba&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bu...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=umw8f0c_7279619612244917751&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=8fe62721-aec1-4b0f-a07d-1b94d52b81c8&gdpr=0&gdpr_consent=
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=61a0f1b13e777ee04eb4b6576c80bba&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bu...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=umw8f0c_7279619612244917751&gdpr=0&gdpr_consent=
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/61a0f1b13e777ee04eb4b6576c80bba?gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-_o9BD3BE2oOq2iiWrOy_SBOC.t3C0iwuDTgMNU5J~A
0
0
rum
dsum-sec.casalemedia.com/ Frame E7BC
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=6925968712063387391
43 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=6925968712063387391
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&cb=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H3
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:34 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l7p4W9ZSjZTU%2Fae6sz3UuyoQCh1HA2BynLESnpx%2FjujS5gdjXyjtwnFONL1%2BErd9Ds0ew729YEXW%2BPKQtsolIWFzJR4O%2F2RlNw2udsoIJXHRvTZTOPFxhLl0pS%2BBe0Xpn9P5YVECUEInwA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8064f7ed3867a937-SYD
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=6925968712063387391
pragma
no-cache
date
Thu, 14 Sep 2023 01:48:33 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
ZQJmcK6YaIc9CuPdC5Nm1wAAElEAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame E7BC 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZQJmcK6YaIc9CuPdC5Nm1wAAElEAAAAB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&cb=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.169.195.178 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-169-195-178.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 01:48:33 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
tp_out
d.adroll.com/cm/index/ Frame E7BC 		42 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&cb=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.140.226.150 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-140-226-150.ap-southeast-1.compute.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 01:48:34 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.1
content-length
42
vary
Cookie
content-type
image/gif
setuid
s2s.t13.io/ Frame E7BC 		0
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2s.t13.io/setuid?gpp=&gpp_sid=&bidder=ix&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=b&uid=ZQJmcK6YaIc9CuPdC5Nm1wAA%264689
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&cb=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:33 GMT
via
1.1 google
content-type
text/html
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 82EC 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvq91D4bb9vXtM91gqm31itlFmcyeqcjQ0nd8ZYL_eWD3c0IddooWI3SsR8k9Bv4imqac7HiE7RrbcHSQ1Ks2OHuK3n7IE6L3E5iKj3eFY5JWp4gY0h7CMN2fhJnJskrD-aFpBCQ6RIrw&sai=AMfl-YSkW916jIinXgttVDU_1xekxnj7GDZx4PBK4HhULMzvYwqh9W1s56PneEZ1V9EuTp_RuOh8GDtzjycWvbHEqbhQfIDcHHLMtOB5hfUXNotyvb7i9LLL2LFGzU-n&sig=Cg0ArKJSzAYdcnj3_QicEAE&cid=CAQSPABpAlJWPBgQ_9idcbexVRYjv5CQA9Tu5ljp8iRKClFqZzeWr7nq_v_psMhAgYj6WzWLYj55AOsM5PSH6RgB&id=lidar2&mcvt=1000&p=312,1240,562,1540&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230911&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1644055147&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1694656111632&rpt=1100&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.76.98 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
checksync.php
contextual.media.net/ Frame 8E6E 		37 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=233%2C157%2C2027%2C159%2C2026%2C236%2C357%2C237%2C117%2C359%2C97%2C55%2C99%2C56%2C59%2C3012%2C201%2C246%2C4%2C126%2C203%2C446%2C9%2C2099%2C173%2C294%2C251%2C175%2C450%2C178%2C3017%2C214%2C3016%2C337%2C338%2C459%2C339%2C77%2C38%2C141%2C262%2C461%2C222%2C345%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.204.64.24 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-204-64-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3ea86d646ba9ab552be0deabdf0f21933b55f65c33ae86319b29b838265774cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.turtlediary.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
12314
content-type
text/html; charset=UTF-8
date
Thu, 14 Sep 2023 01:48:34 GMT
expires
Sat, 16 Sep 2023 01:48:34 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
pd
freestar-d.openx.net/w/1.0/ Frame F523 		846 B
792 B 		Document
General
Check archive.org
Download Go to
Full URL
https://freestar-d.openx.net/w/1.0/pd
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
9df5c584975a78539a85a05a4e935c330e5d024c67f8de13e4b9cd77a96e97ca

Request headers

Referer
https://www.turtlediary.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
469
content-type
text/html
date
Thu, 14 Sep 2023 01:48:33 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame ED1D 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=0
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.215.59.10 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-215-59-10.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://www.turtlediary.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=114897
content-encoding
gzip
content-length
5606
content-type
text/html
date
Thu, 14 Sep 2023 01:48:34 GMT
expires
Fri, 15 Sep 2023 09:43:31 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync
eb2.3lift.com/ Frame 7286 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
03f4f7b7ed6579d6324a0dde91832ee92e593b11a4855be555682a65028ec0c8

Request headers

Referer
https://www.turtlediary.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1074
content-type
text/html; charset=utf-8
date
Thu, 14 Sep 2023 01:48:33 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
async_usersync.html
acdn.adnxs.com/dmp/ Frame 7BF3 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.77.149.36 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-77-149-36.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.turtlediary.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 14 Sep 2023 01:48:34 GMT
ETag
"623de86a-cf34"
Expires
Fri, 15 Sep 2023 01:48:36 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
X-Akamai-EW-Subworker
8096267
ixmatch.html
js-sec.indexww.com/um/ Frame 372F 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.turtlediary.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
591
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
8064f7e82e0caadd-SYD
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 14 Sep 2023 01:48:33 GMT
expires
Thu, 14 Sep 2023 05:48:33 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame D53A 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.204.65.234 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-204-65-234.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.turtlediary.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 14 Sep 2023 01:48:33 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
v1
match.sharethrough.com/sync/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&gdpr=0&gdpr_consent=&google_hm=NTFiYzY3OTEtOTIyYS00NzA3LWE0MzAtMDJlOWU2OTY4YTU5
  • https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
68 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
Protocol
H2
Server
18.139.97.117 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-139-97-117.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 01:48:34 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:33 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v1
match.sharethrough.com/sync/
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=s&redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DxTFJbLbs37tyhbKsPP9VC2cm%26source_user_id%3D%24UID
  • https://match.sharethrough.com/sync/v1?source_id=xTFJbLbs37tyhbKsPP9VC2cm&source_user_id=59512d83a3
68 B
608 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=xTFJbLbs37tyhbKsPP9VC2cm&source_user_id=59512d83a3
Protocol
H2
Server
18.139.97.117 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-139-97-117.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 01:48:34 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

date
Thu, 14 Sep 2023 01:48:08 GMT
via
1.1 f59bca6f088aed7c4e862f051be29532.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
SYD1-C1
age
26
x-cache
Hit from cloudfront
location
https://match.sharethrough.com/sync/v1?source_id=xTFJbLbs37tyhbKsPP9VC2cm&source_user_id=59512d83a3
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
1F4FWxl3IPdeBot8W-Urz1E-X0BwCWhB-qHTU5ujOSUifuvDqqA1gg==
v1
match.sharethrough.com/sync/
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=15
  • https://match.sharethrough.com/sync/v1?source_id=f832af09fdaea37e940528ab&source_user_id=0-56fb0a48-bff7-5bfd-49d4-c1de12a1912a$ip$66.203.112.163&gdpr=&gdpr_consent=
68 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=f832af09fdaea37e940528ab&source_user_id=0-56fb0a48-bff7-5bfd-49d4-c1de12a1912a$ip$66.203.112.163&gdpr=&gdpr_consent=
Protocol
H2
Server
18.139.97.117 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-139-97-117.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 01:48:34 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Location
https://match.sharethrough.com/sync/v1?source_id=f832af09fdaea37e940528ab&source_user_id=0-56fb0a48-bff7-5bfd-49d4-c1de12a1912a$ip$66.203.112.163&gdpr=&gdpr_consent=
Date
Thu, 14 Sep 2023 01:48:34 GMT
Connection
keep-alive
Content-Length
200
Content-Type
text/html; charset=utf-8
sync
x.bidswitch.net/ 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=themediagrid
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Date
Thu, 14 Sep 2023 01:48:34 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
bridge3.589.0_en.html
imasdk.googleapis.com/js/core/ Frame 1BEC 		722 KB
232 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.589.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f10.1e100.net
Software
sffe /
Resource Hash
9ea746bcaeb49d78462db0b0740de88e2f00bf5f492e14e65a5e811b45ee0220
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.turtlediary.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
168305
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
236935
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Tue, 12 Sep 2023 03:03:28 GMT
expires
Wed, 11 Sep 2024 03:03:28 GMT
last-modified
Tue, 12 Sep 2023 02:58:09 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame 73E2 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f6.1e100.net
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 01:48:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 14 Sep 2023 01:48:34 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 09A0 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.76.98 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f2.1e100.net
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 01:33:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
874
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Thu, 14 Sep 2023 02:33:59 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 2FB2 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.turtlediary.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28d89c66242d96982c837c3103367c72ffcf1a67bfcbe362947042b13bb3ee18

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8064f7e87951a937-SYD
content-encoding
br
content-type
text/html
date
Thu, 14 Sep 2023 01:48:34 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N34My252EXBXUucW1VCnN77x5abS026Tjc8o155PsAQDOYSalqGCb6uF51eEHbAYYq3RrpQOpYL%2B4k57FwK8lfgFVhvKrWSWk1lRCZdLoOQiIow8oyCGDgf%2F3vPPxobNp%2B2B7a5YM%2Fg5kg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame D53A 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.204.65.234 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-204-65-234.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
9fe481341c930df1c801975b234c48b8d1b3a8b5dc11252db5a39964fc697d35

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Date
Thu, 14 Sep 2023 01:48:33 GMT
Content-Encoding
gzip
Last-Modified
Wed, 13 Sep 2023 13:59:10 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=43838
Connection
keep-alive
Content-Length
10523
Expires
Thu, 14 Sep 2023 13:59:11 GMT
setuid
ib.adnxs.com/prebid/ Frame 7286 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=0&gdpr_consent=&uid=4504996329023759877773
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.178 , Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:34 GMT
an-x-request-uuid
15cdf3bd-75aa-4351-a3be-b2dd3eb37b1d
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
66.203.112.163; 66.203.112.163; 591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ib.adnxs.com/prebid/ Frame 7286 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=4504996329023759877773
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.178 , Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:34 GMT
an-x-request-uuid
8f1f5ae6-2dc3-4559-801c-64ce75eacf86
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
66.203.112.163; 66.203.112.163; 591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
xuid
eb2.3lift.com/ Frame 7286
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://eb2.3lift.com/xuid?mid=3702&xuid=${ADELPHIC_CUID}&dongle=d54f&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3702&xuid=cac43a95-c82c-4eb6-98d7-a64822e54146&dongle=d54f&gdpr=0&gdpr_consent=
37 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3702&xuid=cac43a95-c82c-4eb6-98d7-a64822e54146&dongle=d54f&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 14 Sep 2023 01:48:34 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=3702&xuid=cac43a95-c82c-4eb6-98d7-a64822e54146&dongle=d54f&gdpr=0&gdpr_consent=
Date
Thu, 14 Sep 2023 01:48:34 GMT
Connection
keep-alive
X-CI-RTID
90925bb6-7633-4e5e-8dff-521de83f5500
Content-Length
149
Content-Type
text/html; charset=utf-8
xuid
eb2.3lift.com/ Frame 7286
Redirect Chain
  • https://ad.turn.com/r/cs?pid=49&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=4771&xuid=7070083900139243263&dongle=d407&gdpr=0&gdpr_consent=
37 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=4771&xuid=7070083900139243263&dongle=d407&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 14 Sep 2023 01:48:34 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=4771&xuid=7070083900139243263&dongle=d407&gdpr=0&gdpr_consent=
pragma
no-cache
date
Thu, 14 Sep 2023 01:48:33 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
xuid
eb2.3lift.com/ Frame 7286
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=PR6DaPhEJScs5_0EgUF8&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLE...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5KBJDMRDBKBUEK...
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=PR6DaPhEJScs5_0EgUF8
37 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=PR6DaPhEJScs5_0EgUF8
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 14 Sep 2023 01:48:35 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Thu, 14 Sep 2023 01:48:35 GMT
Content-Type
text/html; charset=utf-8
Location
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=PR6DaPhEJScs5_0EgUF8
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
xuid
eb2.3lift.com/ Frame 7286
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=13&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2319&xuid=0-56fb0a48-bff7-5bfd-49d4-c1de12a1912a$ip$66.203.112.163&dongle=4430
37 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2319&xuid=0-56fb0a48-bff7-5bfd-49d4-c1de12a1912a$ip$66.203.112.163&dongle=4430
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 14 Sep 2023 01:48:34 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=2319&xuid=0-56fb0a48-bff7-5bfd-49d4-c1de12a1912a$ip$66.203.112.163&dongle=4430
Date
Thu, 14 Sep 2023 01:48:34 GMT
Connection
keep-alive
Content-Length
140
Content-Type
text/html; charset=utf-8
sync
sync.srv.stackadapt.com/ Frame 7286 		43 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.srv.stackadapt.com/sync?nid=20&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.158.55.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-158-55-205.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Date
Thu, 14 Sep 2023 01:48:34 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
sync
sync.srv.stackadapt.com/ Frame 7286 		43 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.srv.stackadapt.com/sync?nid=114&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.158.55.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-158-55-205.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Date
Thu, 14 Sep 2023 01:48:34 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
xuid
eb2.3lift.com/ Frame 7286
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=83&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=83&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=54f426e3-d5f2-4258-b129-0dc2b4e34473-65026672-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=54f426e3-d5f2-4258-b129-0dc2b4e34473-65026672-5553&partner_url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3646%26xuid%3D54f4...
  • https://eb2.3lift.com/xuid?mid=3646&xuid=54f426e3-d5f2-4258-b129-0dc2b4e34473-65026672-5553&dongle=1fa5&gdpr=0&gdpr_consent=
37 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3646&xuid=54f426e3-d5f2-4258-b129-0dc2b4e34473-65026672-5553&dongle=1fa5&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 14 Sep 2023 01:48:34 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Thu, 14 Sep 2023 01:48:34 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://eb2.3lift.com/xuid?mid=3646&xuid=54f426e3-d5f2-4258-b129-0dc2b4e34473-65026672-5553&dongle=1fa5&gdpr=0&gdpr_consent=
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
iu3
s.amazon-adsystem.com/ Frame 7286
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=4504996329023759877773
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=4504996329023759877773&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=4504996329023759877773&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Thu, 14 Sep 2023 01:48:34 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
C3XFC46DNARXTG9CX6N8
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=4504996329023759877773&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame F523
Redirect Chain
  • https://i.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://us-u.openx.net/w/1.0/sd?id=537072979&val=pxhedKI41QGBt75
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072979&val=pxhedKI41QGBt75
Requested by
Host: freestar-d.openx.net
URL: https://freestar-d.openx.net/w/1.0/pd
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://freestar-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:34 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 14 Sep 2023 01:48:34 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-788-g55788f4#dev-temp-decrease-retargeting-updates-batch i-073c42d2ed4223780@ap-southeast-1a@dxedge-app-ap-southeast-1-prod-asg
Location
https://us-u.openx.net/w/1.0/sd?id=537072979&val=pxhedKI41QGBt75
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame F523
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZQJmcQAM9T8cEAA4
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZQJmcQAM9T8cEAA4
Requested by
Host: freestar-d.openx.net
URL: https://freestar-d.openx.net/w/1.0/pd
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://freestar-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:34 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by
cache-bfi-krnt7300030-BFI
pragma
no-cache
date
Thu, 14 Sep 2023 01:48:34 GMT
via
1.1 varnish
server
Varnish
x-timer
S1694656114.134246,VS0,VE0
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZQJmcQAM9T8cEAA4
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
6
tr.blismedia.com/v1/dpusync/ Frame F523
Redirect Chain
  • https://tr.blismedia.com/v1/api/sync/openx
  • https://eu-u.openx.net/w/1.0/sd?id=539732443&gdpr=&gdpr_consent=&val=6502667195A4A796B565A0D4BLIS&r=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2Fopenx%3Fpartner_device_id%3D6502667195A4A796B565...
  • https://tr.blismedia.com/v1/redirect/openx?partner_device_id=6502667195A4A796B565A0D4BLIS
  • https://pixel.rubiconproject.com/exchange/sync.php?p=blismedia
  • https://tr.blismedia.com/v1/dpusync/6?uid=LMIIHS1V-P-5LTY
49 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/dpusync/6?uid=LMIIHS1V-P-5LTY
Requested by
Host: freestar-d.openx.net
URL: https://freestar-d.openx.net/w/1.0/pd
Protocol
H3
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://freestar-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 01:48:34 GMT
cache-control
no-cache
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49
content-type
image/gif

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://tr.blismedia.com/v1/dpusync/6?uid=LMIIHS1V-P-5LTY
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f60a7260b0ebb7a40a81234af4a9e826
Expires
0
sd
jp-u.openx.net/w/1.0/ Frame F523
Redirect Chain
  • https://bk.r-ad.ne.jp/3/cs
  • https://jp-u.openx.net/w/1.0/sd?id=537097918&val=56M1mY00qBDHN006IpUN
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537097918&val=56M1mY00qBDHN006IpUN
Requested by
Host: freestar-d.openx.net
URL: https://freestar-d.openx.net/w/1.0/pd
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://freestar-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:34 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-store, no-cache
Date
Thu, 14 Sep 2023 01:48:34 GMT
Server
nginx
P3P
CP="NON DSP COR CURa ADMa DEVa CUSo TAIa PSDo OUR BUS UNI COM NAV STA"
location
//jp-u.openx.net/w/1.0/sd?id=537097918&val=56M1mY00qBDHN006IpUN
cache-control
private, no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
X-SID
159f32b0
pxd
dps.jp.cinarra.com/ Frame F523 		0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dps.jp.cinarra.com/pxd?PLATFORM_ID=1&USER_ID=618bf753-57b8-80ce-e1ba-ed21e084a1b8
Requested by
Host: freestar-d.openx.net
URL: https://freestar-d.openx.net/w/1.0/pd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.75.96.169 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-75-96-169.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://freestar-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 01:48:34 GMT
content-length
0
93fe0c17-d9c1-e8cb-da65-49808c4fd30f
pr-bh.ybp.yahoo.com/sync/openx/ Frame F523 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/93fe0c17-d9c1-e8cb-da65-49808c4fd30f?gdpr=0
Requested by
Host: freestar-d.openx.net
URL: https://freestar-d.openx.net/w/1.0/pd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.169.195.178 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-169-195-178.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://freestar-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 01:48:34 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
openx
cs.nex8.net/cs/ Frame F523 		0
0
dds
rtb.openx.net/sync/ Frame F523
Redirect Chain
  • https://rtb.openx.net/sync/dds
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=2G_gb-Drw6wNxhPCoAEk_A==&ox_sc=1&ox_init=1
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
43 B
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by
Host: freestar-d.openx.net
URL: https://freestar-d.openx.net/w/1.0/pd
Protocol
H3
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://freestar-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:34 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43

Redirect headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:34 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
249
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
send
sync-dsp.ad-m.asia/dsp/api/sync/ Frame F523 		43 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=openx
Requested by
Host: freestar-d.openx.net
URL: https://freestar-d.openx.net/w/1.0/pd
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
220.150.223.50 , Japan, ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP),
Reverse DNS
50.223.150.220.in-addr.arpa
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://freestar-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Sep 2023 01:48:35 GMT
Server
nginx
Content-Type
image/gif
Cache-Control
no-store,no-cache
Connection
close
Content-Length
43
expires
-1
sd
us-u.openx.net/w/1.0/ Frame F523
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=4259837732660053759&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=4259837732660053759&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: freestar-d.openx.net
URL: https://freestar-d.openx.net/w/1.0/pd
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://freestar-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:34 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=4259837732660053759&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Thu, 14 Sep 2023 01:48:33 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
liveView.php
live.primis.tech/live/ 		0
418 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTM2JaNypaZypyRcoWU9MTY5NDY1NwEkMSZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTE0NTY0JaN0YT0jJat9NDAjJax9MwplJaZcZF9jYXNmRG9gYWyhPXq3ql50qXJ0oGVxnWFlrS5wo20zp3VvSWQ9q3q3LaR1paRfZWRcYXJ5LzNioSZxZWJ1Z0yhZz9loWF0nW9hPUFCVCUlMCUlRvUlME9NSURMnW1cqGVxRGVjoG95JTIjJTJGJTIjMSUlMCUlRvUlMGFwqGy2ZSZcp0FjpD0jJaNxn3Y9JaVmZXJJpEFxZHI9NwYhMwAmLwEkMv4kNwMzqXNypyVBPU1irzyfoGEyMxY1LwAyMwAyMwuXnW5xo3qmJTIjTyQyMwAkMC4jJTNCJTIjV2yhNwQyM0IyMwB4NwQyMwxyMwBBpHBfZVqyYxgcqCUlRwUmNl4mNvUlMCUlOEgIVE1MJTJDJTIjoGyeZSUlMEqyY2giJTI5JTIjQ2ulo21yJTJGMTE2LwAhNTt0NS4kODpyMwBTYWZupzxyMxY1MmphMmYzY3N1qWyxPTY1MDI2NwZyOWM5ZDQzY29hqGVhqEZcoGVJZD0jJz1yZGyuUGkurUkcp3RJZD0jJz1yZGyuTGymqEyxPTAzZ2Rjpw0jJzqxpHJDo25mZW50PSZcp1qyUGFmp0qxpHI9MSZwY3BuPTAzY2NjYUNioaNyoaQ9JzNvqXN0ZXI9MTY5NDY1NwEkNDA5MSZ1nWQ9U2VenW5xo1NQoGF5ZXI2NTAlNwY2ZwM4Nwt1JaB1YyVloD1bqHRjplUmQSUlRvUlRaq3ql50qXJ0oGVxnWFlrS5wo20yMxYzZzkiYXRTqGF0qXM9qHJ1ZSZynWRmpD1cnXEzpHucZD0kNwQ1NwIlODEj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-19.sin5.r.cloudfront.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:33 GMT
content-encoding
gzip
via
1.1 101fe44f3abacff135b2a73264d75b1e.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SIN5-C1
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
x-amz-cf-id
7dbcZTceKi0lwtbhSDFbfO_AzJ9Z_bbv7u8apJT33glONelOOzt0Bg==
prebid
id5-sync.com/api/config/ Frame 73E2 		135 B
548 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_13.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
25359cb3d49c2e00cb2e97f95643ee30748d54c33daa11c9c6fb0d2b519dfffa
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.turtlediary.com
date
Thu, 14 Sep 2023 01:48:33 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ Frame 73E2 		0
0
rid
match.adsrvr.org/track/ Frame 73E2 		108 B
764 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=j6w8ta9&fmt=json
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_13.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
78b01f529f300435bb357b3739d7cfcff5bb7b9fde2fe1ef5938f20b6fd5af0f

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 14 Sep 2023 01:48:34 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.turtlediary.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Sat, 14 Oct 2023 01:48:34 GMT
ixmatch.html
js-sec.indexww.com/um/ Frame 779D 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_13.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.turtlediary.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
592
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
8064f7e91ef3aadd-SYD
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 14 Sep 2023 01:48:34 GMT
expires
Thu, 14 Sep 2023 05:48:34 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6939 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_13.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.215.59.10 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-215-59-10.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://www.turtlediary.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=114897
content-encoding
gzip
content-length
5606
content-type
text/html
date
Thu, 14 Sep 2023 01:48:34 GMT
expires
Fri, 15 Sep 2023 09:43:31 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
458249.gif
idsync.rlcdn.com/ Frame 73E2
Redirect Chain
  • https://idsync.rlcdn.com/712068.gif?partner_uid=d92a179a-512b-4bde-a7d3-e5517625d63a
  • https://idsync.rlcdn.com/1000.gif?memo=CIS7KxIwCiwIARCPoAoaJGQ5MmExNzlhLTUxMmItNGJkZS1hN2QzLWU1NTE3NjI1ZDYzYRAAGg0I8syJqAYSBQjoBxAAQgBKAA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=71eb096a0d62f02a5c309c19bc251318a1f53c3b872a4d6a0f1f53b1ab9a28ff791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA3MWViMDk2YTBkNjJmMDJhNWMzMDljMTliYzI1MTMxOGExZjUzYzNiODcyYTRkNmEwZjFmNTNiMWFiOWEyOGZmNzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA3MWViMDk2YTBkNjJmMDJhNWMzMDljMTliYzI1MTMxOGExZjUzYzNiODcyYTRkNmEwZjFmNTNiMWFiOWEyOGZmNzkxNDI2YjU0MTdkY2UyMRAAGgwI8syJqAYSBAgCEABCAEoA&goog...
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
  • https://idsync.rlcdn.com/458249.gif?partner_uid=1b0e3ee4-ed50-4337-8e6d-26fede73ddc8
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/458249.gif?partner_uid=1b0e3ee4-ed50-4337-8e6d-26fede73ddc8
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 01:48:35 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/458249.gif?partner_uid=1b0e3ee4-ed50-4337-8e6d-26fede73ddc8
date
Thu, 14 Sep 2023 01:48:34 GMT
via
1.1 google
x-samesite
secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
content-type
text/html; charset=utf-8
61a0f1b13e777ee04eb4b6576c80bba
pr-bh.ybp.yahoo.com/sync/stickyads/ Frame 73E2
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=61a0f1b13e777ee04eb4b6576c80bba&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bu...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=umw8f0c_7279619612244917751&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=8fe62721-aec1-4b0f-a07d-1b94d52b81c8&gdpr=0&gdpr_consent=
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=61a0f1b13e777ee04eb4b6576c80bba&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bu...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=umw8f0c_7279619612244917751&gdpr=0&gdpr_consent=
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/61a0f1b13e777ee04eb4b6576c80bba?gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-_o9BD3BE2oOq2iiWrOy_SBOC.t3C0iwuDTgMNU5J~A
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=61a0f1b13e777ee04eb4b6576c80bba&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bu...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=umw8f0c_7279619612244917751&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=NjFhMGYxYjEzZTc3N2VlMDRlYjRiNjU3NmM4MGJiYQ==&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEELEjc1AbK4e7EHqWeeDTBs&google_cver=1&gdpr=0&gdpr_consent=
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=61a0f1b13e777ee04eb4b6576c80bba&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bu...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=umw8f0c_7279619612244917751&gdpr=0&gdpr_consent=
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/61a0f1b13e777ee04eb4b6576c80bba?gdpr=0&gdpr_consent=
0
0
v1
match.sharethrough.com/sync/ Frame 73E2
Redirect Chain
  • https://secure.adnxs.com/getuid?https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=$UID
  • https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=4379871299077307740
68 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=4379871299077307740
Protocol
H2
Server
18.139.97.117 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-139-97-117.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 01:48:34 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:34 GMT
an-x-request-uuid
fa4e5023-57de-4cd1-9a8a-b802d97a51c5
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=4379871299077307740
x-proxy-origin
66.203.112.163; 66.203.112.163; 591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cksync.php
contextual.media.net/ Frame 73E2
Redirect Chain
  • https://sync.1rx.io/usersync2/sharethrough
  • https://ad.turn.com/r/cs?pid=45&rndcb=1079788865
  • https://sync.1rx.io/usersync/turn/7430371870328882943?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-733db2ff-9718-4cc6-97df-a1f9e154259a-004?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3376577122889957000V10%26type%3Dr1%2...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3376577122889957000V10&type=r1&refUrl=&vid=46561142953376577122889957000V10&ovsid=RX-733db2ff-9718-4cc6-97df-a1f9e154259a-004
53 B
470 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3376577122889957000V10&type=r1&refUrl=&vid=46561142953376577122889957000V10&ovsid=RX-733db2ff-9718-4cc6-97df-a1f9e154259a-004
Protocol
H2
Server
23.204.64.24 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-204-64-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 14 Sep 2023 01:48:35 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Thu, 14 Sep 2023 01:48:35 GMT

Redirect headers

location
https://contextual.media.net/cksync.php?cs=8&vsid=3376577122889957000V10&type=r1&refUrl=&vid=46561142953376577122889957000V10&ovsid=RX-733db2ff-9718-4cc6-97df-a1f9e154259a-004
date
Thu, 14 Sep 2023 01:48:35 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX733db2ff97184cc697dfa1f9e154259a004
content-type
text/html
v1
match.sharethrough.com/sync/ Frame 73E2
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=8fe62721-aec1-4b0f-a07d-1b94d52b81c8&gdpr=0&gdpr_consent=
68 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=8fe62721-aec1-4b0f-a07d-1b94d52b81c8&gdpr=0&gdpr_consent=
Protocol
H2
Server
18.139.97.117 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-139-97-117.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 01:48:34 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:34 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=8fe62721-aec1-4b0f-a07d-1b94d52b81c8&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
v1
match.sharethrough.com/sync/ Frame 73E2
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/shr?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/shr?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFaG0wN0tCTTBBQUNUbEdfR253UQ&gdpr=0&gdpr_consent=&bee_sync_partners=pm%2Cpp%2Csas%2Cshr&bee_sync_current_partner=adx&b...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pm%2Cpp%2Csas%2Cshr&bee_sync_current_partner=adx&bee_sync_initiator=shr&bee_sync_hop_count=1
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFQWE7KBM0AACRJppVvKw&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Csas%2Cshr&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2
  • https://bh.contextweb.com/bh/rtset?ev=AAFQWE7KBM0AACRJppVvKw&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cshr%26bee_sync_current_partner%3Dpp%...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cshr&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAFQWE7KBM0AACRJppVvKw&pid=558502&do=add&gdpr=0
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAFQWE7KBM0AACRJppVvKw&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dshr%26bee_sync_...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=shr&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=4&userid=2645321459625716905&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=vyXkw8rSq3j4JmKvTgxR3x1c&source_user_id=AAFQWE7KBM0AACRJppVvKw&gdpr=0
68 B
606 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=vyXkw8rSq3j4JmKvTgxR3x1c&source_user_id=AAFQWE7KBM0AACRJppVvKw&gdpr=0
Protocol
H2
Server
18.139.97.117 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-139-97-117.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 01:48:36 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

location
https://match.sharethrough.com/sync/v1?source_id=vyXkw8rSq3j4JmKvTgxR3x1c&source_user_id=AAFQWE7KBM0AACRJppVvKw&gdpr=0
Date
Thu, 14 Sep 2023 01:48:36 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 1BEC 		156 B
278 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F21734706084%2C22604498342%2C5358318%2Ffreestario&description_url=https%3A%2F%2Fwww.turtlediary.com%2F&env=vp&correlator=3962095941292120&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&sz=1x1%7C213x120&unviewed_position_start=1&ad_rule=0&cust_params=prmsig%3Dmzaqqc&sdkv=h.3.589.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&adk=422393875&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.589.0&sid=D74E4FDC-6EF8-4E98-8B01-29DA1435E51C&a3p=EhsKDGlkNS1zeW5jLmNvbRiaxYCLqTFIAFICCGoSWgoNY3J3ZGNudHJsLm5ldBJAMjViZTJjN2U2ODZmNGQzZmUwZjE5YWRhNWU5YjE2ZDUzOTM4NjdlNWMyMzI4NzA5NTc5YzVjYjlmZWNjMjk2NRjZv4CLqTFIABIZCgpwdWJjaWQub3JnGOLBgIupMUgAUgIIahIXCghydGJob3VzZRi3voCLqTFIAFICCGoSHQoOZXNwLmNyaXRlby5jb20Y-buAi6kxSABSAghkEj4KBW9wZW54EixleUpwSWpvaU1VcFdWa04xUkhGU1dGZDRXa3BsWkVaNk9IUjFkejA5SW4wPRj3voCLqTFIAA..&nel=0&eid=44752711%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44800470&ref=https%3A%2F%2Fwww.turtlediary.com%2F&url=https%3A%2F%2Fwww.turtlediary.com%2F&dt=1694656114106&cookie=ID%3Dc0b2cc5414f6f0cb%3AT%3D1694656110%3ART%3D1694656110%3AS%3DALNI_MZBRQVPDt5uho-A3dgdRLQkTqfYPQ&gpic=UID%3D00000c44b62aeffb%3AT%3D1694656110%3ART%3D1694656110%3AS%3DALNI_MY3UKfVuv1rLQd8wKpvMrx_wllMhw&scor=556428876827724&ged=ve4_td3_er965.-1810.1118.-1510_vi0.0.1200.1600_vp0_eb16488
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.589.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.226 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 01:48:34 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 9273 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.turtlediary.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77456548aec3d4af11d3d001295d61090291b8703febf0cd28e185fc79d368a5

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8064f7e94a38a937-SYD
content-encoding
br
content-type
text/html
date
Thu, 14 Sep 2023 01:48:34 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rR8rL2q4MfJiy06K7bBzouhcAlr2QlQ3MgdLPn3D8XHghr4QLmOyLRDSEk7uVPNnnXwjb%2FDGISuq%2BS86qjM62D%2Foll7Zkt8CUk%2Fwz5ADguXlSM8vH3tENfk21STuaTWvg%2FsmpbsXSsY0EQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
w_480_00002.ts
video.primis.tech/uploads/cn22/video/users/hls/24485/video1516546936/vid5db1bf203d874232205358.mp4/ 		455 KB
456 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn22/video/users/hls/24485/video1516546936/vid5db1bf203d874232205358.mp4/w_480_00002.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.246.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-246-94.sfo5.r.cloudfront.net
Software
nginx /
Resource Hash
ea72b22aea78594989668caae3743b8fe58f564d8fe8dec4b3d9e504f9f86ef4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 00:14:45 GMT
via
1.1 6c6707b9b2a2151353d87b53eeed3030.cloudfront.net (CloudFront), 1.1 88eccec4c36b443b42b3988f57d3bebe.cloudfront.net (CloudFront)
x-amz-cf-pop
DFW53-C1, SFO5-P1
age
5629
x-cache
Hit from cloudfront
content-length
466240
last-modified
Wed, 18 Aug 2021 02:54:41 GMT
server
nginx
etag
"7d86d92246cb78a015d14d7afb58c04f"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
ffZf7Y4IThDKMD_jx796weIzgNP4FoHmrKZmANk73p3C7ZdiHetkYw==
expires
Thu, 28 Sep 2023 00:14:45 GMT
crum
dsum-sec.casalemedia.com/ Frame 2FB2
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4379871299077307740
43 B
729 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4379871299077307740
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.turtlediary.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:34 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iqP7WfV56yBm3JX1Ew1cuEahAEhHWH1264RYOZ1QywPdMgxhJwHYxsexEVL200TnShr09ba2o2CRpzio0NX76N7F3DVPxsYTByEFdjlpDJv36lAmdj%2FRbUYgBtxyrrCq9XdM8A6NQmHNMw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8064f7eaacaaa937-SYD
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:34 GMT
an-x-request-uuid
9e9b6ff4-cf13-4589-9f7f-b314ccf400e3
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4379871299077307740
x-proxy-origin
66.203.112.163; 66.203.112.163; 591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
ZQJmcK6YaIc9CuPdC5Nm1wAAElEAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 2FB2
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZQJmcK6YaIc9CuPdC5Nm1wAAElEAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZQJmcK6YaIc9CuPdC5Nm1wAAElEAAAAB
43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZQJmcK6YaIc9CuPdC5Nm1wAAElEAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.turtlediary.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
54.169.195.178 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-169-195-178.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 01:48:34 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/ZQJmcK6YaIc9CuPdC5Nm1wAAElEAAAAB
date
Thu, 14 Sep 2023 01:48:34 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame 2FB2
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAI6YU7KBM0AACR-q6IW4A&expiration=1695865714
43 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAI6YU7KBM0AACR-q6IW4A&expiration=1695865714
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.turtlediary.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:34 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xl56oh6zBuYG8xmJ2xKK0%2BAL6kSEKj5hzdeVp1935nq4UW30xr2w5U3kyjpWw8PDKK2RR0IQuhU8Xokgw6MnIOZMQcnhepiE%2FZwGzrGnN66uY58xVycr1uGkhb1W%2BJeldwdxI42nYD6bCg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8064f7ed88d5a937-SYD
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAI6YU7KBM0AACR-q6IW4A&expiration=1695865714
Date
Thu, 14 Sep 2023 01:48:34 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
rum
dsum-sec.casalemedia.com/ Frame 2FB2
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZQJmcQAM9T8cEAA4
43 B
729 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZQJmcQAM9T8cEAA4
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.turtlediary.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:34 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7mWVCbqhOOQzk9mVjcdTjJfS5GWb0vICdj%2FISAa386SKQY0CO8RXBPdGX33rZsh1JFHmiMBnyb0DUaJ7iB1RvWpoklpQtKDDYeVw2UF81KaknlMKS20AxcEE1W8owqyFGxYDoENt5uN4jw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8064f7ea7c3fa937-SYD
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

x-served-by
cache-bfi-krnt7300030-BFI
pragma
no-cache
date
Thu, 14 Sep 2023 01:48:34 GMT
via
1.1 varnish
server
Varnish
x-timer
S1694656114.215976,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZQJmcQAM9T8cEAA4
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
demconf.jpg
dpm.demdex.net/ Frame 2FB2
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZQJmcK6YaIc9CuPdC5Nm1wAA%264689?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZQJmcK6YaIc9CuPdC5Nm1wAA%264689
42 B
944 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZQJmcK6YaIc9CuPdC5Nm1wAA%264689
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.turtlediary.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
13.236.213.182 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-236-213-182.ap-southeast-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

DCS
dcs-prod-apse2-2-v049-08125fbde.edge-apse2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
077MHiePTAQ=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-apse2-2-v049-080c1857d.edge-apse2.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
fkeucvw7RXE=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZQJmcK6YaIc9CuPdC5Nm1wAA%264689
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
crum
dsum-sec.casalemedia.com/ Frame 2FB2
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=2645321459625716905&gdpr=0&gdpr_consent=
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=2645321459625716905&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.turtlediary.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:34 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PRPPiW4qz8m4D%2BOYLHI%2FkVnumaS44dsCRHPUh%2FTEu21abuzKzgYa%2BZtr1mwlPPyMM2GYVxjMGUOsV7bUZf%2BQ2RxFcGhTJtTl211IfCubNB7uzRBA4uBfDInMaPcnYoMtv1yEU7LniuDu8A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8064f7ea1b5aa937-SYD
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=2645321459625716905&gdpr=0&gdpr_consent=
date
Thu, 14 Sep 2023 01:48:33 GMT
content-length
0
rum
dsum-sec.casalemedia.com/ Frame 2FB2
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4187780138622125823
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4187780138622125823
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.turtlediary.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:34 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xUjNiOGQxoKUWy6F0zxjyLNLl4re%2FCAXzJ0IvWmYTnfgq1IO9BSXvhQUQ3gRF%2BbMljAReydJc2xx8rJSc9g91zY620%2BEABrjpCgZqC42eY%2FFp6Luyc2WEaQpcdf5EonrXj7Iwsd472%2BvVg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8064f7ed3866a937-SYD
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4187780138622125823
pragma
no-cache
date
Thu, 14 Sep 2023 01:48:33 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
usermatchredir
ssum-sec.casalemedia.com/ Frame 2FB2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZQJmcK6YaIc9CuPdC5Nm1wAAElEAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEG7yksv3rFrw_nuPJkoMbnU&google_cver=1
43 B
740 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEG7yksv3rFrw_nuPJkoMbnU&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.turtlediary.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:34 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YVXE%2B4RABlnGj8O7092HAofOxhtqszpzOc9rJ%2B%2BYZxP%2BGOeVmwPxke%2Fy%2FrILQ8r9HaJBk%2Fq532D1psoDixvuXSiteCGyf8gzjGuLMug7wB7Z%2FPVDs6jCKcOb8eQ5WC%2BrzYcgyIXiQIoC3g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8064f7ea2b63a937-SYD
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:34 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEG7yksv3rFrw_nuPJkoMbnU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame 2FB2 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZQJmcK6YaIc9CuPdC5Nm1wAA%264689
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.turtlediary.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 01:48:34 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
18534
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
8064f7e96f4daadd-SYD
content-length
43
expires
Fri, 15 Sep 2023 01:48:34 GMT
ecm3
aax-eu.amazon-adsystem.com/s/ Frame D53A
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=KYBWCbN0R_-RqEukiD3x-w&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=KYBWCbN0R_-RqEukiD3x-w
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=KYBWCbN0R_-RqEukiD3x-w
Protocol
HTTP/1.1
Server
67.220.224.144 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Sep 2023 01:48:36 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
QN7NMHD3EG8MPKSZCG9T
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=KYBWCbN0R_-RqEukiD3x-w
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
808ed95536e7f55d8adbcb9fc76d309d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame D53A
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/Y80wzcSbT78x_sbtNPvusw?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-CORx_49E2oKkaSpRSv.kJ05PTCRieGfZ2Klf9g--~A
42 B
774 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-CORx_49E2oKkaSpRSv.kJ05PTCRieGfZ2Klf9g--~A
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
dedf7fc216a5bbc739a54325e875a79f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Thu, 14 Sep 2023 01:48:35 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-CORx_49E2oKkaSpRSv.kJ05PTCRieGfZ2Klf9g--~A
content-length
0
tap.php
pixel.rubiconproject.com/ Frame D53A
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=8fe62721-aec1-4b0f-a07d-1b94d52b81c8&gdpr=0&gdpr_consent=&expires=30
42 B
774 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=8fe62721-aec1-4b0f-a07d-1b94d52b81c8&gdpr=0&gdpr_consent=&expires=30
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
6690dc791bf02dde8c4051a04cfd7bb8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:34 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=8fe62721-aec1-4b0f-a07d-1b94d52b81c8&gdpr=0&gdpr_consent=&expires=30
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
289
ecm3
s.amazon-adsystem.com/ Frame D53A
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Qpn5uBcRS7-ZkyxUMm_qTw&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Qpn5uBcRS7-ZkyxUMm_qTw
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Qpn5uBcRS7-ZkyxUMm_qTw
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Sep 2023 01:48:35 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
RJF4ME8VXRFKCR3JJTVM
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Qpn5uBcRS7-ZkyxUMm_qTw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0d2bd05215470efb17ae41aff76c3f98
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame D53A
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZWU4ZGQ5ZGQyZDhlOGI3ODhmYzM2NTczMGE3NTIzZTczZDY0YmM5OA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZWU4ZGQ5ZGQyZDhlOGI3ODhmYzM2NTczMGE3NTIzZTczZDY0YmM5OA
Protocol
H3
Server
172.217.167.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZWU4ZGQ5ZGQyZDhlOGI3ODhmYzM2NTczMGE3NTIzZTczZDY0YmM5OA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0ed95c36ed1932be3ba76fc523a6e179
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame D53A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDM_RW9xlSsYjgTE53qzbW8&google_cver=1
42 B
774 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDM_RW9xlSsYjgTE53qzbW8&google_cver=1
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
548ddf114c6f6bfbb66a4cdeb6a219f4
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:34 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDM_RW9xlSsYjgTE53qzbW8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
px.ads.linkedin.com/ Frame D53A
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LMIIHS1V-P-5LTY
0
144 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LMIIHS1V-P-5LTY
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 01:48:35 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: A8DB99A1C59B42B6B470A08BCE0AFA53 Ref B: SYD03EDGE2111 Ref C: 2023-09-14T01:48:34Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYFR9/BRLJZb6GcriP4xg==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LMIIHS1V-P-5LTY
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
94869a3d6d62a785bc2a9351b08a70bb
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame D53A
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE1JSUhTMVYtUC01TFRZ
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEImAXklDfMlHUGppMT72vpY&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE1JSUhTMVYtUC01TFRZ&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE1JSUhTMVYtUC01TFRZ&google_push=
Protocol
H3
Server
172.217.167.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE1JSUhTMVYtUC01TFRZ&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c80248407eff6cf595ce43a76c04e23f
Expires
0
pubcid.php
hbx.media.net/ Frame 8E6E 		57 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hbx.media.net/pubcid.php?itype=HB&cb=window.advBidxc.mnetCoRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=233%2C157%2C2027%2C159%2C2026%2C236%2C357%2C237%2C117%2C359%2C97%2C55%2C99%2C56%2C59%2C3012%2C201%2C246%2C4%2C126%2C203%2C446%2C9%2C2099%2C173%2C294%2C251%2C175%2C450%2C178%2C3017%2C214%2C3016%2C337%2C338%2C459%2C339%2C77%2C38%2C141%2C262%2C461%2C222%2C345%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.215.59.229 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-215-59-229.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7b48a74fa0f94d83ae6d60c772f5e7aa66e7be1b63ccf223ca14e34d3d7b0d22
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
content-encoding
gzip
date
Thu, 14 Sep 2023 01:48:35 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=1800
content-length
18543
x-mnet-hl2
E
expires
Thu, 14 Sep 2023 02:18:35 GMT
sync
gum.criteo.com/ Frame 8E6E 		88 B
328 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?r=2&c=321&gdpr=0&gdpr_pd=0&gdpr_consent=&us_privacy=&j=window.advBidxc.mnetRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=233%2C157%2C2027%2C159%2C2026%2C236%2C357%2C237%2C117%2C359%2C97%2C55%2C99%2C56%2C59%2C3012%2C201%2C246%2C4%2C126%2C203%2C446%2C9%2C2099%2C173%2C294%2C251%2C175%2C450%2C178%2C3017%2C214%2C3016%2C337%2C338%2C459%2C339%2C77%2C38%2C141%2C262%2C461%2C222%2C345%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
20c921c4ec3c7ff80a71a1f8260ffe33e8f6f86975435a2bc76e88da02dc7d48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 01:48:34 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
1335455
expires
60
usync.html
eus.rubiconproject.com/ Frame E60D
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet
  • https://eus.rubiconproject.com/usync.html?p=medianet
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=medianet
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=233%2C157%2C2027%2C159%2C2026%2C236%2C357%2C237%2C117%2C359%2C97%2C55%2C99%2C56%2C59%2C3012%2C201%2C246%2C4%2C126%2C203%2C446%2C9%2C2099%2C173%2C294%2C251%2C175%2C450%2C178%2C3017%2C214%2C3016%2C337%2C338%2C459%2C339%2C77%2C38%2C141%2C262%2C461%2C222%2C345%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.204.65.234 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-204-65-234.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 14 Sep 2023 01:48:34 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 14 Sep 2023 01:48:34 GMT
location
https://eus.rubiconproject.com/usync.html?p=medianet
server
AkamaiGHost
cksync.html
contextual.media.net/ Frame 1076
Redirect Chain
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3376577122889957000V10%26type%3Drkt%26refUrl%3D%26vid%3D465611429533765771228899570...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3376577122889957000V10&type=rkt&refUrl=&vid=46561142953376577122889957000V10&ovsid=2018245966358085774
227 B
650 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3376577122889957000V10&type=rkt&refUrl=&vid=46561142953376577122889957000V10&ovsid=2018245966358085774
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=233%2C157%2C2027%2C159%2C2026%2C236%2C357%2C237%2C117%2C359%2C97%2C55%2C99%2C56%2C59%2C3012%2C201%2C246%2C4%2C126%2C203%2C446%2C9%2C2099%2C173%2C294%2C251%2C175%2C450%2C178%2C3017%2C214%2C3016%2C337%2C338%2C459%2C339%2C77%2C38%2C141%2C262%2C461%2C222%2C345%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.204.64.24 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-204-64-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f40a964762f9dda40267c948eb46f52a0932a9629b57abb0801841af15e0bb35
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
227
content-type
text/html;charset=UTF-8
date
Thu, 14 Sep 2023 01:48:35 GMT
expires
Thu, 14 Sep 2023 01:48:35 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E

Redirect headers

Content-Length
0
Date
Thu, 14 Sep 2023 01:48:35 GMT
Location
https://contextual.media.net/cksync.html?cs=8&vsid=3376577122889957000V10&type=rkt&refUrl=&vid=46561142953376577122889957000V10&ovsid=2018245966358085774
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame FE00 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3376577122889957000V10%26type%3Dpba%26refUrl%3D%26vid%3D46561142953376577122889957000V10%26ovsid%3DPM_UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=233%2C157%2C2027%2C159%2C2026%2C236%2C357%2C237%2C117%2C359%2C97%2C55%2C99%2C56%2C59%2C3012%2C201%2C246%2C4%2C126%2C203%2C446%2C9%2C2099%2C173%2C294%2C251%2C175%2C450%2C178%2C3017%2C214%2C3016%2C337%2C338%2C459%2C339%2C77%2C38%2C141%2C262%2C461%2C222%2C345%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.215.59.10 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-215-59-10.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=114897
content-encoding
gzip
content-length
5606
content-type
text/html
date
Thu, 14 Sep 2023 01:48:34 GMT
expires
Fri, 15 Sep 2023 09:43:31 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
cksync.php
contextual.media.net/ Frame 8E6E
Redirect Chain
  • https://sync.go.sonobi.com/us?https://contextual.media.net/cksync.php?cs=8&vsid=3376577122889957000V10&type=son&refUrl=&vid=46561142953376577122889957000V10&ovsid=[UID]
  • https://contextual.media.net/cksync.php?cs=8&vsid=3376577122889957000V10&type=son&refUrl=&vid=46561142953376577122889957000V10&ovsid=26316e79-f7fe-484b-8290-f2925053d4f6
53 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3376577122889957000V10&type=son&refUrl=&vid=46561142953376577122889957000V10&ovsid=26316e79-f7fe-484b-8290-f2925053d4f6
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=233%2C157%2C2027%2C159%2C2026%2C236%2C357%2C237%2C117%2C359%2C97%2C55%2C99%2C56%2C59%2C3012%2C201%2C246%2C4%2C126%2C203%2C446%2C9%2C2099%2C173%2C294%2C251%2C175%2C450%2C178%2C3017%2C214%2C3016%2C337%2C338%2C459%2C339%2C77%2C38%2C141%2C262%2C461%2C222%2C345%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.204.64.24 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-204-64-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 14 Sep 2023 01:48:34 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Thu, 14 Sep 2023 01:48:34 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 14 Sep 2023 01:48:34 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-lax-1-5-39
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3376577122889957000V10&type=son&refUrl=&vid=46561142953376577122889957000V10&ovsid=26316e79-f7fe-484b-8290-f2925053d4f6
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
cksync.php
contextual.media.net/ Frame 8E6E
Redirect Chain
  • https://medianet-match.dotomi.com/match/bounce/current?version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3376577122889957000V10%26type%3Dcon%26refUrl...
  • https://medianet-match.dotomi.com/match/bounce/current?DotomiTest=a4058f6ef54253a&is_secure=true&version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D33...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3376577122889957000V10&type=con&refUrl=&vid=46561142953376577122889957000V10&ovsid=AAANT27vaAWuAANA1MiOAAAAAAA&expiration=1694742514&is_secure=true
53 B
459 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3376577122889957000V10&type=con&refUrl=&vid=46561142953376577122889957000V10&ovsid=AAANT27vaAWuAANA1MiOAAAAAAA&expiration=1694742514&is_secure=true
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=233%2C157%2C2027%2C159%2C2026%2C236%2C357%2C237%2C117%2C359%2C97%2C55%2C99%2C56%2C59%2C3012%2C201%2C246%2C4%2C126%2C203%2C446%2C9%2C2099%2C173%2C294%2C251%2C175%2C450%2C178%2C3017%2C214%2C3016%2C337%2C338%2C459%2C339%2C77%2C38%2C141%2C262%2C461%2C222%2C345%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.204.64.24 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-204-64-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 14 Sep 2023 01:48:34 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Thu, 14 Sep 2023 01:48:34 GMT

Redirect headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:34 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://contextual.media.net/cksync.php?cs=8&vsid=3376577122889957000V10&type=con&refUrl=&vid=46561142953376577122889957000V10&ovsid=AAANT27vaAWuAANA1MiOAAAAAAA&expiration=1694742514&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
cksync.html
contextual.media.net/ Frame 8E6E
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3376577122889957...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3376577122889957000V10&type=opx&refUrl=&vid=46561142953376577122889957000V10&ovsid=cf1503cc-e26d-4062-88fd-211bc1f78c9a
227 B
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3376577122889957000V10&type=opx&refUrl=&vid=46561142953376577122889957000V10&ovsid=cf1503cc-e26d-4062-88fd-211bc1f78c9a
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=233%2C157%2C2027%2C159%2C2026%2C236%2C357%2C237%2C117%2C359%2C97%2C55%2C99%2C56%2C59%2C3012%2C201%2C246%2C4%2C126%2C203%2C446%2C9%2C2099%2C173%2C294%2C251%2C175%2C450%2C178%2C3017%2C214%2C3016%2C337%2C338%2C459%2C339%2C77%2C38%2C141%2C262%2C461%2C222%2C345%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.204.64.24 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-204-64-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 14 Sep 2023 01:48:34 GMT
server
Apache
vary
Accept-Encoding
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
text/html;charset=UTF-8
cache-control
max-age=0, no-cache, no-store
content-length
227
x-mnet-hl2
E
expires
Thu, 14 Sep 2023 01:48:34 GMT

Redirect headers

date
Thu, 14 Sep 2023 01:48:34 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://contextual.media.net/cksync.html?cs=8&vsid=3376577122889957000V10&type=opx&refUrl=&vid=46561142953376577122889957000V10&ovsid=cf1503cc-e26d-4062-88fd-211bc1f78c9a
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cksync.php
contextual.media.net/ Frame 8E6E
Redirect Chain
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3376577122889957000V10%26type%3Dr1%26refUrl%3D%26vid%3D46561142953376577122...
  • https://ad.turn.com/r/cs?pid=45&rndcb=6761372214
  • https://sync.1rx.io/usersync/turn/3984833381878859519?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-733db2ff-9718-4cc6-97df-a1f9e154259a-004?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3376577122889957000V10%26type%3Dr1%2...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3376577122889957000V10&type=r1&refUrl=&vid=46561142953376577122889957000V10&ovsid=RX-733db2ff-9718-4cc6-97df-a1f9e154259a-004
53 B
470 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3376577122889957000V10&type=r1&refUrl=&vid=46561142953376577122889957000V10&ovsid=RX-733db2ff-9718-4cc6-97df-a1f9e154259a-004
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=233%2C157%2C2027%2C159%2C2026%2C236%2C357%2C237%2C117%2C359%2C97%2C55%2C99%2C56%2C59%2C3012%2C201%2C246%2C4%2C126%2C203%2C446%2C9%2C2099%2C173%2C294%2C251%2C175%2C450%2C178%2C3017%2C214%2C3016%2C337%2C338%2C459%2C339%2C77%2C38%2C141%2C262%2C461%2C222%2C345%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.204.64.24 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-204-64-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 14 Sep 2023 01:48:35 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Thu, 14 Sep 2023 01:48:35 GMT

Redirect headers

location
https://contextual.media.net/cksync.php?cs=8&vsid=3376577122889957000V10&type=r1&refUrl=&vid=46561142953376577122889957000V10&ovsid=RX-733db2ff-9718-4cc6-97df-a1f9e154259a-004
date
Thu, 14 Sep 2023 01:48:35 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX733db2ff97184cc697dfa1f9e154259a004
content-type
text/html
cksync.php
contextual.media.net/ Frame 8E6E
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3376577122889957000V10%26type%3Ddxu%26refUrl%3D%26vid%3D46561142953376577122889...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3376577122889957000V10&type=dxu&refUrl=&vid=46561142953376577122889957000V10&ovsid=pxhedKI41QGBt75
53 B
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3376577122889957000V10&type=dxu&refUrl=&vid=46561142953376577122889957000V10&ovsid=pxhedKI41QGBt75
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=233%2C157%2C2027%2C159%2C2026%2C236%2C357%2C237%2C117%2C359%2C97%2C55%2C99%2C56%2C59%2C3012%2C201%2C246%2C4%2C126%2C203%2C446%2C9%2C2099%2C173%2C294%2C251%2C175%2C450%2C178%2C3017%2C214%2C3016%2C337%2C338%2C459%2C339%2C77%2C38%2C141%2C262%2C461%2C222%2C345%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.204.64.24 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-204-64-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 14 Sep 2023 01:48:34 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Thu, 14 Sep 2023 01:48:34 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 14 Sep 2023 01:48:34 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-788-g55788f4#dev-temp-decrease-retargeting-updates-batch i-08484e0868f4eb06c@ap-southeast-1b@dxedge-app-ap-southeast-1-prod-asg
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3376577122889957000V10&type=dxu&refUrl=&vid=46561142953376577122889957000V10&ovsid=pxhedKI41QGBt75
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 8E6E
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}&gpp=&gpp_sid=&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type...
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=5ad7e647-26b3-46c1-a65b-3b39a5531475&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
53 B
615 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=5ad7e647-26b3-46c1-a65b-3b39a5531475&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=233%2C157%2C2027%2C159%2C2026%2C236%2C357%2C237%2C117%2C359%2C97%2C55%2C99%2C56%2C59%2C3012%2C201%2C246%2C4%2C126%2C203%2C446%2C9%2C2099%2C173%2C294%2C251%2C175%2C450%2C178%2C3017%2C214%2C3016%2C337%2C338%2C459%2C339%2C77%2C38%2C141%2C262%2C461%2C222%2C345%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.204.64.24 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-204-64-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 14 Sep 2023 01:48:34 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Thu, 14 Sep 2023 01:48:34 GMT

Redirect headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:33 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=5ad7e647-26b3-46c1-a65b-3b39a5531475&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
642844
content-length
0
expires
Thu, 14 Sep 2023 00:00:00 GMT
sync
odr.mookie1.com/t/v2/ Frame 8E6E
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=bdc66407-e883-4535-97dc-d865405e8882&ssp=medianet&gdpr=0&gdpr_consent=
42 B
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=bdc66407-e883-4535-97dc-d865405e8882&ssp=medianet&gdpr=0&gdpr_consent=
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=233%2C157%2C2027%2C159%2C2026%2C236%2C357%2C237%2C117%2C359%2C97%2C55%2C99%2C56%2C59%2C3012%2C201%2C246%2C4%2C126%2C203%2C446%2C9%2C2099%2C173%2C294%2C251%2C175%2C450%2C178%2C3017%2C214%2C3016%2C337%2C338%2C459%2C339%2C77%2C38%2C141%2C262%2C461%2C222%2C345%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
34.111.79.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
67.79.111.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 01:48:34 GMT
via
1.1 google
last-modified
Tue, 28 Jun 2022 14:08:50 GMT
server
nginx
etag
"62bb0b72-2a"
content-type
image/gif
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

Location
//odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=bdc66407-e883-4535-97dc-d865405e8882&ssp=medianet&gdpr=0&gdpr_consent=
Date
Thu, 14 Sep 2023 01:48:34 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cksync.php
contextual.media.net/ Frame 8E6E
Redirect Chain
  • https://b1sync.zemanta.com/usersync/medianet/?puid=${VSID}&cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dzem%26ovsid%3D__ZUID__https%3A%2F%2Fcontextual.media.net%2Fcksync.php...
  • https://stags.bluekai.com/site/23178?id=a3VMpG-DQSOzva5Gsq4y&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TD...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2MJGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPLBGNLE24CHFVCFCU2PPJ3GCNKHONYTI...
  • https://contextual.media.net/cksync.php?cs=1&ovsid=a3VMpG-DQSOzva5Gsq4yhttps%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8&ovsid=__ZUID__&refUrl=&type=zem&type=zem&vid=465611429533765771228899...
52 B
290 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&ovsid=a3VMpG-DQSOzva5Gsq4yhttps%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8&ovsid=__ZUID__&refUrl=&type=zem&type=zem&vid=46561142953376577122889957000V10&vsid=3376577122889957000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=233%2C157%2C2027%2C159%2C2026%2C236%2C357%2C237%2C117%2C359%2C97%2C55%2C99%2C56%2C59%2C3012%2C201%2C246%2C4%2C126%2C203%2C446%2C9%2C2099%2C173%2C294%2C251%2C175%2C450%2C178%2C3017%2C214%2C3016%2C337%2C338%2C459%2C339%2C77%2C38%2C141%2C262%2C461%2C222%2C345%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.204.64.24 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-204-64-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5f20338b9aab2f5f33562eb3b0b23d999896ce426cacd2231b4123510571df4e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 14 Sep 2023 01:48:35 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
52
x-mnet-hl2
E
expires
Thu, 14 Sep 2023 01:48:35 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 14 Sep 2023 01:48:35 GMT
Content-Type
text/html; charset=utf-8
Location
https://contextual.media.net/cksync.php?cs=1&ovsid=a3VMpG-DQSOzva5Gsq4yhttps%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8&ovsid=__ZUID__&refUrl=&type=zem&type=zem&vid=46561142953376577122889957000V10&vsid=3376577122889957000V10
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
284
Expires
Thu, 01 Dec 1994 16:00:00 GMT
cksync.php
contextual.media.net/ Frame 8E6E
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3376577122889957000V10
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3376577122889957000V10
  • https://contextual.media.net/cksync.php?type=mf&ovsid=1d26a40e-5f61-4df7-815a-249f7e5e2302&cs=1
53 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=mf&ovsid=1d26a40e-5f61-4df7-815a-249f7e5e2302&cs=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=233%2C157%2C2027%2C159%2C2026%2C236%2C357%2C237%2C117%2C359%2C97%2C55%2C99%2C56%2C59%2C3012%2C201%2C246%2C4%2C126%2C203%2C446%2C9%2C2099%2C173%2C294%2C251%2C175%2C450%2C178%2C3017%2C214%2C3016%2C337%2C338%2C459%2C339%2C77%2C38%2C141%2C262%2C461%2C222%2C345%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.204.64.24 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-204-64-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 14 Sep 2023 01:48:35 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Thu, 14 Sep 2023 01:48:35 GMT

Redirect headers

Location
//contextual.media.net/cksync.php?type=mf&ovsid=1d26a40e-5f61-4df7-815a-249f7e5e2302&cs=1
Date
Thu, 14 Sep 2023 01:48:35 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
710489.gif
id.rlcdn.com/ Frame 8E6E 		42 B
288 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/710489.gif
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=233%2C157%2C2027%2C159%2C2026%2C236%2C357%2C237%2C117%2C359%2C97%2C55%2C99%2C56%2C59%2C3012%2C201%2C246%2C4%2C126%2C203%2C446%2C9%2C2099%2C173%2C294%2C251%2C175%2C450%2C178%2C3017%2C214%2C3016%2C337%2C338%2C459%2C339%2C77%2C38%2C141%2C262%2C461%2C222%2C345%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 01:48:34 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
cksync
cs.media.net/ Frame 8E6E
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=8fe62721-aec1-4b0f-a07d-1b94d52b81c8
53 B
629 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=8fe62721-aec1-4b0f-a07d-1b94d52b81c8
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=233%2C157%2C2027%2C159%2C2026%2C236%2C357%2C237%2C117%2C359%2C97%2C55%2C99%2C56%2C59%2C3012%2C201%2C246%2C4%2C126%2C203%2C446%2C9%2C2099%2C173%2C294%2C251%2C175%2C450%2C178%2C3017%2C214%2C3016%2C337%2C338%2C459%2C339%2C77%2C38%2C141%2C262%2C461%2C222%2C345%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Server
23.215.59.229 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-215-59-229.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Sep 2023 01:48:34 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
53
x-mnet-hl2
E
Expires
Thu, 14 Sep 2023 01:48:34 GMT

Redirect headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:34 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=8fe62721-aec1-4b0f-a07d-1b94d52b81c8
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
199
crum
dsum-sec.casalemedia.com/ Frame 9273
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1710380914&external_user_id=523937bd-889d-4bbd-b005-e75b74a013fa
43 B
729 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1710380914&external_user_id=523937bd-889d-4bbd-b005-e75b74a013fa
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.turtlediary.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:34 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4GKKppzeUYRjnNEQm9MUuCX9RKkqW4f8Fn5Iybq3d5w8AL8vt8UkvklaJDGeLfeX2pvzDXeellO1qW1s8W250qoqM2volwiMIpu7f9Jh5hqgao07%2FSYVvlVbNsCmiWhhi%2FiX7wi7GhY2pg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8064f7ebce5da937-SYD
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Thu, 14 Sep 2023 01:48:34 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1710380914&external_user_id=523937bd-889d-4bbd-b005-e75b74a013fa
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
crum
dsum-sec.casalemedia.com/ Frame 9273
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=62585BD686A14631B68DFA0C90655AFC
43 B
728 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=62585BD686A14631B68DFA0C90655AFC
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.turtlediary.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:34 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a2F1nSGYCUYt1N7CUtYiMstBvH39pQiatEmrruRFi4XTU1ewz52AL8cHdfaze8MGFjLhyxoQiByFYMNMByJFFEQacuZl1zqMWsTGLFtkLalhd%2BOs1UVEFHQbr8Z1TnMXtS2PYxF3fhtNZA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8064f7eb1d78a937-SYD
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Thu, 14 Sep 2023 01:48:34 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=62585BD686A14631B68DFA0C90655AFC
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 13 Sep 2023 01:48:34 GMT
rum
dsum-sec.casalemedia.com/ Frame 9273
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=VvsKSL_3W_1J1MHeEqGRKkLLcKM
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=VvsKSL_3W_1J1MHeEqGRKkLLcKM
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.turtlediary.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:34 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZXhXhYC%2F2WvEor7kUjT13OGVcnbh%2FRhLQcY9KhE6Iv5rZ10KMt2kd1pm3DZAWWjJBvcfj1k76nm8e2iAntuNpKgWKYXxdWA4clPJSyKpcqtNae1eIFO%2BV%2BE%2BiCHErWjcFFp%2FnqhQWpppCg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8064f7ed0842a937-SYD
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=VvsKSL_3W_1J1MHeEqGRKkLLcKM
Date
Thu, 14 Sep 2023 01:48:34 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
rum
dsum-sec.casalemedia.com/ Frame 9273
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=yJl0XsiacgrTmXZfzc5pXM2VdVjTnnNemJoUHJxe
43 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=yJl0XsiacgrTmXZfzc5pXM2VdVjTnnNemJoUHJxe
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.turtlediary.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:34 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EPcrdX8xben0ixt8uaDuO5mIHtaSys0afZj3c17%2FPE8Iis4q7le5GDeGMnge%2B28ZYFXvp%2FvjE4Eoj%2BdMBLeMcaZZDQrIEMek9oXt2qujW69tBN3ni3vDhG7dVrNFar4FdWNPj1wX3bC9OA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8064f7eb5ddfa937-SYD
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:34 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=yJl0XsiacgrTmXZfzc5pXM2VdVjTnnNemJoUHJxe
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 9273
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZQJmcQAM9T8cEAA4
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZQJmcQAM9T8cEAA4
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.turtlediary.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:34 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CBBX9G89R02y3LprRQNqO3W4J5RxdZRkS0NKZAjowUTmdB7quoKW38%2F8OIFEe5BmZ030HhGwHxVuHA%2BhEqQ5vUa5l03dyfEzetqDeuoyTInHOGpBXNwn1UC%2Fwozx3lzoxzMPrqYrq8fggg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8064f7eb7e09a937-SYD
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

x-served-by
cache-bfi-krnt7300030-BFI
pragma
no-cache
date
Thu, 14 Sep 2023 01:48:34 GMT
via
1.1 varnish
server
Varnish
x-timer
S1694656114.389518,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZQJmcQAM9T8cEAA4
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
usermatchredir
ssum-sec.casalemedia.com/ Frame 9273
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZQJmcK6YaIc9CuPdC5Nm1wAAElEAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEG7yksv3rFrw_nuPJkoMbnU&google_cver=1
43 B
741 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEG7yksv3rFrw_nuPJkoMbnU&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.turtlediary.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:34 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FlJFCaVEU4VXN%2FeV44Z7POD3VvkfM5bOnH%2FIyYwrwr4Pz%2F8T7mA5cs3fXg3weD7GGHIWZVzwMRwuwnqqF1QoQLjKKo5YrC%2BW%2FuKyKQUHRsyGIZt42EH6Z2fY72UXkgoS0J%2Ff%2BgpyDPQ0lg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8064f7eb1d8da937-SYD
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:34 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEG7yksv3rFrw_nuPJkoMbnU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 9273
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4379871299077307740
43 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4379871299077307740
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.turtlediary.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:34 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FcGI5lWvW23r1Wd7RnbXLOgO6jHSt6YtTyRjgevpCDMj0o7eT54Id0uE%2BMKB2LmHxJwJIUzmhX8FN0BLZeZWE5aEcUutL8YeR8BPFImTc0yskJ4gd5V290b7%2BBNksezNsIXLZujOOFWIUg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8064f7ebce5fa937-SYD
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:34 GMT
an-x-request-uuid
ff3fd994-9f26-4d0b-9593-a37d7a2ba73d
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4379871299077307740
x-proxy-origin
66.203.112.163; 66.203.112.163; 591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 9273
Redirect Chain
  • https://trace.mediago.io/ju/cs/indexexchange
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=e2eacde4ba85ddbf00a5bdad6c78b58b
43 B
730 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=e2eacde4ba85ddbf00a5bdad6c78b58b
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.turtlediary.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:34 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uOYNdE2izhQZToE60E3MCsgSqS7wu7Yc7KGYYUwM0UftrDe2amYTDpD7M20l28earn6YrbcBJzbPbcfDPynqa8%2BYJ73qch5%2FZOPxQQv3vGx7LrWkzqra%2Fw2HD2TPvTYbt95u4oNX2dcE8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8064f7edd937a937-SYD
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Thu, 14 Sep 2023 01:48:34 GMT
via
1.1 google
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=e2eacde4ba85ddbf00a5bdad6c78b58b
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
htw-pixel.gif
cdn.indexww.com/ht/ Frame 9273 		43 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZQJmcK6YaIc9CuPdC5Nm1wAA%264689
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.turtlediary.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 01:48:34 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
18534
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
8064f7ea888baadd-SYD
content-length
43
expires
Fri, 15 Sep 2023 01:48:34 GMT
usync.js
eus.rubiconproject.com/ Frame E60D 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.204.65.234 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-204-65-234.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
9fe481341c930df1c801975b234c48b8d1b3a8b5dc11252db5a39964fc697d35

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=medianet
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Date
Thu, 14 Sep 2023 01:48:34 GMT
Content-Encoding
gzip
Last-Modified
Wed, 13 Sep 2023 13:59:10 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=43837
Connection
keep-alive
Content-Length
10523
Expires
Thu, 14 Sep 2023 13:59:11 GMT
cksync.php
contextual.media.net/ Frame E60D
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&khaos=LMIIHS1V-P-5LTY
  • https://contextual.media.net/cksync.php?type=rbcn&ovsid=LMIIHS1V-P-5LTY
53 B
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=rbcn&ovsid=LMIIHS1V-P-5LTY
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
H2
Server
23.204.64.24 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-204-64-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 14 Sep 2023 01:48:34 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Thu, 14 Sep 2023 01:48:34 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://contextual.media.net/cksync.php?type=rbcn&ovsid=LMIIHS1V-P-5LTY
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
94869a3d6d62a785bc2a9351b08a70bb
Expires
0
w_480_00003.ts
video.primis.tech/uploads/cn22/video/users/hls/24485/video1516546936/vid5db1bf203d874232205358.mp4/ 		421 KB
422 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn22/video/users/hls/24485/video1516546936/vid5db1bf203d874232205358.mp4/w_480_00003.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.246.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-246-94.sfo5.r.cloudfront.net
Software
nginx /
Resource Hash
f458200d8fd2c5da54be615e32a663c99cb7a007fe887cfe9c9c405c3ea31c13

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 00:14:46 GMT
via
1.1 2684a624055735139ca3901fdc6d3742.cloudfront.net (CloudFront), 1.1 88eccec4c36b443b42b3988f57d3bebe.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C1, SFO5-P1
age
5628
x-cache
Hit from cloudfront
content-length
431272
last-modified
Wed, 18 Aug 2021 02:54:41 GMT
server
nginx
etag
"3a2e81a8092b7bdc15fd99e2eca5dbcf"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
xMw3dxjfkPkXiSjs8yy2UYQNHrGZpWApdXAe6NgLuC3h2leamA-MBw==
expires
Thu, 28 Sep 2023 00:14:46 GMT
async_usersync
ib.adnxs.com/ Frame 7BF3 		0
596 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.178 , Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:34 GMT
an-x-request-uuid
3f9f3a20-48d9-498e-98c5-31a7a56229c1
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
66.203.112.163; 66.203.112.163; 591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
lb.eu-1-id5-sync.com/lb/ Frame 73E2 		33 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_13.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
b52483c3e5c1dc154cba8f212f8606ee669b89dfe02d4e9ec4b15f49ed1117b0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.turtlediary.com
date
Thu, 14 Sep 2023 01:48:34 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
tap.php
pixel.rubiconproject.com/ Frame E60D
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAFQWE7KBM0AACRJppVvKw&expires=30
42 B
774 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAFQWE7KBM0AACRJppVvKw&expires=30
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
030b4ddd4a4f3e9891a065664f20c4bb
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAFQWE7KBM0AACRJppVvKw&expires=30
Date
Thu, 14 Sep 2023 01:48:34 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
sync
x.bidswitch.net/ Frame E60D
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LMIIHS1V-P-5LTY
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LMIIHS1V-P-5LTY
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1709765917%26mi%3D10%26csh%3D793790479%26rnd%3D1831884150&pcid=$UID
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1709765917&mi=10&csh=793790479&rnd=1831884150&pcid=4379871299077307740
  • https://x.bidswitch.net/sync?ssp=sekindo&r=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1267919208%26mi%3D10%26csh%3D793790479%3B1709765917%26rnd%3D10...
43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=sekindo&r=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1267919208%26mi%3D10%26csh%3D793790479%3B1709765917%26rnd%3D107371069%26pcid%3D
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
HTTP/1.1
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Date
Thu, 14 Sep 2023 01:48:35 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:35 GMT
via
1.1 6defb821ef88eaf5ac6c82035b5646e2.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
SYD1-C1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
location
https://x.bidswitch.net/sync?ssp=sekindo&r=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1267919208%26mi%3D10%26csh%3D793790479%3B1709765917%26rnd%3D107371069%26pcid%3D
cache-control
no-cache, no-store, must-revalidate
patent
https://www.almondnet.com/ip
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
YV0GCtdrJYxyHfMvrjmxALHelZEqukKK5woSlwq5wnctbuuvzMriDw==
expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
ups.analytics.yahoo.com/ups/58160/ Frame E60D
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LMIIHS1V-P-5LTY&redir=true
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LMIIHS1V-P-5LTY&redir=true
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
H2
Server
13.228.126.19 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-228-126-19.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 01:48:35 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

Location
https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LMIIHS1V-P-5LTY&redir=true
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
beb52df1a5a4b2f2cb3f37642c514298
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
receive
pixel.tapad.com/idsync/ex/ Frame E60D
Redirect Chain
  • https://token.rubiconproject.com/token?pid=37556&a=1
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LMIIHS1V-P-5LTY
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LMIIHS1V-P-5LTY
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 01:48:35 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

Location
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LMIIHS1V-P-5LTY
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0ed95c36ed1932be3ba76fc523a6e179
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
ib.adnxs.com/prebid/ Frame E60D
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LMIIHS1V-P-5LTY
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LMIIHS1V-P-5LTY
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
H2
Server
103.43.90.178 , Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:34 GMT
an-x-request-uuid
c1fb89f3-955a-4f81-8707-4f31d2bea747
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
66.203.112.163; 66.203.112.163; 591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LMIIHS1V-P-5LTY
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
d264e84c9dc1a645a3048554992c5d82
Expires
0
tap.php
pixel.rubiconproject.com/ Frame E60D
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=04b5448b-5f47-4bdd-b1f8-4c0eedfda15d&expires=30
42 B
774 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=04b5448b-5f47-4bdd-b1f8-4c0eedfda15d&expires=30
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
94869a3d6d62a785bc2a9351b08a70bb
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=04b5448b-5f47-4bdd-b1f8-4c0eedfda15d&expires=30
Date
Thu, 14 Sep 2023 01:48:34 GMT
Connection
keep-alive
X-CI-RTID
1bfe40b1-6987-442d-b36b-518c716df2e6
Content-Length
144
Content-Type
text/html; charset=utf-8
tap.php
pixel.rubiconproject.com/ Frame E60D
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1164
  • https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=1636984531879615243
42 B
774 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=1636984531879615243
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
c80248407eff6cf595ce43a76c04e23f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=1636984531879615243
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
tap.php
pixel.rubiconproject.com/ Frame E60D
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=14
  • https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=VvsKSL_3W_1J1MHeEqGRKkLLcKM
42 B
774 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=VvsKSL_3W_1J1MHeEqGRKkLLcKM
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
550b0c1400f70e56269f7c1848fb3166
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=VvsKSL_3W_1J1MHeEqGRKkLLcKM
Date
Thu, 14 Sep 2023 01:48:34 GMT
Connection
keep-alive
Content-Length
121
Content-Type
text/html; charset=utf-8
log
c21lg-d.media.net/ Frame 8E6E 		35 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c21lg-d.media.net/log?logid=kfk&evtid=cs&origin=1&pvgid=data-c&ovsid=Cvx1_eDUZbZ9ZCf_zuBMp9mXNa7OR_to&cs=15&vsid=3376577122889957000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=233%2C157%2C2027%2C159%2C2026%2C236%2C357%2C237%2C117%2C359%2C97%2C55%2C99%2C56%2C59%2C3012%2C201%2C246%2C4%2C126%2C203%2C446%2C9%2C2099%2C173%2C294%2C251%2C175%2C450%2C178%2C3017%2C214%2C3016%2C337%2C338%2C459%2C339%2C77%2C38%2C141%2C262%2C461%2C222%2C345%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.215.59.229 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-215-59-229.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Sep 2023 01:48:35 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Thu, 14 Sep 2023 01:48:35 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 88AB 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&predirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.215.59.10 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-215-59-10.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://www.turtlediary.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=114897
content-encoding
gzip
content-length
5606
content-type
text/html
date
Thu, 14 Sep 2023 01:48:34 GMT
expires
Fri, 15 Sep 2023 09:43:31 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
csi
csi.gstatic.com/ Frame 1BEC 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lmiihu9h&c=2290125905275&slotId=1145062952637.5&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.589.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:35 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
w_480_00004.ts
video.primis.tech/uploads/cn22/video/users/hls/24485/video1516546936/vid5db1bf203d874232205358.mp4/ 		489 KB
490 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn22/video/users/hls/24485/video1516546936/vid5db1bf203d874232205358.mp4/w_480_00004.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.246.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-246-94.sfo5.r.cloudfront.net
Software
nginx /
Resource Hash
c8b85ec9741f37ecedb6bc555e6db7eb567fef3b0751210706448a5c82cb0079

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 00:14:47 GMT
via
1.1 a553956551fbf0c4a86ccb4e98efd3ca.cloudfront.net (CloudFront), 1.1 88eccec4c36b443b42b3988f57d3bebe.cloudfront.net (CloudFront)
x-amz-cf-pop
DFW53-C1, SFO5-P1
age
5626
x-cache
Hit from cloudfront
content-length
500268
last-modified
Wed, 18 Aug 2021 02:54:41 GMT
server
nginx
etag
"1663ba0ee9d54e5c8b43f360400a8a80"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
UMBn6-1CwM75FgmKV64CeYoNlbBX3A-UO11cbGXGpDUWw77_wSu-MQ==
expires
Thu, 28 Sep 2023 00:14:47 GMT
setuid
s2s.t13.io/
Redirect Chain
  • https://cms.quantserve.com/pixel/p-N04C2m09Yy8f8.gif?idmatch=0&gdpr=&gdpr_consent=&us_privacy=&redir=
  • https://s2s.t13.io/setuid?bidder=quantcastfsx&gdpr=0&uid=DBo6DQwZPFkXGjgMCU0nDwkWOwsXHT0NXBkErh93
86 B
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2s.t13.io/setuid?bidder=quantcastfsx&gdpr=0&uid=DBo6DQwZPFkXGjgMCU0nDwkWOwsXHT0NXBkErh93
Protocol
H3
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:34 GMT
content-encoding
gzip
via
1.1 google
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0

Redirect headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:34 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://s2s.t13.io/setuid?bidder=quantcastfsx&gdpr=0&uid=DBo6DQwZPFkXGjgMCU0nDwkWOwsXHT0NXBkErh93
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
w_480_00005.ts
video.primis.tech/uploads/cn22/video/users/hls/24485/video1516546936/vid5db1bf203d874232205358.mp4/ 		455 KB
456 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn22/video/users/hls/24485/video1516546936/vid5db1bf203d874232205358.mp4/w_480_00005.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.246.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-246-94.sfo5.r.cloudfront.net
Software
nginx /
Resource Hash
4746ac75838ac38710b85ab982f224dd90fc8fb3d6fabbf7a609947f0f2e98c1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 00:14:49 GMT
via
1.1 42d3518040c55e24793897f7f5d5f342.cloudfront.net (CloudFront), 1.1 88eccec4c36b443b42b3988f57d3bebe.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C1, SFO5-P1
age
5625
x-cache
Hit from cloudfront
content-length
465488
last-modified
Wed, 18 Aug 2021 02:54:41 GMT
server
nginx
etag
"fdc10ed9032e50f45cc76718a04074e4"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
kNSXubkiXqw6-M0NxWgM74p4gezJqLo2jsjb1CtN9nDpteXJvPKKHA==
expires
Thu, 28 Sep 2023 00:14:49 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame DA86 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=159196&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.85 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 01:48:35 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
setuid
s2s.t13.io/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24UID
  • https://s2s.t13.io/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=i&uid=4379871299077307740
86 B
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2s.t13.io/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=i&uid=4379871299077307740
Protocol
H3
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:35 GMT
content-encoding
gzip
via
1.1 google
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0

Redirect headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:35 GMT
an-x-request-uuid
5266d485-932f-4710-8ce7-1c60e8e23f8f
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://s2s.t13.io/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=i&uid=4379871299077307740
x-proxy-origin
66.203.112.163; 66.203.112.163; 591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
csi
csi.gstatic.com/ Frame 1BEC 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lmiihuoh&c=2290125905275&slotId=1145062952637.5&ghmsh_eids=44752711%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44800470
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.589.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:35 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
212.json
id5-sync.com/g/v2/ Frame 73E2 		635 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/212.json
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_13.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
d3eee9c3a0af8e05fc738d3afa3c9dcfc168a799ff84fa35550aa482f1f7cb02
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 14 Sep 2023 01:48:35 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.turtlediary.com
p3p
CP="CAO PSA OUR"
access-control-allow-credentials
true
async_usersync
ib.adnxs.com/ Frame 7BF3 		0
597 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.178 , Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Sep 2023 01:48:35 GMT
an-x-request-uuid
128354d9-d654-46b5-9f6b-15144d6d828f
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
66.203.112.163; 66.203.112.163; 591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
log
c21lg-d.media.net/ Frame 8E6E 		35 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c21lg-d.media.net/log?logid=kfk&evtid=cs&origin=1&pvgid=data-con&ovsid=1ed22a37-c311-4f55-a6ed-c0e2da8522d9&cs=15&vsid=3376577122889957000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=233%2C157%2C2027%2C159%2C2026%2C236%2C357%2C237%2C117%2C359%2C97%2C55%2C99%2C56%2C59%2C3012%2C201%2C246%2C4%2C126%2C203%2C446%2C9%2C2099%2C173%2C294%2C251%2C175%2C450%2C178%2C3017%2C214%2C3016%2C337%2C338%2C459%2C339%2C77%2C38%2C141%2C262%2C461%2C222%2C345%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.215.59.229 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-215-59-229.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Sep 2023 01:48:35 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Thu, 14 Sep 2023 01:48:35 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame DA86 		836 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=53571787&p=159196&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.81 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
165eda9f4a7864be05146423f7a3e79bc38c5f5b09aa1c267aac96a28c1b025f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Thu, 14 Sep 2023 01:48:35 GMT
content-length
836
content-type
text/html; charset=UTF-8
match
c1.adform.net/serving/cookie/ Frame 76EF 		35 B
591 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=B115E008-E131-42D6-BFAC-2E49AC5E28A3&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.30 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Thu, 14 Sep 2023 01:48:35 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame 7259
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=2018245966358085774
42 B
274 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=2018245966358085774
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 14 Sep 2023 00:32:53 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Thu, 14 Sep 2023 01:48:35 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=2018245966358085774
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
Pug
simage2.pubmatic.com/AdServer/ Frame 94E1
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1504602227
  • https://sync.1rx.io/usersync/tradedesk/8fe62721-aec1-4b0f-a07d-1b94d52b81c8
  • https://sync.targeting.unrulymedia.com/csync/RX-733db2ff-9718-4cc6-97df-a1f9e154259a-004?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-733db2ff-9718-4cc6-97df-a1f9e154259a-004
42 B
334 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-733db2ff-9718-4cc6-97df-a1f9e154259a-004
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 14 Sep 2023 01:48:36 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-type
text/html
date
Thu, 14 Sep 2023 01:48:36 GMT
etag
RX733db2ff97184cc697dfa1f9e154259a004
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-733db2ff-9718-4cc6-97df-a1f9e154259a-004
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Pug
simage2.pubmatic.com/AdServer/ Frame 874F
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:62585BD686A14631B68DFA0C90655AFC&gdpr=0&gdpr_consent=
1 B
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:62585BD686A14631B68DFA0C90655AFC&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Thu, 14 Sep 2023 01:48:36 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Thu, 14 Sep 2023 01:48:35 GMT
expires
Wed, 13 Sep 2023 01:48:35 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:62585BD686A14631B68DFA0C90655AFC&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
getuid
sync.smartadserver.com/ Frame C285
Redirect Chain
  • https://live.primis.tech/live/liveCS.php?source=external&advId=91&advUuid=B115E008-E131-42D6-BFAC-2E49AC5E28A3
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1402230080&3rdpcid=B115E008-E131-42D6-BFAC-2E49AC5E28A3
  • https://u.openx.net/w/1.0/cm?id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1486637409%26mi%3D10%26csh%3D79379...
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1486637409&mi=10&csh=793790479&rnd=1075362375&pcid=f09c8ce3-052b-4271-afd7-c9569f505d53
  • https://ads.yieldmo.com/pbsync?redirectUri=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1868283820%26mi%3D10%26csh%3D793790479%3B1486637409%26rnd%3D-4...
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1868283820&mi=10&csh=793790479;1486637409&rnd=-481747917&pcid=3RiEKkZCCAZthjlkRpSu
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D259151345%26mi%3D10%26csh%3D793790479%3B1486637409%3B1868283820%26rnd%...
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=259151345&mi=10&csh=793790479;1486637409;1868283820&rnd=1446596794&pcid=4504996329023759877773
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1881119486%26mi%3D10%26csh%3D793790479%3B1486637409%3B186828382...
  • https://sync.smartadserver.com/getuid?url=https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1881119486&mi=10&csh=793790479;1486637409;1868283820;259151345&rnd=1264497559&pci...
0
75 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.smartadserver.com/getuid?url=https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1881119486&mi=10&csh=793790479;1486637409;1868283820;259151345&rnd=1264497559&pcid=[sas_uid]&cklb=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.38 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
0
date
Thu, 14 Sep 2023 01:48:38 GMT

Redirect headers

cache-control
no-cache,no-store
content-length
0
date
Thu, 14 Sep 2023 01:48:38 GMT
location
https://sync.smartadserver.com:443/getuid?url=https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1881119486&mi=10&csh=793790479;1486637409;1868283820;259151345&rnd=1264497559&pcid=[sas_uid]&cklb=1
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
pragma
no-cache
396846.gif
idsync.rlcdn.com/ Frame DA86
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=B115E008-E131-42D6-BFAC-2E49AC5E28A3
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=52ff1535-842a-4ce2-b4cb-df864a837f9e
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=52ff1535-842a-4ce2-b4cb-df864a837f9e
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 01:48:36 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Thu, 14 Sep 2023 01:48:36 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=52ff1535-842a-4ce2-b4cb-df864a837f9e
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame ED1D 		47 B
222 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=23365652&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.81 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Thu, 14 Sep 2023 01:48:37 GMT
content-length
47
content-type
text/html; charset=UTF-8
cksync.php
contextual.media.net/ Frame 70A0 		53 B
466 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3376577122889957000V10&type=pba&refUrl=&vid=46561142953376577122889957000V10&ovsid=B115E008-E131-42D6-BFAC-2E49AC5E28A3
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3376577122889957000V10%26type%3Dpba%26refUrl%3D%26vid%3D46561142953376577122889957000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.204.64.24 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-204-64-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
53
content-type
image/gif
date
Thu, 14 Sep 2023 01:48:38 GMT
expires
Thu, 14 Sep 2023 01:48:38 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
x-mnet-hl2
E
cksync.php
contextual.media.net/ Frame BE4D 		53 B
466 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3376577122889957000V10&type=pba&refUrl=&vid=46561142953376577122889957000V10&ovsid=B115E008-E131-42D6-BFAC-2E49AC5E28A3
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3376577122889957000V10%26type%3Dpba%26refUrl%3D%26vid%3D46561142953376577122889957000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.204.64.24 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-204-64-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
53
content-type
image/gif
date
Thu, 14 Sep 2023 01:48:38 GMT
expires
Thu, 14 Sep 2023 01:48:38 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
x-mnet-hl2
E
setuid
s2s.t13.io/ Frame 3B74 		0
14 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s2s.t13.io/setuid?bidder=pubmatic&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=b&uid=B115E008-E131-42D6-BFAC-2E49AC5E28A3
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&predirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html
date
Thu, 14 Sep 2023 01:48:37 GMT
expires
0
pragma
no-cache
via
1.1 google
setuid
s2s.t13.io/ Frame 2D4F 		0
14 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s2s.t13.io/setuid?bidder=pubmatic&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=b&uid=B115E008-E131-42D6-BFAC-2E49AC5E28A3
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&predirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html
date
Thu, 14 Sep 2023 01:48:37 GMT
expires
0
pragma
no-cache
via
1.1 google
SPug
simage4.pubmatic.com/AdServer/ Frame DA86 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=159196&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.85 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 01:48:38 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
chunklist_480.m3u8
video.primis.tech/uploads/cn22/video/users/hls/24485/video1516546936/vid5db1bf203d874232205358.mp4/ 		4 KB
814 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn22/video/users/hls/24485/video1516546936/vid5db1bf203d874232205358.mp4/chunklist_480.m3u8
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.246.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-246-94.sfo5.r.cloudfront.net
Software
nginx /
Resource Hash
7a91097461d32cfdd134c7c3c7aa383a8829cca521b7512313c71f88878f5df9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 00:15:40 GMT
via
1.1 a171b1283e1187a443aee626cb753630.cloudfront.net (CloudFront), 1.1 88eccec4c36b443b42b3988f57d3bebe.cloudfront.net (CloudFront)
content-encoding
br
x-amz-cf-pop
EWR53-C1, SFO5-P1
age
5635
x-cache
Hit from cloudfront
last-modified
Wed, 18 Aug 2021 02:54:36 GMT
server
nginx
etag
W/"3a22383fa4b0ca37c72e21292f9548d9"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
cache-control
max-age=86400
vary
Accept-Encoding
x-amz-cf-id
MD3_E5lUIH2xiMNV9gPOcFOtL_nBcpD_-_aWwkJVI4oQeM2UHUGaxg==
expires
Fri, 15 Sep 2023 00:14:44 GMT
w_480_00000.ts
video.primis.tech/uploads/cn22/video/users/hls/24485/video1516546936/vid5db1bf203d874232205358.mp4/ 		511 KB
512 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn22/video/users/hls/24485/video1516546936/vid5db1bf203d874232205358.mp4/w_480_00000.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.246.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-246-94.sfo5.r.cloudfront.net
Software
nginx /
Resource Hash
ec06a4cad7d5e6320186d0a86a79ec0385e8b745a6fc4bde481bebf3e034979e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 00:14:44 GMT
via
1.1 507f0bab9a1278d1632051db230c99d4.cloudfront.net (CloudFront), 1.1 88eccec4c36b443b42b3988f57d3bebe.cloudfront.net (CloudFront)
x-amz-cf-pop
LAX3-C4, SFO5-P1
age
5635
x-cache
Hit from cloudfront
content-length
522828
last-modified
Wed, 18 Aug 2021 02:54:41 GMT
server
nginx
etag
"8e964fb9bc7b8ae24d0aeed55c231784"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
uqJxgjxwIbxg5aM453VV1M6F_FR20beK7COidOe6HNMog59eGJJWJg==
expires
Thu, 28 Sep 2023 00:14:44 GMT
530c0eba-74a5-48b9-8aed-3d110a228113
https://www.turtlediary.com/ 		67 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.turtlediary.com/530c0eba-74a5-48b9-8aed-3d110a228113
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b3e57eb372e8b405c816875571e184854b2846261c7477c6c9bdb7782faa1a30

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Length
68465
Content-Type
text/javascript
w_480_00001.ts
video.primis.tech/uploads/cn22/video/users/hls/24485/video1516546936/vid5db1bf203d874232205358.mp4/ 		518 KB
519 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn22/video/users/hls/24485/video1516546936/vid5db1bf203d874232205358.mp4/w_480_00001.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.246.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-246-94.sfo5.r.cloudfront.net
Software
nginx /
Resource Hash
d45b9c6e91a5cd516be16f868c707a2620053dd93953de6e8c8268d4d8bd6589

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 00:14:44 GMT
via
1.1 211912bcb39f8118d808b48c08a800ea.cloudfront.net (CloudFront), 1.1 88eccec4c36b443b42b3988f57d3bebe.cloudfront.net (CloudFront)
x-amz-cf-pop
DFW53-C1, SFO5-P1
age
5634
x-cache
Hit from cloudfront
content-length
530724
last-modified
Wed, 18 Aug 2021 02:54:41 GMT
server
nginx
etag
"b79bb0173056072b24573de51a3c0174"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
jBbMsONTW9EImvvZ8-b1BBxkfCgYTNoeZCy6Z2-wt27JmSWRJwhBgQ==
expires
Thu, 28 Sep 2023 00:14:44 GMT
w_480_00002.ts
video.primis.tech/uploads/cn22/video/users/hls/24485/video1516546936/vid5db1bf203d874232205358.mp4/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ib.adnxs.com
URL
https://ib.adnxs.com/ut/v3/prebid
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-_o9BD3BE2oOq2iiWrOy_SBOC.t3C0iwuDTgMNU5J~A
Domain
cs.nex8.net
URL
https://cs.nex8.net/cs/openx
Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=34
Domain
pr-bh.ybp.yahoo.com
URL
https://pr-bh.ybp.yahoo.com/sync/stickyads/61a0f1b13e777ee04eb4b6576c80bba?gdpr=0&gdpr_consent=
Domain
video.primis.tech
URL
https://video.primis.tech/uploads/cn22/video/users/hls/24485/video1516546936/vid5db1bf203d874232205358.mp4/w_480_00002.ts

Verdicts & Comments Add Verdict or Comment

343 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| documentPictureInPicture function| setJSCookie function| getJSCookie function| deleteJSCookie function| ReadCookie object| userDetails string| cookie_login undefined| cookie_app string| modulePath boolean| isPaidMember object| memberDetails string| cookie_member string| gameMode string| userContentBlock string| base_url string| configProtocol string| configProtocol_no_https object| freestar string| GoogleAnalyticsObject function| ga function| gtag object| dataLayer function| searchDis object| body string| logedInUserName string| defaultNameForNonLogUser string| loggedInUserAvatar string| defaultAvatarForUser function| $ function| jQuery number| gPositionScroll_priorScroll object| menu object| button object| dropdown object| menu2 object| button2 object| dropdown2 object| menu3 object| button3 object| dropdown3 object| menu4 object| button4 object| dropdown4 object| menu5 object| button5 object| dropdown5 object| menu6 object| button6 object| dropdown6 object| classie string| nextGame function| forFreeAndBasic string| invites function| admiral object| googletag object| regeneratorRuntime object| fsdata object| _comscore object| fsprebid object| COMSCORE object| ns_p function| load_script object| confiant function| _hadron object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| fsprebidChunk object| _pbjsGlobals object| mnet object| google_tag_manager function| onYouTubeIframeAPIReady function| 4dm1r11545242527 function| io object| gameUserData string| clientUsername function| Client object| clientConnection object| clientSocket object| obj object| hadron boolean| __halo_loaded__ object| blockedCountry object| allowedCountry object| blockedModulePathPopup object| blockedModulePathRelative number| upgradeMemberInterval number| cookieTimeout undefined| userCountry boolean| blockable boolean| blockableCountry number| incrContentCount object| labelOtherUs object| blockContentCount string| module function| setBlockContent function| blockContent function| applyGeoBasedBlocking function| callUpgradeMember function| daydiffJS function| closeUpgradeMember function| upgradeMember function| inArrayJS boolean| isMobile boolean| isIOS boolean| isiPad function| get_browser string| gameFramework string| currentUrl string| worksheetPng object| QueryString object| activity object| loadAfterJQuery undefined| rd function| redirectMember function| _extends function| _typeof function| LazyLoad function| centeredPopup function| centeredReportPopup string| imageurl function| popitup function| senddata function| mobileAndTabletcheck function| scaleKeyboard function| dotdotdot function| ucfirst function| UrlExists function| worksheetPreview function| dextopTab function| mobileTab function| menuTabView function| sideMnu function| addToFav function| userRating function| setupMapGame function| setHeightWidth function| mapGameHeightAdj function| player100p function| player_625 function| player100p_sheet function| scrollableAdsHeight function| reloadAdsIfRequire function| openLoginOverlay function| noTBtm function| fixed4Res function| lftFltrMnu function| showSeeAllCommonCore undefined| consolePass undefined| typedPass function| setTG_tab function| GetIEVersion function| getCookieTG function| resetTG_tab function| sentenceCase function| callCreateAssignList object| jQuery1113046864514660198586 function| loadAfterJQueryFunc number| getJQueryJsInterval string| currentModulePath undefined| userNameApp function| currentPdfUrl object| ggeac object| google_js_reporting_queue object| __bt_tag_d object| __bt_tag_am object| __bt_intrnl object| __bt undefined| google_measure_js_timing object| au boolean| __bt_already_invoked function| html2canvas function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray function| IntentIqObject function| PartnersWinEvent object| iiq_object_array boolean| sekindoFlowingPlayerOn object| _qevents object| ox_esp function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_oa object| sync16589_xa object| sync16589_ya function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_J function| sync16589_K function| sync16589_L function| sync16589_la function| sync16589_ma function| sync16589_na function| sync16589_M function| sync16589_N function| sync16589_pa function| sync16589_O function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_P function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_wa function| sync16589_Q function| sync16589_R function| sync16589_za function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_Aa function| sync16589_W function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Ea function| sync16589_Ba function| sync16589_1 function| sync16589_Da function| sync16589_Ca function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Ga function| sync16589_Ha function| sync16589_Ja function| sync16589_Fa function| sync16589_7 function| sync16589_Ia function| sync16589_La function| sync16589_Ka function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_Pa function| sync16589_$ function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa function| sync16589_Ta object| lotame_sync_16589 function| setImmediate function| clearImmediate object| paramMatch object| viewPortSize object| debugIp object| debugId number| sekindoDisplayedPlacement object| PrimisApiConfig function| constructsekindoParent8 object| pbjs function| quantserve function| __qc object| ezt object| _qoptions number| google_unique_id object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_141 object| Criteo object| Criteo_identitytag_141 object| GoogleGcLKhOms object| freewheelssp_cache object| google_image_requests number| google_global_correlator object| closure_lm_501203

220 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIoQEQ9MeAi6kxCgoIgQIQu9qAi6kxCgoI4gEQ9MeAi6kxCgoI5gEQ9MeAi6kxCgoIhwIQ9MeAi6kxCgkISRC72oCLqTEKCQgLELvagIupMQoKCIwCEPTHgIupMQoKCKwCELvagIupMQoKCK0CELvagIupMQoKCM4BELvagIupMQoKCJECELvagIupMQoKCJICELvagIupMQoKCLQCEPTHgIupMQoKCLcCEPTHgIupMQoJCDoQ9MeAi6kxCgkIGxC72oCLqTEKCgjeARC72oCLqTEKCQhfEPTHgIupMQoJCB8Q9MeAi6kx
.pub.network/ Name: _fsuid
Value: 80b5d8df-f9b3-4e64-bcf7-9444b83849fe
.turtlediary.com/ Name: _gid
Value: GA1.2.113130241.1694656108
.turtlediary.com/ Name: _gat
Value: 1
.turtlediary.com/ Name: _ga_W1C8HMBE0D
Value: GS1.1.1694656108.1.0.1694656108.0.0.0
.turtlediary.com/ Name: _ga
Value: GA1.1.1672199384.1694656108
.scorecardresearch.com/ Name: UID
Value: 1F3c49612fa3fc1c97e1e631694656108
.turtlediary.com/ Name: typingGameLevel
Value: Beginner
.intentiq.com/ Name: IQver
Value: 1.9
.intentiq.com/ Name: intentIQ
Value: KfWH3GGccn
www.turtlediary.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.turtlediary.com/ Name: cookie
Value: a71443ad-88e2-4326-907f-68c17113764c
.adsrvr.org/ Name: TDID
Value: 8fe62721-aec1-4b0f-a07d-1b94d52b81c8
.turtlediary.com/ Name: lotame_domain_check
Value: turtlediary.com
.openx.net/ Name: i
Value: d495550a-e0ea-4575-b164-979d173f2dbb|1694656110
.sharethrough.com/ Name: stx_user_id
Value: d92a179a-512b-4bde-a7d3-e5517625d63a
.crwdcntrl.net/ Name: _cc_dc
Value: 2
.crwdcntrl.net/ Name: _cc_id
Value: adf7827012baa0ff6ccefbcf6b16666b
.turtlediary.com/ Name: _awl
Value: 2.1694656110.5-d9509389d43b17320188495600c49c57-6763652d617369612d6561737431-0
.turtlediary.com/ Name: _cc_id
Value: adf7827012baa0ff6ccefbcf6b16666b
.turtlediary.com/ Name: panoramaId_expiry
Value: 1695260910454
.turtlediary.com/ Name: panoramaId
Value: 25be2c7e686f4d3fe0f19ada5e9b16d5393867e5c2328709579c5cb9fecc2965
.turtlediary.com/ Name: panoramaIdType
Value: panoIndiv
.intentiq.com/ Name: intentIQCDate
Value: 1694656110548
.intentiq.com/ Name: ASDT
Value: 0
.openx.net/ Name: univ_id
Value: 537072971|8fe62721-aec1-4b0f-a07d-1b94d52b81c8|1694656110639116
.ladsp.com/ Name: cr
Value: 1
.primis.tech/ Name: csuuid
Value: 6502666e9c9d4
.ladsp.com/ Name: smn_uid
Value: 5ABv95oxoO92pDraN4y6_Q-z97yU38g
.ladsp.com/ Name: lum
Value: CK3BgIupMRIFCAMQ0AU
.rubiconproject.com/ Name: khaos
Value: LMIIHS1V-P-5LTY
.quantserve.com/ Name: mc
Value: 6502666f-5233b-03914-272f6
.turtlediary.com/ Name: __qca
Value: P0-942128272-1694656110820
.doubleclick.net/ Name: IDE
Value: AHWqTUkwrvoTOBibZZyQhFBKJ7LUewAMecISQeWFG2lqPZWTBwKQuEMfH20DjUDwR5I
.3lift.com/ Name: tluid
Value: 4504996329023759877773
.turtlediary.com/ Name: __gads
Value: ID=c0b2cc5414f6f0cb:T=1694656110:RT=1694656110:S=ALNI_MZBRQVPDt5uho-A3dgdRLQkTqfYPQ
.turtlediary.com/ Name: __gpi
Value: UID=00000c44b62aeffb:T=1694656110:RT=1694656110:S=ALNI_MY3UKfVuv1rLQd8wKpvMrx_wllMhw
.criteo.com/ Name: uid
Value: 5ad7e647-26b3-46c1-a65b-3b39a5531475
.turtlediary.com/ Name: cto_bidid
Value: 8aiAiF80TkVFZGdPcjFHOU9CZWRKN2EwcCUyRmNsVHd4YmklMkJhSHhYbjBkbktiWnclMkZGNFRvcjNtRjNzcHo0Rnl5UG51YyUyQjNyYlFHaVdEUXQ0bEtGRUhsS0k4WkRBJTNEJTNE
.casalemedia.com/ Name: CMID
Value: ZQJmcK6YaIc9CuPdC5Nm1wAA
.casalemedia.com/ Name: CMPS
Value: 4689
.casalemedia.com/ Name: CMPRO
Value: 4689
.adnxs.com/ Name: uuid2
Value: 4379871299077307740
.turtlediary.com/ Name: cto_bundle
Value: htS6kl9pVjklMkI3dEQzbU1SNnd3JTJCJTJCRWlXSjZ4M1FvJTJCb3hVMFlOUVhORG9ISWZZQ0E4d1Rwb0R0JTJGZ0xzR2Iyc3RNdXFkWXVxSW1kMmkyJTJGZ2NMa2glMkZidk1sdUdyd3laSHlwM0ljRnpha3hxMFVwTXJ5U2U0ZWt3Y0xhdW4zeGg5Q2c0alE5bFNQU3FiJTJGa0IwNkdZT2FnSndyd3BBJTNEJTNE
.bing.com/ Name: MUID
Value: 1F7D9BA4BD6763E524008828BCF662D4
.c.bing.com/ Name: MR
Value: 0
.linkedin.com/ Name: li_sugr
Value: 7c28b6ef-59e4-4db4-ab0d-6f807bbf071a
.linkedin.com/ Name: bcookie
Value: "v=2&e6e2b2a7-0116-41fd-892f-582d50d74d9a"
.linkedin.com/ Name: lidc
Value: "b=VGST04:s=V:r=V:a=V:p=V:g=2999:u=1:x=1:i=1694656112:t=1694742512:v=2:sig=AQH50pjjUsgIQvRDqWDj7QJUn5FtOZn4"
.bidswitch.net/ Name: c
Value: 1694656112
.bidswitch.net/ Name: tuuid_lu
Value: 1694656112
.bidswitch.net/ Name: tuuid
Value: bdc66407-e883-4535-97dc-d865405e8882
.ads.stickyadstv.com/ Name: UID
Value: 61a0f1b13e777ee04eb4b6576c80bba
.yahoo.com/ Name: A3
Value: d=AQABBHBmAmUCEME2f5IngtKOaiItWnhf7BQFEgEBAQG3A2UMZQAAAAAA_eMAAA&S=AQAAAnizLV70dyKl9ZdwMp3MYAQ
.csync.loopme.me/ Name: viewer_token
Value: 81c2e6a4-6474-4c10-b9f7-e669dfb399c8
.media.net/ Name: data-pri
Value: 6502666e9c9d4~~34
.pubmatic.com/ Name: KADUSERCOOKIE
Value: B115E008-E131-42D6-BFAC-2E49AC5E28A3
.reemo-ad.jp/ Name: deviceIdentifier
Value: XZrQyDCOnPwIxapDQYbbhoYImguBrjlX
.reemo-ad.jp/ Name: sync_gadx
Value: 1
.tremorhub.com/ Name: tvid
Value: a8b0d85a9b1d48b49f2468953e3b288a
.media.net/ Name: visitor-id
Value: 3376577122889957000V10
.media.net/ Name: data-g
Value: CAESEP4Qeza85NyJLlZhDKwFSUQ~~3
ads.playground.xyz/ Name: connect.sid
Value: s%3AMntpKgVDjJVf7HPt7g8A_Yg6qWSFd3mv.vBdYpGfIBIfimTQKej%2F96tcbDn7bXIO6xVgdpw90OM0
.lijit.com/ Name: ljt_reader
Value: HUTsRTZHzRTZdkvfSduSfRMV
.ctnsnet.com/ Name: cid_d31b7a23f29a4eeab6a79cd421f336fe
Value: 1
.ctnsnet.com/ Name: cid_961cc07b6965420db4bf677d85ff489b
Value: 1
.tapad.com/ Name: TapAd_TS
Value: 1694656113083
.tapad.com/ Name: TapAd_DID
Value: 0bf384ec-3e55-4143-b8a3-c95771ca98f2
.tremorhub.com/ Name: tvssa
Value: 1694656113103
.gammaplatform.com/ Name: _aGeoIp
Value: US|Greenwood_Village
.gammaplatform.com/ Name: _aUID
Value: zds0bu1aqbzg
.simpli.fi/ Name: suid
Value: 62585BD686A14631B68DFA0C90655AFC
.lijit.com/ Name: ljtrtbexp
Value: eJxdjbkNACAIRXehtpAbXM24u4mxgfL9cwMaLLTUMHXkATErp1emFpdmc%2FN7%2FTPZzDef%2F0BcSJ9SFs8FUcMghg%3D%3D
.ambientdsp.com/ Name: _aGeoIp
Value: AU-Sydney
.ambientdsp.com/ Name: _aUID
Value: 11kne88azrjt
.tribalfusion.com/ Name: ANON_ID
Value: acntuJr2PKdFuYnRXqnA7poPZbJo9nA1DZa1gTvj3QZbuTseBZcZcn5LUpeQTrBQ3D0Zbq65tYjY7ejDRDWiITVlMuy4jW
.w55c.net/ Name: wfivefivec
Value: pxhedKI41QGBt75
.blismedia.com/ Name: b
Value: 6502667195A4A796B565A0D4BLIS
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!6169
.w55c.net/ Name: matchpubmatic
Value: 5
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZQJmcQAM9T8cEAA4
.lijit.com/ Name: _ljtrtb_27
Value: 8fe62721-aec1-4b0f-a07d-1b94d52b81c8
.smartadserver.com/ Name: pid
Value: 2645321459625716905
.c.appier.net/ Name: _auid
Value: c_-cTYnxAzadpf14cWYCZQ
.pubmatic.com/ Name: KRTBCOOKIE_1290
Value: 23368-11kne88azrjt
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-4379871299077307740&KRTB&23339-4379871299077307740
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-8fe62721-aec1-4b0f-a07d-1b94d52b81c8&KRTB&22918-8fe62721-aec1-4b0f-a07d-1b94d52b81c8&KRTB&23031-8fe62721-aec1-4b0f-a07d-1b94d52b81c8
.pubmatic.com/ Name: KRTBCOOKIE_1159
Value: 23138-d31b7a23f29a4eeab6a79cd421f336fe&KRTB&23328-d31b7a23f29a4eeab6a79cd421f336fe&KRTB&23427-d31b7a23f29a4eeab6a79cd421f336fe&KRTB&23445-d31b7a23f29a4eeab6a79cd421f336fe
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESENwh-2kP4iZ4oWEpEPEjPVw&KRTB&23025-CAESENwh-2kP4iZ4oWEpEPEjPVw&KRTB&23386-CAESENwh-2kP4iZ4oWEpEPEjPVw
.pubmatic.com/ Name: KRTBCOOKIE_1310
Value: 23431-zds0bu1aqbzg&KRTB&23446-zds0bu1aqbzg&KRTB&23465-zds0bu1aqbzg
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-C91bGgveXU4Q3VkbDopGGA7RWhwQ2lwaW96lXASA&KRTB&19420-C91bGgveXU4Q3VkbDopGGA7RWhwQ2lwaW96lXASA&KRTB&22979-C91bGgveXU4Q3VkbDopGGA7RWhwQ2lwaW96lXASA&KRTB&23403-C91bGgveXU4Q3VkbDopGGA7RWhwQ2lwaW96lXASA
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:pxhedKI41QGBt75&KRTB&23421-uid:pxhedKI41QGBt75
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-56fb0a48-bff7-5bfd-49d4-c1de12a1912a.DAAhdU3i%2F4UTt58rfqjraIBWX5bM6c92LQ8Yt7fgnIY
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-56fb0a48-bff7-5bfd-49d4-c1de12a1912a.DAAhdU3i%2F4UTt58rfqjraIBWX5bM6c92LQ8Yt7fgnIY
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AVvsKSL_3W_1J1MHeEqGRKkLLcKM.z1G8An9qcnpXMQzy6STyVc8%2FOZFgRSVu%2F%2Bqc7hN1nOc
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AVvsKSL_3W_1J1MHeEqGRKkLLcKM.z1G8An9qcnpXMQzy6STyVc8%2FOZFgRSVu%2F%2Bqc7hN1nOc
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIACJTjfKtZTEMi-Kw-uyeoeOpw1iQ8srx7YQS1NrwhUmEHwYBCDxzImoBjABOgRnmJPjQgQ3LlAS.p8iS%2BeztVlkpSBwkvK2cAC4r0LSRZBM17CyrWTtGk%2BA
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIACJTjfKtZTEMi-Kw-uyeoeOpw1iQ8srx7YQS1NrwhUmEHwYBCDxzImoBjABOgRnmJPjQgQ3LlAS.p8iS%2BeztVlkpSBwkvK2cAC4r0LSRZBM17CyrWTtGk%2BA
.adx.opera.com/ Name: UID
Value: OPU489c8cb04f91409dbb7572840d533805
.socdm.com/ Name: SOC
Value: ZQJmcMCo5tIAAE9FkxwAAAAA
.lijit.com/ Name: _ljtrtb_2
Value: 62585BD686A14631B68DFA0C90655AFC
.adform.net/ Name: C
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_904
Value: 16787-c_-cTYnxAzadpf14cWYCZQ
.sportradarserving.com/ Name: c
Value: 1694656113
.sportradarserving.com/ Name: zuuid_lu
Value: 1694656113
.sportradarserving.com/ Name: zuuid
Value: 0bc62ef8-a900-415e-a8df-5e231d2f7482
.adform.net/ Name: uid
Value: 1636984531879615243
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-VvsKSL_3W_1J1MHeEqGRKkLLcKM&KRTB&23334-VvsKSL_3W_1J1MHeEqGRKkLLcKM&KRTB&23417-VvsKSL_3W_1J1MHeEqGRKkLLcKM&KRTB&23426-VvsKSL_3W_1J1MHeEqGRKkLLcKM
.adgrx.com/ Name: ADGRX_UID
Value: d059c4b0-52a0-11ee-9e0c-a3ac6c916c1d
.pubmatic.com/ Name: KRTBCOOKIE_1323
Value: 23480-OPU489c8cb04f91409dbb7572840d533805&KRTB&23485-OPU489c8cb04f91409dbb7572840d533805&KRTB&23524-OPU489c8cb04f91409dbb7572840d533805
.lijit.com/ Name: _ljtrtb_84
Value: c:660de2c5071f8506e774ec455a572246
.openx.net/ Name: pd
Value: v2|1694656110.3|lYvOjEiuhI.iavysnuIjIvGlQkqlUvH
.sportradarserving.com/ Name: zuuid_k
Value: 1
.sportradarserving.com/ Name: zuuid_k_lu
Value: 1694656113
.adgrx.com/ Name: ADGRX_CM_PUBMATIC_BRIDGED
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-8910062125720193014&KRTB&23263-8910062125720193014&KRTB&23481-8910062125720193014
www.turtlediary.com/ Name: _lr_retry_request
Value: true
www.turtlediary.com/ Name: _lr_env_src_ats
Value: false
.googleadservices.com/ Name: ar_debug
Value: 1
www.turtlediary.com/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%228fe62721-aec1-4b0f-a07d-1b94d52b81c8%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222023-08-14T01%3A48%3A34%22%7D
www.turtlediary.com/ Name: pbjs-unifiedid_last
Value: Thu%2C%2014%20Sep%202023%2001%3A48%3A34%20GMT
.demdex.net/ Name: demdex
Value: 07727161867432930271443792541906133394
.dpm.demdex.net/ Name: dpm
Value: 07727161867432930271443792541906133394
.smaato.net/ Name: SCM
Value: 59512d83a3
.smaato.net/ Name: SCMs
Value: 59512d83a3
.pubmatic.com/ Name: KRTBCOOKIE_1003
Value: 22761-d059c4b0-52a0-11ee-9e0c-a3ac6c916c1d&KRTB&23275-d059c4b0-52a0-11ee-9e0c-a3ac6c916c1d
.w55c.net/ Name: matchmedianet
Value: 5
.w55c.net/ Name: matchopenx
Value: 5
.media.net/ Name: data-xu
Value: pxhedKI41QGBt75~~8
.media.net/ Name: data-o
Value: cf1503cc-e26d-4062-88fd-211bc1f78c9a~~8
.r-ad.ne.jp/ Name: r_ad_token
Value: 56M1mY00qBDHN006IpUN
.company-target.com/ Name: tuuid
Value: 523937bd-889d-4bbd-b005-e75b74a013fa
.company-target.com/ Name: tuuid_lu
Value: 1694656114|ix:0
.media.net/ Name: data-ttd
Value: 8fe62721-aec1-4b0f-a07d-1b94d52b81c8~~1
.media.net/ Name: data-r
Value: LMIIHS1V-P-5LTY~~1
.media.net/ Name: data-c
Value: 5ad7e647-26b3-46c1-a65b-3b39a5531475~~1
.media.net/ Name: data-c-ts
Value: 1694656114
.sitescout.com/ Name: ssi
Value: 54f426e3-d5f2-4258-b129-0dc2b4e34473#1694656114214
.sitescout.com/ Name: _ssuma
Value: eyIyNiI6MTY5NDY1NjExNDQ2OCwiMzkiOjE2OTQ2NTYxMTQ0NjgsIjciOjE2OTQ2NTYxMTQ0Njh9
.socdm.com/ Name: SOSYNC
Value: anNvbjp7ImdkbiI6MTY5NDY1NjExNCwib3BlbngiOjE2OTQ2NTYxMTB9
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAAMJ34GzC_34QMjSScsAAAAAAA&KRTB&22713-AAAMJ34GzC_34QMjSScsAAAAAAA&KRTB&22715-AAAMJ34GzC_34QMjSScsAAAAAAA&KRTB&23519-AAAMJ34GzC_34QMjSScsAAAAAAA
.pippio.com/ Name: did
Value: gyJxbzJL4vG5o7Yj
.pippio.com/ Name: didts
Value: 1694656114
.pippio.com/ Name: nnls
Value:
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.dotomi.com/ Name: DotomiTest
Value: a4058f6ef54253a
.admanmedia.com/ Name: admtr
Value: be774091-b410-4eaa-80eb-9bdfc43634f3
.admanmedia.com/ Name: ac_r
Value: CS116
.bidr.io/ Name: bitoIsSecure
Value: ok
.mfadsrvr.com/ Name: c
Value: 1694656114
.lijit.com/ Name: _ljtrtb_16
Value: 77b3c2d8-e315-42f4-8744-a4b680ab56cc-65026671-5553
.turn.com/ Name: uid
Value: 3984833381878859519
.bidr.io/ Name: bito
Value: AAFQWE7KBM0AACRJppVvKw
trace.mediago.io/ Name: __mguid_
Value: e2eacde4ba85ddbf00a5bdad6c78b58b
.media.net/ Name: data-co
Value: AAANT27vaAWuAANA1MiOAAAAAAA~~8
.quantserve.com/ Name: d
Value: EHgBGQH5KfijC_vLEImJ0QA
.go.sonobi.com/ Name: __uis
Value: 26316e79-f7fe-484b-8290-f2925053d4f6
.lijit.com/ Name: _ljtrtb_80
Value: LMIIHS1V-P-5LTY
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-3827492168432486143&KRTB&23150-3827492168432486143
.pippio.com/ Name: pxrc
Value: CPLMiagGEgQIAhAAEgYI7OsBEAA=
.media.net/ Name: data-so
Value: 26316e79-f7fe-484b-8290-f2925053d4f6~~8
.adnxs.com/ Name: anj
Value: dTM7k!M4/0EVNsVF']wIg2Ilap5_s7!]tbP6j2F-.aDFd<pAQ.gk($Le:!+]k_?PZfSt>yid_y3R!5H=q!5'Sd5tvhXj:Z7eYHoUq32iw*tE:JG`+UK%)UzR[-kX-'E#ML
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJ0cmlwbGVsaWZ0Ijp7InVpZCI6IjQ1MDQ5OTYzMjkwMjM3NTk4Nzc3NzMiLCJleHBpcmVzIjoiMjAyMy0xMi0xM1QwMTo0ODozNFoifSwicnViaWNvbiI6eyJ1aWQiOiJMTUlJSFMxVi1QLTVMVFkiLCJleHBpcmVzIjoiMjAyMy0xMi0xM1QwMTo0ODozNFoifX0sImJpcnRoZGF5IjoiMjAyMy0wOS0xNFQwMTo0ODozNFoifQ==
.linksynergy.com/ Name: rmuid
Value: 1b0e3ee4-ed50-4337-8e6d-26fede73ddc8
.linksynergy.com/ Name: icts
Value: 2023-09-14T01:48:34Z
.ipredictive.com/ Name: cu
Value: 04b5448b-5f47-4bdd-b1f8-4c0eedfda15d|1694656114962
.intentiq.com/ Name: IQRubiconPrimisCookieSync
Value: 1694656114975_72218037_257
.analytics.yahoo.com/ Name: IDSYNC
Value: "19du~2dwp:18z8~2dwp:175w~2dwp:18vk~2dwp"
.mfadsrvr.com/ Name: tuuid
Value: 1d26a40e-5f61-4df7-815a-249f7e5e2302
.mfadsrvr.com/ Name: tuuid_lu
Value: 1694656115
.mfadsrvr.com/ Name: ssh
Value: !medianet,1694656115
.intentiq.com/ Name: IIQADMANCookieSync
Value: 1694656115049_-280320817_257
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAFQWE7KBM0AACRJppVvKw
.media.net/ Name: data-mf
Value: 1d26a40e-5f61-4df7-815a-249f7e5e2302~~1
.lijit.com/ Name: ljtrtb
Value: eJwVy0FqAzEMRuG7eB2BpNEvKdlNEkIDKQRaAlnaHs8lSu9ed%2Fv43k%2FRciquSJyvnr6K%2BSJnz%2Btt5cuRHVhvl3Io4tNFtKXrljQWAZnuRhlmVK15cm3w3snB6h5CAJZ5aswz9%2BEaKlRHF7LGO1WOjaQdbYO2lJ7TJk%2F7%2BLzfP77kRU%2FC4%2Fv9n23mfnLnbWgHh%2BwJ9hFhoxtQEarm5fcPcUgw9w%3D%3D
.lijit.com/ Name: _ljtrtb_87
Value: 9259014c-5d45-41f3-9442-0a177be36a87
.bluekai.com/ Name: bku
Value: ikG99cBZ9ZV4FH6f
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-733db2ff-9718-4cc6-97df-a1f9e154259a-004%22%7D
.media.net/ Name: data-r1
Value: RX-733db2ff-9718-4cc6-97df-a1f9e154259a-004~~8
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjIwtDAyMbU0MzM2tTCwMDU3NxHiM9TNKA00SPRyL_cpTswDACyAR_ElAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjIwtDAyMbU0MzM2tTCwMDU3NxHiM9TNKA00SPRyL_cpTswDACyAR_ElAAAA
.media.net/ Name: data-rk
Value: 2018245966358085774~~8
.intentiq.com/ Name: IQAppnexusCookieSync
Value: 1694656115525_885566472_257
.intentiq.com/ Name: IQBidswitchPrebidCookieSync
Value: 1694656115525_0_257
.zemanta.com/ Name: zuid
Value: a3VMpG-DQSOzva5Gsq4y
.contextweb.com/ Name: V
Value: MzWuncLK1lJc
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1muk|7dN.0.AAFQWE7KBM0AACRJppVvKw
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: ce4147272e472646
.pubmatic.com/ Name: DPSync3
Value: 1695859200%3A226_201_245_197%7C1694736000%3A248%7C1695254400%3A164
.pubmatic.com/ Name: SyncRTB3
Value: 1695945600%3A35%7C1695513600%3A63%7C1695859200%3A238_233_254_96_165_234_8_54_264_13_179_176_204_5_3_21_56_231_71_247_99_214_209_46_220_107_22%7C1695254400%3A15_223_2%7C1699833600%3A69
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_9vEyGtoZmliZmpmaGhqaWIEAOvYW0wQAAAA
.rlcdn.com/ Name: pxrc
Value: CPLMiagGEgUI6AcQABIFCOhHEAASBgi46wEQAQ==
.id5-sync.com/ Name: 3pi
Value:
.id5-sync.com/ Name: id5
Value: 78063c6c-e337-778b-9eaa-19d3be804ceb#1694656115990#1
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-2018245966358085774
.rlcdn.com/ Name: rlas3
Value: OYh4SWeAtILmKfymFJCdGFysUmkumeqteDpcRkTAEf4=
.fwmrm.net/ Name: _uid
Value: umw8f0c_7279619612244917751
.smartadserver.com/ Name: csync
Value: 127:AAFQWE7KBM0AACRJppVvKw
.amazon-adsystem.com/ Name: ad-id
Value: A3GF2l_dMU0xkG2nkVDQ37I
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-733db2ff-9718-4cc6-97df-a1f9e154259a-004%22%2C%22nxtrdr%22%3Afalse%7D
.rubiconproject.com/ Name: audit
Value: 1|rYtVXje9IQGjvyK6ZA41ZlgQwHh8SgYvQ6IsQRsjOyH6DZ3dTM5nwSQ59CrFbagJ3XpAfY/AH+xCqQ3+tQhlLHMDvubSxZCGXj6Gz0cmwXEd2ipNqlQm5ojjpYvBSJ78SbePZj6z0VDhpAC0fAcW+tHzXFmW1BbuaSTLB2UPG/uxZ2yO25km26A8GHEZIF+p
.intentiq.com/ Name: IQPubmaticCookieSync
Value: 1694656116539_1630651656_257
match.sharethrough.com/ Name: AWSALBCORS
Value: +qkD3ZqSGuxU84NMnK6tE0SkqG0fc6d7mJQoRd0BedKezsh7XpbyOmwSp7LfNmXtam6tyzwghsKNtPBjBrX73AC/8/kBkOsJlGPqd4WkWfAkOAkG/L2lwyGFMJy6
.adsrvr.org/ Name: TDCPM
Value: CAESFgoHc3Z4OXQ1MBILCPDr1rjXs5o8EAUSFwoIcHVibWF0aWMSCwia2fjE17OaPBAFEhQKBXRhcGFkEgsI6Jvyx9ezmjwQBRIVCgZjYXNhbGUSCwjIhb7L17OaPBAFEhsKDHNoYXJldGhyb3VnaBILCJT3x8_Xs5o8EAUSFgoHcnViaWNvbhILCLzjj9DXs5o8EAUYASABKAIyCwi2_byW7rOaPBAFOAFaCXN0aWNreWFkc2AC
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17105-RX-733db2ff-9718-4cc6-97df-a1f9e154259a-004&KRTB&17107-RX-733db2ff-9718-4cc6-97df-a1f9e154259a-004
.pubmatic.com/ Name: PugT
Value: 1694656116
.intentiq.com/ Name: IQOpenxPrimisCookieSync
Value: 1694656116843_216113764_257
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 3
.ads.pubmatic.com/ Name: pubsyncexp
Value: 1694677717249
.yieldmo.com/ Name: yieldmo_id
Value: 3RiEKkZCCAZthjlkRpSu%7C1694649600000%7C0
.intentiq.com/ Name: IQYieldmoCookieSync
Value: 1694656117481_-1750252547_257
.intentiq.com/ Name: IQSmartAdServerCookieSync
Value: 1694656117791_0_257
.intentiq.com/ Name: IQTripleLiftCookieSync
Value: 1694656117791_1223715502_257
.intentiq.com/ Name: IQPData
Value: 1120628899#1694656117789#0#1694656110548
.intentiq.com/ Name: CSDT
Value: UEQ6MTUwNzJfMCZUcG5BS3ZOIzE1MTA2XzAmVHBuQU1UeiMxNTA0NF8wJlRwbkFNb0IjMTUwNDhfMCZUcG5BTWpCIzEwMTM5XzAmVHBuQU1EZCMxNTExNV8wJlRwbkFNWXQ
s2s.t13.io/ Name: uids
Value: eyJ1aWRzIjp7fSwidGVtcFVJRHMiOnsiYWRueHMiOnsidWlkIjoiNDM3OTg3MTI5OTA3NzMwNzc0MCIsImV4cGlyZXMiOiIyMDIzLTA5LTI4VDAxOjQ4OjM1LjMxNTkzMjM2M1oifSwicXVhbnRjYXN0ZnN4Ijp7InVpZCI6IkRCbzZEUXdaUEZrWEdqZ01DVTBuRHdrV093c1hIVDBOWEJrRXJoOTMiLCJleHBpcmVzIjoiMjAyMy0wOS0yOFQwMTo0ODozNC45NjE4NTA5NTdaIn0sInB1Ym1hdGljIjp7InVpZCI6IkIxMTVFMDA4LUUxMzEtNDJENi1CRkFDLTJFNDlBQzVFMjhBMyIsImV4cGlyZXMiOiIyMDIzLTA5LTI4VDAxOjQ4OjM3Ljk0ODE3OTI0WiJ9LCJ0cmlwbGVsaWZ0Ijp7InVpZCI6IjQ1MDQ5OTYzMjkwMjM3NTk4Nzc3NzMiLCJleHBpcmVzIjoiMjAyMy0wOS0yOFQwMTo0ODozMi4wNzk5MzQ4MjJaIn0sInJ1Ymljb24iOnsidWlkIjoiTE1JSUhTMVYtUC01TFRZIiwiZXhwaXJlcyI6IjIwMjMtMDktMjhUMDE6NDg6MzEuMzEzODQyOTZaIn0sInNvdnJuIjp7InVpZCI6IkhVVHNSVFpIelJUWmRrdmZTZHVTZlJNViIsImV4cGlyZXMiOiIyMDIzLTA5LTI4VDAxOjQ4OjMzLjM5MzgyNjQ2MloifSwiaXgiOnsidWlkIjoiWlFKbWNLNllhSWM5Q3VQZEM1Tm0xd0FBJjQ2ODkiLCJleHBpcmVzIjoiMjAyMy0wOS0yOFQwMTo0ODozMy43NDkzMjg4MTdaIn19fQ==
.pubmatic.com/ Name: SPugT
Value: 1694656118
.media.net/ Name: data-pba
Value: B115E008-E131-42D6-BFAC-2E49AC5E28A3~~8
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: pbw
Value: %24b%3d16999%3b%24o%3d11100

4 Console Messages

Source Level URL
Text
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 487)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network error URL: https://cs.nex8.net/cs/openx
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
javascript error URL: https://www.turtlediary.com/
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=34' from origin 'https://www.turtlediary.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=34
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options allow-from SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

68ca8c2a102ef1d6de02a8e3e0ebc52d.safeframe.googlesyndication.com
a.pub.network
a.sportradarserving.com
a.tribalfusion.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad-delivery.net
ad.doubleclick.net
ad.turn.com
ads.playground.xyz
ads.pubmatic.com
ads.stickyadstv.com
ads.yieldmo.com
ajax.googleapis.com
aorta.clickagy.com
ap.lijit.com
api.btloader.com
api.floors.dev
api.intentiq.com
api.rlcdn.com
b1sync.zemanta.com
bcp.crwdcntrl.net
bh.contextweb.com
bk.r-ad.ne.jp
btloader.com
btlr.sharethrough.com
c.amazon-adsystem.com
c.bing.com
c.pub.network
c1.adform.net
c21lg-d.media.net
cdn.confiant-integrations.net
cdn.hadronid.net
cdn.id5-sync.com
cdn.indexww.com
cdn.jsdelivr.net
cdn.turtlediary.com
cdnjs.cloudflare.com
ce.lijit.com
cm-supply-web.gammaplatform.com
cm.adform.net
cm.adgrx.com
cm.ambientdsp.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
contextual.media.net
core.iprom.net
cr-p3.ladsp.com
cs.admanmedia.com
cs.chocolateplatform.com
cs.media.net
cs.nex8.net
csi.gstatic.com
csync.loopme.me
d.adroll.com
d.pub.network
data.adsrvr.org
dis.criteo.com
dpm.demdex.net
dps.jp.cinarra.com
dsum-sec.casalemedia.com
eb2.3lift.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
eu-u.openx.net
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
freestar-d.openx.net
freestar-io.videoplayerhub.com
fronttoad.com
gdn.socdm.com
gocm.c.appier.net
google-bidout-d.openx.net
gum.criteo.com
hbopenbid.pubmatic.com
hbx.media.net
htlb.casalemedia.com
i.w55c.net
ib.adnxs.com
id.hadron.ad.gt
id.rlcdn.com
id5-sync.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
invstatic101.creativecdn.com
ipac.ctnsnet.com
jp-u.openx.net
js-sec.indexww.com
lb.eu-1-id5-sync.com
live.primis.tech
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
mb9eo.publishers.tremorhub.com
media.turtlediary.com
medianet-match.dotomi.com
nodejs.turtlediary.com
oa.openxcdn.net
oajs.openx.net
odr.mookie1.com
optimise.net
p.rfihub.com
pagead2.googlesyndication.com
pippio.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid.media.net
protected-by.clarium.io
pubmatic-match.dotomi.com
px.ads.linkedin.com
rtb-csync.smartadserver.com
rtb.mfadsrvr.com
rtb.openx.net
rtb.primis.tech
rules.quantcount.com
s.ad.smaato.net
s.amazon-adsystem.com
s.company-target.com
s.tribalfusion.com
s0.2mdn.net
s2s.t13.io
sb.scorecardresearch.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssbsync-global.smartadserver.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.adsafeprotected.com
static.criteo.net
sync-dsp.ad-m.asia
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.dsp.reemo-ad.jp
sync.go.sonobi.com
sync.intentiq.com
sync.ipredictive.com
sync.smartadserver.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync1.intentiq.com
t.adx.opera.com
tags.crwdcntrl.net
tags.rd.linksynergy.com
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
trace.mediago.io
turtlediary.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
video.primis.tech
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.turtlediary.com
x.bidswitch.net
y.one.impact-ad.jp
ads.stickyadstv.com
api.rlcdn.com
cs.nex8.net
ib.adnxs.com
pr-bh.ybp.yahoo.com
video.primis.tech
103.229.10.171
103.43.90.178
104.17.24.14
104.18.20.206
104.18.24.173
104.18.38.76
104.18.39.155
104.22.4.69
104.22.52.86
104.22.53.173
104.26.7.139
104.26.9.50
104.74.49.161
107.178.254.65
108.138.246.94
119.9.108.180
124.146.215.3
13.107.21.200
13.107.42.14
13.228.126.19
13.236.213.182
13.250.68.118
13.251.250.53
13.35.147.107
13.35.147.111
13.35.147.15
13.35.147.63
13.35.147.69
13.35.147.78
13.35.147.81
13.35.147.91
13.35.151.131
130.211.23.194
142.250.204.3
142.250.204.4
142.250.204.6
142.250.204.8
142.250.66.202
142.250.66.226
142.250.67.10
142.250.76.110
142.250.76.98
142.251.221.65
142.251.221.66
142.251.221.78
150.95.47.242
151.101.193.229
151.101.66.49
159.203.145.121
162.19.138.116
162.19.138.83
172.104.45.159
172.217.167.106
172.217.167.66
172.217.167.67
172.217.167.78
172.217.167.98
172.64.144.166
172.67.69.19
18.138.18.111
18.139.97.117
18.140.226.150
18.158.226.17
18.177.11.95
18.244.214.125
18.67.111.113
18.67.111.81
182.161.73.129
182.161.73.136
182.161.73.146
185.84.60.30
195.5.165.20
198.8.71.131
202.241.208.55
207.65.33.76
207.65.33.82
209.191.163.152
209.54.182.161
216.239.32.3
220.150.223.50
23.106.127.38
23.106.127.53
23.202.168.221
23.204.64.24
23.204.65.234
23.215.59.10
23.215.59.229
23.55.38.48
23.77.149.36
3.1.14.27
3.210.100.196
34.102.146.192
34.102.253.54
34.107.140.113
34.107.148.139
34.111.113.62
34.111.152.239
34.111.79.67
34.120.107.143
34.124.209.251
34.160.128.112
34.160.152.31
34.160.63.134
34.96.105.8
34.96.70.87
34.96.71.22
34.98.64.218
34.98.67.3
35.169.88.118
35.186.154.107
35.186.193.173
35.190.60.146
35.208.249.213
35.213.109.249
35.213.12.39
35.213.93.179
35.214.162.241
35.227.252.103
35.244.159.8
35.71.131.137
35.75.96.169
37.157.6.233
38.91.45.7
44.205.53.163
44.239.127.146
50.116.239.135
52.223.2.229
52.73.197.123
52.77.12.17
52.84.251.19
54.158.55.205
54.169.195.178
54.179.248.176
54.219.222.185
54.248.182.252
54.251.110.142
64.202.112.255
67.199.150.81
67.199.150.85
67.199.150.87
67.220.224.144
69.16.175.10
69.173.151.100
69.173.158.64
69.175.41.2
72.34.250.75
74.118.186.107
74.214.196.131
80.77.87.166
82.145.213.8
89.207.22.73
98.98.134.241
03f4f7b7ed6579d6324a0dde91832ee92e593b11a4855be555682a65028ec0c8
04b9870d74f6bea5223495ef7969776b115b80ca40ed50203ad3bb41778353c4
068b1844a7bf0f2db5f33f3ac2e20980733ae1d3feae0c6c0637cb68f0d0b10d
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07c2a40c21c0ac4b10a96717691010f162edb9fd941b16c2bd310b5086a11c87
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c0d9eaa19e916706042c05e57dd0a59b959a94e2ea59705d30c63ed292adbb6
0d16cfa1e268735fa201c27d03314ddbcd003f3164214fa04462eb19222eed5c
0dcac7cabd17a67b5d09d54d506c6ed734516248e9e8552d194b1a5cf16b7722
0ec00f82fb3d89a55435495410f56fa72c320a9948ad156f6118e0fe0901d5f1
108e7c09a9d190083c217592e2059a6278e7f23d92f2190be2daa0b9c80440a9
165eda9f4a7864be05146423f7a3e79bc38c5f5b09aa1c267aac96a28c1b025f
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d16d42e33c80a00df5f4c6a514edbfaa985a2cdf0d33b4f76f90a6625b773b7
1d4ee19b918d965bcd79df0e57ea9b99e928e0302a09e534a587975126f2f920
1d5c3445a40c989c6f847debe346695ab7397d4948e18ebb0e7c10ba601add42
1dbc5532d0ce7fc49b6dcec4f680d320409e517808057cd2929708ef6d828a4c
20c921c4ec3c7ff80a71a1f8260ffe33e8f6f86975435a2bc76e88da02dc7d48
238a96f2f9326bcbe2f36f42ff6ad4257169338f3cc8650ef865e3864c68a4a7
25359cb3d49c2e00cb2e97f95643ee30748d54c33daa11c9c6fb0d2b519dfffa
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
272fc2579bb523efb6094a51fee8f7aa080c2abcc8a2c5bd69dbc5af042f4d91
28d89c66242d96982c837c3103367c72ffcf1a67bfcbe362947042b13bb3ee18
2970e13f9d1d74db610f1694d6d35b043a188d8eb175d59e8c262c703d72d74b
2af1f43affd0d03a1d843d9d3c9b4ec30086773ffc449132e2f3a54cd71cd5dc
2c2c3ae737c0235ab828a5a4789a6fa5f9bd10ce23cc4a367835c3ee64d27964
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30050c30d6c7ef375e54fdf197a5cb3dbaf39e371e7d34440a1b4c35821c3a8d
3160359428c814be0c907df60d8cf5fc0d211bf9e1708bc0e6a7606d87ef98fc
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
334416c325a77993e33c282928a7f6b05d28c54ed5aaebfc9fd1614008c81ab7
33c1ab6a01b4049878497c2874d8cbb72e14ee7cf14fafec3c09b45f9874b67e
3501b862c03ab2ac2110fcfff885ad42a47e4aef871f158665ecf63077dde6b4
35870d40b901cf06a65551276fbee09a664747dbebda85739f8e28634156d67e
35981b6766cb407cfcff7271ceff3057e9ad15da9a56bf9cac2dfe5bb9f5cf47
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
3988cd2abb8e7c863fa05d202933cb13ed0fbf32efbf30188312375cb85e930f
3a954b3dce1d563d10ef0f4cad8c524fce61408ad19b91ef032a06ca578f2f38
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3b325dc4cc400ce5817dd28c5bfaabdce34e9e637f8a25840665055ead80d727
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3df6b36b3d9ec91ec8ee170906cc6ef2f2247be1d1e715880ee5477dd38c4e37
3ea86d646ba9ab552be0deabdf0f21933b55f65c33ae86319b29b838265774cf
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4022cb9ff13180686b7258efb389a65689f6a8b566f5705b3631db660a4e5d49
407a567abfabf78843c1dfe24457bb650325d8f93e9396a00ce686172756244f
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
42c1f6a66ff3442adb9b6d0a97b9e66bec0c8c7fc5f1c95345c73430dbc35d7c
4499848af51ecf53efa3a1b0c1bf24194e68cf19732431c65c7be63691b80a7a
459affcb629a474f69a019666578ab4bc82b658550fd42c3f49559b40cdc71d0
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4746ac75838ac38710b85ab982f224dd90fc8fb3d6fabbf7a609947f0f2e98c1
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48c76c91f2d42a1668fee310da41b7c1f0d97d7ab0fa55fcf794e2cd3e412242
49004b108bd03b0e301d3a086032488071ff70ac7e1adad8beee1844f3b144dc
4b081453cc5e5c47598d28d440b823956babdccd5f32c1e9769b99a7446c4818
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bb3c40a43446eab98cb29c3b7981dee8aa8be1be445fdcbf2e50067e39e6875
4bc37a93169100d33ae5f49c8735dc378e4d806fefccdce5a28bf4bbb8d39271
4c1c47df19d54a62d50b37f0a24217bff9f19ed6736271695dda2067b90810dd
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
5070a11b8cbb773a59de3f158f5e12870b5ed340df267de9ad7d2c8553005ce1
51e3c235fcebabd0af9a5437cd1e19d4b8241f262e6a86653943884b940600f1
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56962bc48f2acb175c71b59298782cc1e841afb9f725986955105139e52078e9
5871778f6ee047af0d2aa445d97b568e374fab1f88da69e5f1041939f3474fc4
5ce601e7b4578b3d9889b9f789f0b30ac12eeebb7fc209f5ee61c2a272e89950
5f20338b9aab2f5f33562eb3b0b23d999896ce426cacd2231b4123510571df4e
6018a7484ad37a4bf1ba98dbeaf8a740d68f07387c284888a31e908a76eac97e
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
6051116f5e1fb35ae51ec235a9b7f0995fd3de107a2cd788f987154ff976d992
6145872560198a8b8d96a8783767356ee566ab5f41287c48df9e6fdc228d5f96
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
68614335ed3e1bf3910d0f09f17913d6843fc32c16997ca4afc9e5ccf943e732
68fb114544676a7ff3da526d1c5944d17659f972759f4d6712dc03989ca078a0
6935aeb7ce0d9da986f062094e9d6fe081cd13f29517c42bd770b72e551895b9
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
6afccb36cc72c062ca509621e44c2e4aff0a7ea12d6f511e1fe5f80c57d5bb8d
6bec516b9c50ed4b3818f8646e8bbf8650fe630c93acd1fc0309adc763ba7b0c
6ee69abe38a87fd8aa0867401e1e14d2831eab6dfb1bb2d97abf65ac57cb5705
75182b15e3248b4a6b9f3abc5ee394b41168dbc0af4b01a21bb3ad8b9ab5fac8
77456548aec3d4af11d3d001295d61090291b8703febf0cd28e185fc79d368a5
778599c0c8c1d5e2f5f9f4776c0a15f08eb09b0a3a7617f1ae9c4b05c8109b03
781a26644f200441299dd3f071392c63fcf15cab6a77f699936866a2b9d6c883
788c13994d09fd809cb431d4a0a2aaba6dd88c9b2ba4c0c9e03345362d9633ec
78b01f529f300435bb357b3739d7cfcff5bb7b9fde2fe1ef5938f20b6fd5af0f
78f843d3abb760189d189f74b3f80bb0ca13e40ede8caad1c05c321ffeb78cf4
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7a91097461d32cfdd134c7c3c7aa383a8829cca521b7512313c71f88878f5df9
7aefa7a735322bc937d004ffb976c57e6f187d12547bdd5b755251412393c075
7b08eca7e48d4cdb0c939b874869d7e2f404de6328519c758e70301cffb01afd
7b48a74fa0f94d83ae6d60c772f5e7aa66e7be1b63ccf223ca14e34d3d7b0d22
7c1b0b0523c8cd715c6a906f13a121cd27392d8e61d58c38c7ceb32ec22e59f4
7e9345415dd966c499781f45ed9b8c168c8c1741ff90315a38f2bad8872c7757
81210e7ce6c6033375740aea23a5844dec8a611027f6bb3b7c44d1fdebe3a4ec
81a161d5793ac2a33f02ddcd64fb0dc2d028616dac084e4f64e77f4898b0c4e4
81b49f37a78cff7332e69104bdbe2080c1f3e09c92f976e3647579a56de2cd65
8253b841bc844880d8b7fc6b97239533f417825647b32407c6ca981c76209281
82b1ac7bac4f54d30e2a421e5bc0a1e9fc338eb18acb299f0edd64462daf9cf7
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
854f21cc9058c898026e43ba7b91f0ea9f264c30acaedf60fc66e2eb663928b4
8614d7716650389dda7fb5290faffbc1417c4dc0041f25be95cc5d026cfea041
87a92e159459b46d503d7ca9301e076e886bf1eb91abaae349f8b6a69deb2571
8a2e2fb6f3fb55c6e082d8761acce94483842596ef9cbcf2792290ed07e9a314
8c51666dc597f3c00d8b96c9cdcea12f28b4add101103868b0df81fbaa0b069f
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
8f9d88352b286107f60c320c4c088f718c2a3a273818cd61901edb7f235a9339
910e2469719b5d877c634a3d565923cf0570c74884545a4bd0fe9638dc9fe6e3
92033b58253abb0529325a307ee85442a1fdea546a274288480595391784a510
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
94250919b0ff8ec072aa2503949b2aa0d54064c771413d59f9e688f4edff260d
9549464c81c62539461fbc361c424381943ea981d34d27c829eafcdf67619c42
980c96107d8f974d249b98757877f4a51db8cf7172903fe99aba4b5466631ee1
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c5eab6657a64c3738f572154f23d884c4d15da744a4eea7f6cc0d4a942d2bd9
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
9df5c584975a78539a85a05a4e935c330e5d024c67f8de13e4b9cd77a96e97ca
9e699231374f8b09fc6dd7d7b81d56f6efdcfe18f2474c9fd727d7ce58e9ce63
9ea746bcaeb49d78462db0b0740de88e2f00bf5f492e14e65a5e811b45ee0220
9fe07595dfd1a91fafb82a3bfd925e6e11b58ed7f3c9c31e8309a2ad2cb78ae1
9fe481341c930df1c801975b234c48b8d1b3a8b5dc11252db5a39964fc697d35
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a20010b26bce05ea3cfc83cf3a162b7c16b5d2fa2bcf2253b0394b0eb322347a
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a5ee1ee672866c689ca31e8c8ed157d602f67f0e25125cadebff402152a5f0e4
a66769f27a6b02b1c7be723a3c9463b4eaf780813e94c8f3d811a29623a9a191
a6fc3340f6c2490e48fbe816430f947c40ccf5c7566d8e2b7fd92e5bf76181df
a7b5f5f96f81dea4efc53e1d4dae8b37c28bec27a45b42ccf604ee759e20caec
a7e8ed2d7bbdbcaeeee81c3433f057d64a32c000112bbd09b5969fc658d0a655
abb60e7cf9f019236835676934158d2c4ab822b64e56b9afa627bde68c0e4a5b
ac8f8f89c06657fda770c6c28d203f7dfbe53cf471624efe79eb56309d77d5f8
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ad04b953634240561519d9c18287ae82f10b4200ec156808234e7fc64cbe7a82
ad6e2d53f24ebad6e0d6be3058074a91caef2453cceba2b27e4774e1c88e3afe
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3e57eb372e8b405c816875571e184854b2846261c7477c6c9bdb7782faa1a30
b52483c3e5c1dc154cba8f212f8606ee669b89dfe02d4e9ec4b15f49ed1117b0
b86a66f50a52eacf8ebea7e083790e4b094d740c7abd4ee07f53e139a6ff5e71
bad4155111cfa8d146fe8dcdcf3935651d730dfd8fc67550c14f8ae8fe41bb69
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd04b5e88253c3d056f26555cb388702d9d8702ad3a2aa2c5ce1f67177c75bf4
bd351964a6d11d6d1080c25b6d081821d598622929758e010a337bc04710a5aa
bf49e27fc683ba28a41f55094272531e6b8375d5c37e90392a671f5c551a2888
bfff50bcb36b80b74e247520c693eb6fb98acf98846ec881bee58f40621bad04
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c35b1d80823a1846d97432b9476c4d721d33a8c542a67e220e39fc282b5ee053
c4f393315ffc75417c9c350e709bbcca2d2e9d5640fa0925b32088ff1ed6c84f
c561d7fffec8bd07961d6d60c7be2d27f6898d162b603329254f6dcef7394d53
c67be7da68ad9c66ef9f08c0e0f9085a121de194128e09e44cf8f3f0a652749f
c746ca687b3e79023240e45eb684f036fd9a1312b454758a6018b3ece635dafb
c7f1618546c551ed350b3f5c066681e91bd17ce9f2eaf1c539f2a65cb3e1966d
c8317e0c667c3d757c3d64a463940346ef67da96cb8b2dd2269ccaa5cd7f87ae
c87b7f745cfb4a994801488584e6e0e78d6c4f0ad567e985a781fc0b86074724
c8b85ec9741f37ecedb6bc555e6db7eb567fef3b0751210706448a5c82cb0079
c8ca051f24c9b771310374d1c018407fe47f58a95ab8f9a0aa5251bbb9f6ad32
c9ce932a23de6195c13355d37d42ed655a4a8ad66a66c1754e442577c1d7e407
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
caaccf1f675a43bfcd899e0530dc1d60bab848db13170024b741abf316d02c73
ccebb3668d65d3268223556ecdbe14e98305dd0abeffe6308c75e7fb21188fc5
ce3f4ee281fb9fe1df78f9fffddfe8eb4b4b726dafe7a84e07d7b70d81e74dd5
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d037ba3209044db2ccff64a55106d5e69f4f0e4b78429fcdf1ca12936edb519e
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0e55d571fce34dc1c0b24e1b31ef195aa462f05a3e5e1248d65816670b93e14
d2531c060499a31d29528942642ecaf731ca7d26f8c2ffe3b9aba20f79a51419
d3eee9c3a0af8e05fc738d3afa3c9dcfc168a799ff84fa35550aa482f1f7cb02
d45b9c6e91a5cd516be16f868c707a2620053dd93953de6e8c8268d4d8bd6589
d46c8f64c6f76d6fb18d86fd5032acd2027edb8ec7916fa83756d362b96bef7a
d50af2078e05e46a9d1bb0fdf46f79e92d28e5d63d6671c4a544d6689435be91
d6c0ab80059e719ab7d9bfb42c59b36704722a203cccf96d00c928a05d617b72
d90575d5c19e002a7c3ea1fdc7c5b9a07061240792561f19da24cf2d97e41619
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
dafd09984f188596cad6344874151862ff0d88ac16ebba72f1e88530cd5b8a3e
dcbb76a8cb268e3ed25b14f8d4a9b8e906f20da34d903111c2d77fc2c34d83cc
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dfb95277447e40b12c0841ece47ecc7b56e0e596e2ba986c31fb09db7d76c844
e2e1ad18cce5424b905ba2f78b3970a9f26ce651ac6c03b99d706e639d392b06
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e62a00258a2118faad7754b5c5c19174124e4b2ec83a330bd5f9515c19529b94
e7f6c011776e8db7cd330b54174fd76f7d0216b612387a5ffcfb81e6f0919683
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
e9d04747af2c344dc6d80edcd75d6cb7a1cf27951a00bc2bd6620a5ea34c5d78
ea72b22aea78594989668caae3743b8fe58f564d8fe8dec4b3d9e504f9f86ef4
eaa593bcfe485f4b5a8ac997cf9936604f9fbef91652db94a8e22b75d612bfc1
eb182180c8dc9a9f4b4b7f1638584ff9b7bd7de5cb15251a6179b79281241bb7
ec06a4cad7d5e6320186d0a86a79ec0385e8b745a6fc4bde481bebf3e034979e
eca003642178c47d53f4b1c5ae15b453eb75bf875f40d4505f790760345dc3d0
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
ecc20ed3c5dedbe5bbe73d1e7b14270c65a85f7d0ec4c94c4f0c9f0071e471a2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f40a964762f9dda40267c948eb46f52a0932a9629b57abb0801841af15e0bb35
f458200d8fd2c5da54be615e32a663c99cb7a007fe887cfe9c9c405c3ea31c13
f4a9c7e802b59da407d928f885788fca893d1e025169c9c2e32806143c23fdc0
f65520c20c71f3e0eaddd42e5ed97814fb1585fffbef10667f17085d4a910fee
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f97529cc41eadff328eb928678cfe853a82d1834bf34cede59315577d11663d5
fa1f876cb70f7a711191b9dab191d9cc1c037ae4f5f5ea032dfe742f51c07f65
fc76ad27ec124c4daa115980a9bea11d31252e3f7a580b455e5578f90a2ef98d
fdf89d1a74034d42ce15ca995a045aa9a3dac6a12209cba90445d6a0ca2368d5
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995