urlscan.io logo urlscan.io
SecurityTrails logo

www.turtlediary.com Open in urlscan Pro
18.67.93.62  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.turtlediary.com/
Effective URL: https://www.turtlediary.com/
Submission: On November 23 via manual from AU — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 109 IPs in 13 countries across 108 domains to perform 463 HTTP transactions. The main IP is 18.67.93.62, located in United States and belongs to AMAZON-02, US. The main domain is www.turtlediary.com. The Cisco Umbrella rank of the primary domain is 165634.
TLS certificate: Issued by Amazon RSA 2048 M03 on October 24th 2023. Valid for: a year.
This is the only time www.turtlediary.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 18.67.93.24 16509 (AMAZON-02)
14 18.67.93.62 16509 (AMAZON-02)
3 142.251.221.74 15169 (GOOGLE)
1 142.250.66.232 15169 (GOOGLE)
33 18.67.93.16 16509 (AMAZON-02)
3 104.17.24.14 13335 (CLOUDFLAR...)
6 52.70.198.148 14618 (AMAZON-AES)
1 151.101.66.137 54113 (FASTLY)
7 104.18.20.206 13335 (CLOUDFLAR...)
5 142.250.76.110 15169 (GOOGLE)
2 142.251.221.67 15169 (GOOGLE)
13 34.160.152.31 396982 (GOOGLE-CL...)
3 34.160.63.134 396982 (GOOGLE-CL...)
1 3 18.67.93.14 16509 (AMAZON-02)
4 34.111.152.239 396982 (GOOGLE-CL...)
6 142.251.221.66 15169 (GOOGLE)
1 1 104.26.8.50 13335 (CLOUDFLAR...)
1 104.22.74.216 13335 (CLOUDFLAR...)
1 99.84.203.31 16509 (AMAZON-02)
1 172.67.36.110 13335 (CLOUDFLAR...)
2 13.224.181.84 16509 (AMAZON-02)
1 19 18.67.93.44 16509 (AMAZON-02)
3 130.211.23.194 396982 (GOOGLE-CL...)
2 104.26.3.70 13335 (CLOUDFLAR...)
1 142.250.66.198 15169 (GOOGLE)
2 182.161.73.136 55569 (CRITEO-AS...)
16 30 52.84.251.4 16509 (AMAZON-02)
3 6 103.229.10.180 16509 (AMAZON-02)
11 172.67.23.234 13335 (CLOUDFLAR...)
12 14 15.197.193.217 16509 (AMAZON-02)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 18.67.111.37 16509 (AMAZON-02)
1 34.96.70.87 396982 (GOOGLE-CL...)
1 151.101.129.229 54113 (FASTLY)
1 172.67.38.106 13335 (CLOUDFLAR...)
1 2 34.120.107.143 396982 (GOOGLE-CL...)
2 4 18.140.225.254 16509 (AMAZON-02)
14 52.77.152.198 16509 (AMAZON-02)
8 34.107.140.113 396982 (GOOGLE-CL...)
3 34.120.63.153 396982 (GOOGLE-CL...)
3 35.213.7.59 15169 (GOOGLE)
7 3.0.243.35 16509 (AMAZON-02)
7 15 103.43.90.178 29990 (ASN-APPNEX)
1 5 35.227.252.103 15169 (GOOGLE)
3 52.76.40.2 16509 (AMAZON-02)
8 18.177.11.1 16509 (AMAZON-02)
5 30 209.191.163.208 32475 (SINGLEHOP...)
13 52.77.24.115 16509 (AMAZON-02)
1 15 34.98.64.218 396982 (GOOGLE-CL...)
3 141.95.98.64 16276 (OVH)
1 1 124.146.153.160 2514 (INFOSPHER...)
2 2 13.224.181.100 16509 (AMAZON-02)
18 25 142.250.204.2 15169 (GOOGLE)
1 13.224.181.49 16509 (AMAZON-02)
1 142.250.204.1 15169 (GOOGLE)
1 9 104.22.5.69 13335 (CLOUDFLAR...)
2 8 207.65.33.82 62713 (AS-PUBMATIC)
16 22 69.173.158.64 26667 (RUBICONPR...)
6 8 34.111.113.62 396982 (GOOGLE-CL...)
3 17 172.64.151.101 13335 (CLOUDFLAR...)
1 2 23.106.127.169 59253 (LEASEWEB-...)
1 1 72.34.250.75 27630 (AS-XFERNET)
2 18.67.92.138 16509 (AMAZON-02)
6 23.215.59.10 16625 (AKAMAI-AS)
8 18.65.3.9 16509 (AMAZON-02)
5 11 35.213.12.39 15169 (GOOGLE)
3 3 35.214.243.89 15169 (GOOGLE)
3 15 35.71.178.8 16509 (AMAZON-02)
4 6 18.143.106.89 16509 (AMAZON-02)
2 2 44.220.1.83 14618 (AMAZON-AES)
1 1 23.221.21.71 16625 (AKAMAI-AS)
1 1 23.55.38.48 20940 (AKAMAI-ASN1)
1 1 80.77.87.166 46636 (NATCOWEB)
1 1 23.106.127.39 59253 (LEASEWEB-...)
1 37.157.2.230 198622 (ADFORM)
1 6 54.254.195.29 16509 (AMAZON-02)
15 15 74.118.186.107 6336 (TURN-US-ASN)
4 4 50.116.239.135 6336 (TURN-US-ASN)
3 207.65.33.83 62713 (AS-PUBMATIC)
1 69.173.158.92 26667 (RUBICONPR...)
2 67.199.150.87 62713 (AS-PUBMATIC)
1 12 67.199.150.86 3257 (GTT-BACKB...)
2 2 35.213.93.179 15169 (GOOGLE)
3 4 50.31.142.191 22075 (AS-OUTBRAIN)
3 4 151.101.66.49 54113 (FASTLY)
1 1 18.138.18.111 16509 (AMAZON-02)
4 6 54.221.54.135 14618 (AMAZON-AES)
2 182.161.73.146 55569 (CRITEO-AS...)
1 2 35.186.193.173 15169 (GOOGLE)
2 2 82.145.213.8 39832 (NO-OPERA)
1 1 172.104.45.159 63949 (AKAMAI-LI...)
2 2 52.74.118.249 16509 (AMAZON-02)
1 220.150.223.50 4686 (BEKKOAME ...)
2 52.196.135.209 16509 (AMAZON-02)
1 2 104.18.24.173 13335 (CLOUDFLAR...)
1 169.197.150.8 398989 (DEEPINTENT)
1 195.5.165.20 44968 (IPROM-AS)
1 2 119.9.108.191 45187 (RACKSPACE...)
3 4 34.124.209.251 396982 (GOOGLE-CL...)
4 7 13.229.188.244 16509 (AMAZON-02)
2 5 207.65.33.76 62713 (AS-PUBMATIC)
3 4 185.84.60.23 198622 (ADFORM)
6 6 89.207.22.108 41041 (VCLK-EU-SE)
2 8 52.46.155.104 16509 (AMAZON-02)
1 52.77.160.240 16509 (AMAZON-02)
1 23.77.149.36 16625 (AKAMAI-AS)
1 1 13.35.147.91 16509 (AMAZON-02)
1 64.38.119.44 19151 (BBO-1)
2 13.107.42.14 8068 (MICROSOFT...)
2 2 207.65.33.79 62713 (AS-PUBMATIC)
2 3.1.170.125 16509 (AMAZON-02)
1 2 34.96.105.8 396982 (GOOGLE-CL...)
1 1 18.176.234.133 16509 (AMAZON-02)
1 1 52.4.98.207 14618 (AMAZON-AES)
1 204.79.197.200 8068 (MICROSOFT...)
6 6 52.69.158.44 16509 (AMAZON-02)
4 4 98.98.134.243 21859 (ZEN-ECN)
2 142.250.66.202 15169 (GOOGLE)
5 5 13.215.29.241 16509 (AMAZON-02)
1 1 198.8.71.131 54312 (ROCKETFUEL)
2 4 35.244.154.8 15169 (GOOGLE)
2 2 107.178.254.65 396982 (GOOGLE-CL...)
1 1 34.98.67.3 396982 (GOOGLE-CL...)
1 1 8.43.72.98 26667 (RUBICONPR...)
2 142.250.76.102 15169 (GOOGLE)
2 2 3.122.66.171 16509 (AMAZON-02)
1 1 74.214.196.131 19189 (PULSEPOINT)
1 1 8.2.110.134 46636 (NATCOWEB)
1 13.228.253.17 16509 (AMAZON-02)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
1 1 52.9.84.22 16509 (AMAZON-02)
1 1 213.19.162.90 ()
1 1 52.76.234.12 16509 (AMAZON-02)
1 142.250.66.226 15169 (GOOGLE)
2 104.68.31.231 16625 (AKAMAI-AS)
2 104.18.38.76 13335 (CLOUDFLAR...)
1 23.106.127.165 59253 (LEASEWEB-...)
2 2 52.205.132.212 14618 (AMAZON-AES)
1 3.227.26.135 ()
1 2 3.105.199.38 16509 (AMAZON-02)
1 52.94.220.185 16509 (AMAZON-02)
1 2 104.18.41.104 13335 (CLOUDFLAR...)
1 23.206.242.194 ()
1 54.238.236.6 16509 (AMAZON-02)
1 141.95.98.65 16276 (OVH)
2 108.177.112.94 15169 (GOOGLE)
1 1 143.244.220.80 14061 (DIGITALOC...)
463 109
1    18.67.93.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-93-24.syd62.r.cloudfront.net
www.turtlediary.com
14    18.67.93.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-93-62.syd62.r.cloudfront.net
www.turtlediary.com
3    142.251.221.74 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f10.1e100.net
fonts.googleapis.com
ajax.googleapis.com
1    142.250.66.232 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s15-in-f8.1e100.net
www.googletagmanager.com
33    18.67.93.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-93-16.syd62.r.cloudfront.net
cdn.turtlediary.com
media.turtlediary.com
3    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
6    52.70.198.148 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-70-198-148.compute-1.amazonaws.com
nodejs.turtlediary.com
1    151.101.66.137 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
7    104.18.20.206 (None, )

ASN13335 (CLOUDFLARENET, US)
a.pub.network
5    142.250.76.110 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s24-in-f14.1e100.net
www.google-analytics.com
2    142.251.221.67 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f3.1e100.net
fonts.gstatic.com
13    34.160.152.31 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 31.152.160.34.bc.googleusercontent.com
d.pub.network
c.pub.network
3    34.160.63.134 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 134.63.160.34.bc.googleusercontent.com
fronttoad.com
3    18.67.93.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-93-14.syd62.r.cloudfront.net
sb.scorecardresearch.com
4    34.111.152.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.152.111.34.bc.googleusercontent.com
optimise.net
6    142.251.221.66 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f2.1e100.net
securepubads.g.doubleclick.net
1    104.26.8.50 (None, )

ASN13335 (CLOUDFLARENET, US)
freestar-io.videoplayerhub.com
1    104.22.74.216 (None, )

ASN13335 (CLOUDFLARENET, US)
btloader.com
1    99.84.203.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-203-31.lax3.r.cloudfront.net
static.adsafeprotected.com
1    172.67.36.110 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.hadronid.net
2    13.224.181.84 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-181-84.syd1.r.cloudfront.net
api.intentiq.com
19    18.67.93.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-93-44.syd62.r.cloudfront.net
sync.intentiq.com
sync1.intentiq.com
3    130.211.23.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
2    104.26.3.70 (None, )

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
1    142.250.66.198 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s23-in-f6.1e100.net
ad.doubleclick.net
2    182.161.73.136 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
gum.criteo.com
30    52.84.251.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-251-4.sin5.r.cloudfront.net
live.primis.tech
rtb.primis.tech
6    103.229.10.180 (Singapore)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
11    172.67.23.234 (United States)

ASN13335 (CLOUDFLARENET, US)
id.hadron.ad.gt
a.ad.gt
pixels.ad.gt
14    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
data.adsrvr.org
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
1    18.67.111.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-111-37.syd62.r.cloudfront.net
tags.crwdcntrl.net
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
1    151.101.129.229 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    172.67.38.106 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
2    34.120.107.143 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com
oajs.openx.net
4    18.140.225.254 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-140-225-254.ap-southeast-1.compute.amazonaws.com
bcp.crwdcntrl.net
sync.crwdcntrl.net
14    52.77.152.198 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-77-152-198.ap-southeast-1.compute.amazonaws.com
c2shb.pubgw.yahoo.com
8    34.107.140.113 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 113.140.107.34.bc.googleusercontent.com
s2s.t13.io
3    34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com
prebid.media.net
3    35.213.7.59 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 59.7.213.35.bc.googleusercontent.com
grid.bidswitch.net
7    3.0.243.35 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-0-243-35.ap-southeast-1.compute.amazonaws.com
ads.yieldmo.com
15    103.43.90.178 (Singapore, Singapore)

ASN29990 (ASN-APPNEX, US)
PTR: 591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
ib.adnxs.com
secure.adnxs.com
5    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
3    52.76.40.2 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-76-40-2.ap-southeast-1.compute.amazonaws.com
tlx.3lift.com
8    18.177.11.1 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-177-11-1.ap-northeast-1.compute.amazonaws.com
g2.gumgum.com
30    209.191.163.208 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
ce.lijit.com
13    52.77.24.115 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-77-24-115.ap-southeast-1.compute.amazonaws.com
btlr.sharethrough.com
15    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
google-bidout-d.openx.net
us-u.openx.net
jp-u.openx.net
u.openx.net
freestar-d.openx.net
3    141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu
id5-sync.com
1    124.146.153.160 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
2    13.224.181.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-181-100.syd1.r.cloudfront.net
cr-p3.ladsp.com
25    142.250.204.2 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f2.1e100.net
cm.g.doubleclick.net
1    13.224.181.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-181-49.syd1.r.cloudfront.net
rules.quantcount.com
1    142.250.204.1 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f1.1e100.net
1652a92e08b530b0cf1938630f75d069.safeframe.googlesyndication.com
9    104.22.5.69 (None, )

ASN13335 (CLOUDFLARENET, US)
p.ad.gt
ids.ad.gt
8    207.65.33.82 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
22    69.173.158.64 (Singapore, Singapore)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
8    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
17    172.64.151.101 (United States)

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
htlb.casalemedia.com
dsum-sec.casalemedia.com
2    23.106.127.169 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
sync.smartadserver.com
1    72.34.250.75 (Hemet, United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
2    18.67.92.138 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-92-138.syd62.r.cloudfront.net
c.amazon-adsystem.com
6    23.215.59.10 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-215-59-10.deploy.static.akamaitechnologies.com
ads.pubmatic.com
8    18.65.3.9 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-3-9.lax50.r.cloudfront.net
video.primis.tech
11    35.213.12.39 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com
x.bidswitch.net
3    35.214.243.89 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 89.243.214.35.bc.googleusercontent.com
csync.loopme.me
15    35.71.178.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com
eb2.3lift.com
6    18.143.106.89 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-143-106-89.ap-southeast-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    44.220.1.83 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-220-1-83.compute-1.amazonaws.com
mb9eo.publishers.tremorhub.com
1    23.221.21.71 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-221-21-71.deploy.static.akamaitechnologies.com
cs.media.net
1    23.55.38.48 (Sydney, Australia)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-55-38-48.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
1    80.77.87.166 (Clifton, United States)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
1    23.106.127.39 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ssbsync-global.smartadserver.com
1    37.157.2.230 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
6    54.254.195.29 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-254-195-29.ap-southeast-1.compute.amazonaws.com
match.sharethrough.com
15    74.118.186.107 (Serangoon New Town, Singapore)

ASN6336 (TURN-US-ASN, US)
sync.1rx.io
sync.targeting.unrulymedia.com
usermatch.targeting.unrulymedia.com
4    50.116.239.135 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
3    207.65.33.83 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    69.173.158.92 (Singapore, Singapore)

ASN26667 (RUBICONPROJECT, US)
prebid-server.rubiconproject.com
2    67.199.150.87 (Singapore, Singapore)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
12    67.199.150.86 (Singapore, Singapore)

ASN3257 (GTT-BACKBONE GTT, US)
simage2.pubmatic.com
2    35.213.93.179 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 179.93.213.35.bc.googleusercontent.com
a.sportradarserving.com
4    50.31.142.191 (Hickory Hills, United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
4    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    18.138.18.111 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-138-18-111.ap-southeast-1.compute.amazonaws.com
cm.ambientdsp.com
6    54.221.54.135 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-221-54-135.compute-1.amazonaws.com
sync.srv.stackadapt.com
2    182.161.73.146 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
dis.criteo.com
2    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
2    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
1    172.104.45.159 (Singapore, Singapore)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1625-159.members.linode.com
gocm.c.appier.net
2    52.74.118.249 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-118-249.ap-southeast-1.compute.amazonaws.com
cm.adgrx.com
1    220.150.223.50 (Japan)

ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP)
PTR: 50.223.150.220.in-addr.arpa
sync-dsp.ad-m.asia
2    52.196.135.209 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-196-135-209.ap-northeast-1.compute.amazonaws.com
dps.jp.cinarra.com
2    104.18.24.173 (None, )

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    169.197.150.8 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
2    119.9.108.191 (Hong Kong)

ASN45187 (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong, HK)
uipglob.semasio.net
4    34.124.209.251 (Singapore, Singapore)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 251.209.124.34.bc.googleusercontent.com
um.simpli.fi
7    13.229.188.244 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-229-188-244.ap-southeast-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
5    207.65.33.76 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
4    185.84.60.23 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
6    89.207.22.108 (Singapore, Singapore)

ASN41041 (VCLK-EU-SE, US)
PTR: sin02-nessy-float2.dotomi.com
pubmatic-match.dotomi.com
triplelift-match.dotomi.com
openx2-match.dotomi.com
8    52.46.155.104 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    52.77.160.240 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-77-160-240.ap-southeast-1.compute.amazonaws.com
d.adroll.com
1    23.77.149.36 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-77-149-36.deploy.static.akamaitechnologies.com
acdn.adnxs.com
1    13.35.147.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-147-91.syd1.r.cloudfront.net
s.ad.smaato.net
1    64.38.119.44 (United States)

ASN19151 (BBO-1, US)
bttrack.com
2    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
2    207.65.33.79 (United States)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
2    3.1.170.125 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-1-170-125.ap-southeast-1.compute.amazonaws.com
sync-pm.ads.yieldmo.com
2    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
1    18.176.234.133 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-176-234-133.ap-northeast-1.compute.amazonaws.com
bk.r-ad.ne.jp
1    52.4.98.207 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-98-207.compute-1.amazonaws.com
sync.ipredictive.com
1    204.79.197.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: a-0001.a-msedge.net
c.bing.com
6    52.69.158.44 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-69-158-44.ap-northeast-1.compute.amazonaws.com
match.prod.bidr.io
4    98.98.134.243 (United States)

ASN21859 (ZEN-ECN, US)
pixel-sync.sitescout.com
2    142.250.66.202 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s23-in-f10.1e100.net
imasdk.googleapis.com
5    13.215.29.241 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-215-29-241.ap-southeast-1.compute.amazonaws.com
pm.w55c.net
1    198.8.71.131 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
4    35.244.154.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.154.244.35.bc.googleusercontent.com
idsync.rlcdn.com
2    107.178.254.65 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
1    34.98.67.3 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 3.67.98.34.bc.googleusercontent.com
tags.rd.linksynergy.com
1    8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
2    142.250.76.102 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s24-in-f6.1e100.net
s0.2mdn.net
2    3.122.66.171 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-66-171.eu-central-1.compute.amazonaws.com
rtb.mfadsrvr.com
1    74.214.196.131 (Sunnyvale, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    8.2.110.134 (United States)

ASN46636 (NATCOWEB, US)
cs.krushmedia.com
1    13.228.253.17 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-228-253-17.ap-southeast-1.compute.amazonaws.com
sync.springserve.com
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
1    52.9.84.22 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-9-84-22.us-west-1.compute.amazonaws.com
aorta.clickagy.com
1    213.19.162.90 (None, )

ASN- ()
pixel-eu.rubiconproject.com
1    52.76.234.12 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-76-234-12.ap-southeast-1.compute.amazonaws.com
i.w55c.net
1    142.250.66.226 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s15-in-f2.1e100.net
pagead2.googlesyndication.com
2    104.68.31.231 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a104-68-31-231.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    104.18.38.76 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
1    23.106.127.165 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ssbsync.smartadserver.com
2    52.205.132.212 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-132-212.compute-1.amazonaws.com
i.liadm.com
1    3.227.26.135 (None, )

ASN- ()
i6.liadm.com
2    3.105.199.38 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-105-199-38.ap-southeast-2.compute.amazonaws.com
dpm.demdex.net
1    52.94.220.185 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
2    104.18.41.104 (None, )

ASN13335 (CLOUDFLARENET, US)
capi.connatix.com
1    23.206.242.194 (None, )

ASN- ()
hb.yahoo.net
1    54.238.236.6 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-238-236-6.ap-northeast-1.compute.amazonaws.com
rtb.gumgum.com
1    141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu
lb.eu-1-id5-sync.com
2    108.177.112.94 (United States)

ASN15169 (GOOGLE, US)
PTR: jo-in-f94.1e100.net
csi.gstatic.com
1    143.244.220.80 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
sync.resetdigital.co
Apex Domain
Subdomains		 Transfer
54 turtlediary.com
www.turtlediary.com — Cisco Umbrella Rank: 165634
cdn.turtlediary.com — Cisco Umbrella Rank: 207846
media.turtlediary.com — Cisco Umbrella Rank: 193755
nodejs.turtlediary.com — Cisco Umbrella Rank: 155499
833 KB
38 pubmatic.com
image2.pubmatic.com — Cisco Umbrella Rank: 924
ads.pubmatic.com — Cisco Umbrella Rank: 534
image6.pubmatic.com — Cisco Umbrella Rank: 823
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 502
simage2.pubmatic.com — Cisco Umbrella Rank: 843
image4.pubmatic.com — Cisco Umbrella Rank: 1184
image8.pubmatic.com — Cisco Umbrella Rank: 662
simage4.pubmatic.com — Cisco Umbrella Rank: 1289
60 KB
38 primis.tech
live.primis.tech — Cisco Umbrella Rank: 1458
video.primis.tech — Cisco Umbrella Rank: 6090
rtb.primis.tech — Cisco Umbrella Rank: 5697
3 MB
32 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
ad.doubleclick.net — Cisco Umbrella Rank: 154
cm.g.doubleclick.net — Cisco Umbrella Rank: 245
170 KB
30 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 683
ce.lijit.com — Cisco Umbrella Rank: 882
51 KB
27 rubiconproject.com
token.rubiconproject.com — Cisco Umbrella Rank: 458
pixel.rubiconproject.com — Cisco Umbrella Rank: 376
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 776
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1156
pixel-eu.rubiconproject.com
eus.rubiconproject.com — Cisco Umbrella Rank: 602
32 KB
27 yahoo.com
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 1906
ups.analytics.yahoo.com — Cisco Umbrella Rank: 327
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 492
7 KB
22 openx.net
oajs.openx.net — Cisco Umbrella Rank: 1656
rtb.openx.net — Cisco Umbrella Rank: 695
google-bidout-d.openx.net — Cisco Umbrella Rank: 1665
us-u.openx.net — Cisco Umbrella Rank: 522
jp-u.openx.net — Cisco Umbrella Rank: 14175
u.openx.net — Cisco Umbrella Rank: 659
freestar-d.openx.net — Cisco Umbrella Rank: 10102
4 KB
21 intentiq.com
api.intentiq.com — Cisco Umbrella Rank: 1400
sync.intentiq.com — Cisco Umbrella Rank: 886
sync1.intentiq.com — Cisco Umbrella Rank: 2801
18 KB
20 ad.gt
id.hadron.ad.gt — Cisco Umbrella Rank: 1601
a.ad.gt — Cisco Umbrella Rank: 1844
p.ad.gt — Cisco Umbrella Rank: 2257
ids.ad.gt — Cisco Umbrella Rank: 1474
pixels.ad.gt — Cisco Umbrella Rank: 1963
75 KB
20 pub.network
a.pub.network — Cisco Umbrella Rank: 4389
d.pub.network — Cisco Umbrella Rank: 4659
c.pub.network — Cisco Umbrella Rank: 4367
414 KB
19 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 984
match.sharethrough.com — Cisco Umbrella Rank: 559
11 KB
18 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 572
eb2.3lift.com — Cisco Umbrella Rank: 417
10 KB
17 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 486
htlb.casalemedia.com — Cisco Umbrella Rank: 511
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625
12 KB
16 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 246
secure.adnxs.com — Cisco Umbrella Rank: 495
acdn.adnxs.com — Cisco Umbrella Rank: 609
29 KB
14 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 1165
x.bidswitch.net — Cisco Umbrella Rank: 351
5 KB
14 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 353
data.adsrvr.org — Cisco Umbrella Rank: 5710
7 KB
11 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 306
s.amazon-adsystem.com — Cisco Umbrella Rank: 310
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 890
72 KB
9 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 567
5 KB
9 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1591
rtb.gumgum.com — Cisco Umbrella Rank: 1589
3 KB
9 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 657
sync-pm.ads.yieldmo.com — Cisco Umbrella Rank: 8174
5 KB
8 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 487
2 KB
8 t13.io
s2s.t13.io — Cisco Umbrella Rank: 1873
1 KB
6 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 912
i.w55c.net — Cisco Umbrella Rank: 1952
4 KB
6 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 573
3 KB
6 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3483
triplelift-match.dotomi.com — Cisco Umbrella Rank: 4304
openx2-match.dotomi.com — Cisco Umbrella Rank: 4926
2 KB
6 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 689
2 KB
6 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1268
usermatch.targeting.unrulymedia.com — Cisco Umbrella Rank: 4590
2 KB
6 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1245
pixel.quantserve.com — Cisco Umbrella Rank: 964
cms.quantserve.com — Cisco Umbrella Rank: 764
11 KB
5 adform.net
cm.adform.net — Cisco Umbrella Rank: 1267
c1.adform.net — Cisco Umbrella Rank: 599
3 KB
5 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 976
bcp.crwdcntrl.net — Cisco Umbrella Rank: 887
sync.crwdcntrl.net — Cisco Umbrella Rank: 865
13 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
23 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
ajax.googleapis.com — Cisco Umbrella Rank: 364
imasdk.googleapis.com — Cisco Umbrella Rank: 447
399 KB
4 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 415
api.rlcdn.com Failed
902 B
4 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 726
2 KB
4 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 795
2 KB
4 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 709
1 KB
4 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 580
2 KB
4 turn.com
ad.turn.com — Cisco Umbrella Rank: 851
2 KB
4 smartadserver.com
sync.smartadserver.com — Cisco Umbrella Rank: 1330
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 1511
ssbsync.smartadserver.com — Cisco Umbrella Rank: 774
1 KB
4 media.net
prebid.media.net — Cisco Umbrella Rank: 1335
cs.media.net — Cisco Umbrella Rank: 1513
4 KB
4 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 863
id5-sync.com — Cisco Umbrella Rank: 440
36 KB
4 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 454
dis.criteo.com — Cisco Umbrella Rank: 597
1 KB
4 btloader.com
btloader.com — Cisco Umbrella Rank: 877
api.btloader.com — Cisco Umbrella Rank: 948
96 KB
4 optimise.net
optimise.net — Cisco Umbrella Rank: 5481
5 KB
4 gstatic.com
fonts.gstatic.com
csi.gstatic.com
46 KB
3 liadm.com
i.liadm.com — Cisco Umbrella Rank: 539
i6.liadm.com
1 KB
3 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 940
742 B
3 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 2139
creativecdn.com — Cisco Umbrella Rank: 592
2 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 172
3 KB
3 fronttoad.com
fronttoad.com — Cisco Umbrella Rank: 25452
25 KB
3 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 223
31 KB
2 connatix.com
capi.connatix.com — Cisco Umbrella Rank: 1113
521 B
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 228
1 KB
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 674
cdn.indexww.com — Cisco Umbrella Rank: 1531
2 KB
2 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 1131
1 KB
2 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 300
17 KB
2 pippio.com
pippio.com — Cisco Umbrella Rank: 988
881 B
2 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 1824
370 B
2 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 377
773 B
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1222
1 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 860
s.tribalfusion.com — Cisco Umbrella Rank: 2311
1 KB
2 cinarra.com
dps.jp.cinarra.com — Cisco Umbrella Rank: 18770
77 B
2 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1392
1 KB
2 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 1397
1 KB
2 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 5723
667 B
2 sportradarserving.com
a.sportradarserving.com — Cisco Umbrella Rank: 2529
971 B
2 tremorhub.com
mb9eo.publishers.tremorhub.com — Cisco Umbrella Rank: 6880
722 B
2 googlesyndication.com
1652a92e08b530b0cf1938630f75d069.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
17 KB
2 ladsp.com
cr-p3.ladsp.com — Cisco Umbrella Rank: 25841
1 KB
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 946
1 KB
1 resetdigital.co
sync.resetdigital.co — Cisco Umbrella Rank: 2782
412 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 928
279 B
1 yahoo.net
hb.yahoo.net
646 B
1 clickagy.com
aorta.clickagy.com — Cisco Umbrella Rank: 2013
429 B
1 springserve.com
sync.springserve.com — Cisco Umbrella Rank: 3340
206 B
1 krushmedia.com
cs.krushmedia.com — Cisco Umbrella Rank: 3896
573 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 547
832 B
1 linksynergy.com
tags.rd.linksynergy.com — Cisco Umbrella Rank: 5792
403 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 868
795 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 236
691 B
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 909
494 B
1 r-ad.ne.jp
bk.r-ad.ne.jp — Cisco Umbrella Rank: 28346
549 B
1 bttrack.com
bttrack.com — Cisco Umbrella Rank: 826
305 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 716
467 B
1 adroll.com
d.adroll.com — Cisco Umbrella Rank: 1356
182 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 6074
277 B
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1055
45 B
1 ad-m.asia
sync-dsp.ad-m.asia — Cisco Umbrella Rank: 12320
243 B
1 appier.net
gocm.c.appier.net — Cisco Umbrella Rank: 2603
438 B
1 ambientdsp.com
cm.ambientdsp.com — Cisco Umbrella Rank: 25232
652 B
1 admanmedia.com
cs.admanmedia.com — Cisco Umbrella Rank: 1138
668 B
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 566
625 B
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 931
697 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1212
1 KB
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1208
857 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 335
898 B
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 1762
8 KB
1 hadronid.net
cdn.hadronid.net — Cisco Umbrella Rank: 1779
10 KB
1 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 587
481 B
1 videoplayerhub.com
freestar-io.videoplayerhub.com — Cisco Umbrella Rank: 5424
451 B
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 762
30 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
93 KB
0 fwmrm.net Failed
1f2e7.v.fwmrm.net Failed
0 rundsp.com Failed
match.rundsp.com Failed
0 nex8.net Failed
cs.nex8.net Failed
0 gammaplatform.com Failed
cm-supply-web.gammaplatform.com Failed
0 mathtag.com Failed
sync.mathtag.com Failed
463 108
Domain Requested by
29 live.primis.tech 16 redirects a.pub.network
live.primis.tech
www.turtlediary.com
25 cm.g.doubleclick.net 18 redirects google-bidout-d.openx.net
www.turtlediary.com
eb2.3lift.com
ads.yieldmo.com
ce.lijit.com
22 ce.lijit.com a.pub.network
ads.pubmatic.com
ce.lijit.com
us-u.openx.net
www.turtlediary.com
18 sync.intentiq.com 1 redirects www.turtlediary.com
live.primis.tech
ads.pubmatic.com
17 cdn.turtlediary.com www.turtlediary.com
16 media.turtlediary.com www.turtlediary.com
15 eb2.3lift.com 3 redirects a.pub.network
eb2.3lift.com
15 www.turtlediary.com 1 redirects www.turtlediary.com
14 pixel.rubiconproject.com 10 redirects www.turtlediary.com
14 c2shb.pubgw.yahoo.com a.pub.network
13 btlr.sharethrough.com a.pub.network
live.primis.tech
13 match.adsrvr.org 11 redirects a.pub.network
live.primis.tech
12 simage2.pubmatic.com 1 redirects ads.pubmatic.com
12 c.pub.network a.pub.network
12 ib.adnxs.com 4 redirects a.pub.network
acdn.adnxs.com
eb2.3lift.com
www.turtlediary.com
11 x.bidswitch.net 5 redirects www.turtlediary.com
ads.pubmatic.com
eb2.3lift.com
ce.lijit.com
10 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
9 sync.1rx.io 9 redirects
9 us-u.openx.net google-bidout-d.openx.net
freestar-d.openx.net
ce.lijit.com
us-u.openx.net
8 s.amazon-adsystem.com 2 redirects ssum-sec.casalemedia.com
eb2.3lift.com
ce.lijit.com
us-u.openx.net
www.turtlediary.com
8 video.primis.tech live.primis.tech
www.turtlediary.com
8 pixel.tapad.com 6 redirects ads.pubmatic.com
www.turtlediary.com
8 token.rubiconproject.com 6 redirects www.turtlediary.com
eus.rubiconproject.com
8 image2.pubmatic.com 2 redirects ads.pubmatic.com
8 ids.ad.gt 1 redirects www.turtlediary.com
8 ap.lijit.com 5 redirects a.pub.network
8 g2.gumgum.com a.pub.network
8 s2s.t13.io a.pub.network
ssum-sec.casalemedia.com
www.turtlediary.com
eb2.3lift.com
ads.pubmatic.com
8 id.hadron.ad.gt a.pub.network
cdn.hadronid.net
7 pr-bh.ybp.yahoo.com 4 redirects ads.pubmatic.com
freestar-d.openx.net
ssum-sec.casalemedia.com
7 ads.yieldmo.com a.pub.network
ads.yieldmo.com
7 a.pub.network www.turtlediary.com
a.pub.network
6 match.prod.bidr.io 6 redirects
6 sync.srv.stackadapt.com 4 redirects eb2.3lift.com
6 match.sharethrough.com 1 redirects www.turtlediary.com
6 ups.analytics.yahoo.com 4 redirects us-u.openx.net
www.turtlediary.com
6 ads.pubmatic.com live.primis.tech
ads.pubmatic.com
a.pub.network
ce.lijit.com
6 ssum-sec.casalemedia.com 2 redirects www.turtlediary.com
a.pub.network
ssum-sec.casalemedia.com
js-sec.indexww.com
6 securepubads.g.doubleclick.net a.pub.network
securepubads.g.doubleclick.net
imasdk.googleapis.com
6 nodejs.turtlediary.com www.turtlediary.com
nodejs.turtlediary.com
5 pm.w55c.net 5 redirects
5 rtb.openx.net 1 redirects a.pub.network
freestar-d.openx.net
5 www.google-analytics.com www.turtlediary.com
www.google-analytics.com
www.googletagmanager.com
4 idsync.rlcdn.com 2 redirects www.turtlediary.com
4 pixel-sync.sitescout.com 4 redirects
4 c1.adform.net 3 redirects ads.pubmatic.com
4 um.simpli.fi 3 redirects ads.pubmatic.com
4 sync-tm.everesttech.net 3 redirects ads.pubmatic.com
4 b1sync.zemanta.com 3 redirects ads.pubmatic.com
4 sync.targeting.unrulymedia.com 4 redirects
4 ad.turn.com 4 redirects
4 optimise.net a.pub.network
3 image4.pubmatic.com 2 redirects ads.pubmatic.com
3 sync.crwdcntrl.net 2 redirects ads.pubmatic.com
3 cms.quantserve.com 3 redirects
3 image6.pubmatic.com ads.pubmatic.com
3 csync.loopme.me 3 redirects
3 secure.adnxs.com 3 redirects
3 jp-u.openx.net google-bidout-d.openx.net
freestar-d.openx.net
3 id5-sync.com cdn.id5-sync.com
live.primis.tech
3 tlx.3lift.com a.pub.network
3 grid.bidswitch.net a.pub.network
3 prebid.media.net a.pub.network
3 api.btloader.com freestar-io.videoplayerhub.com
3 sb.scorecardresearch.com 1 redirects a.pub.network
www.turtlediary.com
3 fronttoad.com a.pub.network
fronttoad.com
3 cdnjs.cloudflare.com www.turtlediary.com
2 csi.gstatic.com imasdk.googleapis.com
2 capi.connatix.com 1 redirects www.turtlediary.com
2 dpm.demdex.net 1 redirects ssum-sec.casalemedia.com
2 i.liadm.com 2 redirects
2 eus.rubiconproject.com live.primis.tech
eus.rubiconproject.com
2 openx2-match.dotomi.com 2 redirects
2 creativecdn.com 2 redirects
2 rtb.mfadsrvr.com 2 redirects
2 s0.2mdn.net ce.lijit.com
imasdk.googleapis.com
2 pippio.com 2 redirects
2 usermatch.targeting.unrulymedia.com 2 redirects
2 imasdk.googleapis.com live.primis.tech
imasdk.googleapis.com
2 triplelift-match.dotomi.com 2 redirects
2 simage4.pubmatic.com ads.pubmatic.com
2 tr.blismedia.com 1 redirects freestar-d.openx.net
2 sync-pm.ads.yieldmo.com ads.yieldmo.com
ads.pubmatic.com
2 image8.pubmatic.com 2 redirects
2 px.ads.linkedin.com eb2.3lift.com
www.turtlediary.com
2 pubmatic-match.dotomi.com 2 redirects
2 uipglob.semasio.net 1 redirects ads.pubmatic.com
2 dps.jp.cinarra.com ads.pubmatic.com
freestar-d.openx.net
2 cm.adgrx.com 2 redirects
2 t.adx.opera.com 2 redirects
2 ipac.ctnsnet.com 1 redirects ads.pubmatic.com
2 dis.criteo.com ads.pubmatic.com
eb2.3lift.com
2 a.sportradarserving.com 2 redirects
2 hbopenbid.pubmatic.com live.primis.tech
2 mb9eo.publishers.tremorhub.com 2 redirects
2 c.amazon-adsystem.com live.primis.tech
c.amazon-adsystem.com
2 sync.smartadserver.com 1 redirects www.turtlediary.com
2 pixel.quantserve.com www.turtlediary.com
2 a.ad.gt cdn.hadronid.net
p.ad.gt
2 cr-p3.ladsp.com 2 redirects
2 oajs.openx.net 1 redirects www.turtlediary.com
2 gum.criteo.com a.pub.network
2 ad-delivery.net www.turtlediary.com
2 api.intentiq.com a.pub.network
live.primis.tech
2 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com www.turtlediary.com
live.primis.tech
1 sync.resetdigital.co 1 redirects
1 lb.eu-1-id5-sync.com live.primis.tech
1 rtb.gumgum.com a.pub.network
1 hb.yahoo.net www.turtlediary.com
1 aax-eu.amazon-adsystem.com www.turtlediary.com
1 cdn.indexww.com ssum-sec.casalemedia.com
1 i6.liadm.com ssum-sec.casalemedia.com
1 ssbsync.smartadserver.com www.turtlediary.com
1 js-sec.indexww.com live.primis.tech
1 pagead2.googlesyndication.com imasdk.googleapis.com
1 i.w55c.net 1 redirects
1 pixel-eu.rubiconproject.com 1 redirects
1 aorta.clickagy.com 1 redirects
1 sync.springserve.com ce.lijit.com
1 cs.krushmedia.com 1 redirects
1 bh.contextweb.com 1 redirects
1 pixel-us-east.rubiconproject.com 1 redirects
1 data.adsrvr.org 1 redirects
1 tags.rd.linksynergy.com 1 redirects
1 p.rfihub.com 1 redirects
1 c.bing.com eb2.3lift.com
1 sync.ipredictive.com 1 redirects
1 bk.r-ad.ne.jp 1 redirects
1 bttrack.com www.turtlediary.com
1 s.ad.smaato.net 1 redirects
1 freestar-d.openx.net a.pub.network
1 acdn.adnxs.com a.pub.network
1 d.adroll.com ssum-sec.casalemedia.com
1 core.iprom.net ads.pubmatic.com
1 match.deepintent.com ads.pubmatic.com
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 sync-dsp.ad-m.asia ads.pubmatic.com
freestar-d.openx.net
1 gocm.c.appier.net 1 redirects
1 cm.ambientdsp.com 1 redirects
1 htlb.casalemedia.com live.primis.tech
1 rtb.primis.tech live.primis.tech
1 prebid-server.rubiconproject.com live.primis.tech
1 cm.adform.net www.turtlediary.com
1 ssbsync-global.smartadserver.com 1 redirects
1 cs.admanmedia.com 1 redirects
1 ads.stickyadstv.com 1 redirects
1 cs.media.net 1 redirects
1 u.openx.net 1 redirects
1 pixels.ad.gt p.ad.gt
1 sync.go.sonobi.com 1 redirects
1 p.ad.gt a.ad.gt
1 1652a92e08b530b0cf1938630f75d069.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 rules.quantcount.com secure.quantserve.com
1 tg.socdm.com 1 redirects
1 google-bidout-d.openx.net oa.openxcdn.net
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 cdn.id5-sync.com securepubads.g.doubleclick.net
1 cdn.jsdelivr.net securepubads.g.doubleclick.net
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 secure.quantserve.com a.pub.network
1 ad.doubleclick.net www.turtlediary.com
1 sync1.intentiq.com www.turtlediary.com
1 cdn.hadronid.net a.pub.network
1 static.adsafeprotected.com www.turtlediary.com
1 btloader.com www.turtlediary.com
1 freestar-io.videoplayerhub.com 1 redirects
1 d.pub.network www.turtlediary.com
1 code.jquery.com www.turtlediary.com
1 ajax.googleapis.com www.turtlediary.com
1 www.googletagmanager.com www.turtlediary.com
0 1f2e7.v.fwmrm.net Failed ssum-sec.casalemedia.com
0 api.rlcdn.com Failed live.primis.tech
0 match.rundsp.com Failed us-u.openx.net
0 cs.nex8.net Failed freestar-d.openx.net
0 cm-supply-web.gammaplatform.com Failed ads.pubmatic.com
0 sync.mathtag.com Failed ads.pubmatic.com
463 180
Subject Issuer Validity Valid
*.turtlediary.com
Amazon RSA 2048 M03		 2023-10-24 -
2024-11-21		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
d.pub.network
GTS CA 1D4		 2023-10-07 -
2024-01-05		 3 months crt.sh
fronttoad.com
R3		 2023-09-13 -
2023-12-12		 3 months crt.sh
*.scorecardresearch.com
Sectigo RSA Domain Validation Secure Server CA		 2022-12-15 -
2023-12-28		 a year crt.sh
optimise.net
GTS CA 1D4		 2023-11-19 -
2024-02-17		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2023-07-07 -
2024-08-04		 a year crt.sh
hadronid.net
GTS CA 1P5		 2023-10-05 -
2024-01-03		 3 months crt.sh
*.intentiq.com
Amazon RSA 2048 M02		 2023-04-11 -
2024-05-08		 a year crt.sh
api.btloader.com
GTS CA 1D4		 2023-10-10 -
2024-01-08		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2023-12-23		 3 months crt.sh
*.primis.tech
Amazon RSA 2048 M01		 2023-09-24 -
2024-10-22		 a year crt.sh
quantserve.com
R3		 2023-10-28 -
2024-01-26		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-09-25 -
2023-12-24		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
invstatic101.creativecdn.com
GTS CA 1D4		 2023-10-24 -
2024-01-22		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-10-17 -
2024-04-10		 6 months crt.sh
s2s.t13.io
GTS CA 1D4		 2023-11-12 -
2024-02-10		 3 months crt.sh
prebid.media.net
GTS CA 1D4		 2023-10-28 -
2024-01-26		 3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.yieldmo.com
Amazon RSA 2048 M03		 2023-08-14 -
2024-09-12		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
jp-ad-exch-prd-two-eks.prd.eks.jp.adexchange.gumgum.com
Amazon RSA 2048 M01		 2023-08-31 -
2024-09-28		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M02		 2023-09-23 -
2024-10-20		 a year crt.sh
*.id5-sync.com
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh
c.pub.network
GTS CA 1D4		 2023-10-06 -
2024-01-04		 3 months crt.sh
p.ad.gt
Cloudflare Inc ECC CA-3		 2023-11-09 -
2024-11-07		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-25 -
2024-01-24		 a year crt.sh
*.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-25 -
2024-06-18		 a year crt.sh
*.zemanta.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-16 -
2024-09-05		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-11 -
2024-09-11		 a year crt.sh
*.ctnsnet.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-13 -
2024-11-10		 a year crt.sh
sync-dsp.ad-m.asia
ZeroSSL RSA Domain Secure Site CA		 2023-09-07 -
2023-12-06		 3 months crt.sh
*.jp.cinarra.com
Sectigo RSA Domain Validation Secure Server CA		 2023-05-17 -
2024-06-16		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-11-30 -
2024-01-01		 a year crt.sh
*.iprom.net
R3		 2023-11-13 -
2024-02-11		 3 months crt.sh
*.simpli.fi
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-07 -
2024-12-07		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
d.adroll.com
Amazon RSA 2048 M03		 2023-10-09 -
2024-11-07		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2023-08-24 -
2024-08-24		 a year crt.sh
*.bttrack.com
Sectigo RSA Domain Validation Secure Server CA		 2023-04-04 -
2024-04-21		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2023-11-03 -
2024-05-03		 6 months crt.sh
tr.blismedia.com
GTS CA 1D4		 2023-10-04 -
2024-01-02		 3 months crt.sh
*.srv.stackadapt.com
Amazon RSA 2048 M03		 2023-09-09 -
2024-10-07		 a year crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 01		 2023-10-24 -
2024-04-21		 6 months crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-06 -
2024-09-19		 a year crt.sh
*.ads.yieldmo.com
Amazon RSA 2048 M01		 2023-03-26 -
2024-04-23		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
*.eu-1-id5-sync.com
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh

This page contains 58 frames:

Primary Page: https://www.turtlediary.com/
Frame ID: C95252588ADD987DB9797E4F2BD36489
Requests: 212 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 1E03E9B68EB32E46DE4E6A24672110B0
Requests: 6 HTTP requests in this frame

Frame: https://live.primis.tech/live/liveView.php?s=114564&cbuster=1700783565&pubUrl=https://www.turtlediary.com/&x=400&y=272&playerApiId=freestarPrimisPlayer&schain=1.0,1!freestar.com,1564,1&cbuster=1700783565&pubUrlAuto=https%3A%2F%2Fwww.turtlediary.com%2F&videoType=sticky&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Frame ID: 563F487E08D1FA0B47B76129E71338D6
Requests: 47 HTTP requests in this frame

Frame: https://1652a92e08b530b0cf1938630f75d069.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 847A9609383D853B7A91019574CD3346
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Frame ID: 2C7060F25EC6E7C831ED473F605F498A
Requests: 17 HTTP requests in this frame

Frame: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1486637409&3rdpcid=5ae7fe55-3689-4faf-8e44-4f64b5159078
Frame ID: 0B3B0DD7E915BC2377FB1D290F100DC9
Requests: 1 HTTP requests in this frame

Frame: https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D
Frame ID: AADC81CF1AC174E4F7015EDFD41FB923
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4572801297682017392&gdpr=0&gdpr_consent=
Frame ID: 53CD410797890BD32E606BEB3D5D15CB
Requests: 1 HTTP requests in this frame

Frame: https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=f958b8ca-fc9a-4181-9fe9-ebc3226aedb7&ssp=pubmatic
Frame ID: 30B450C5C16C96B54650857C52FD72F6
Requests: 1 HTTP requests in this frame

Frame: https://b1sync.zemanta.com/usersync/pubmatic/gdpr=0&gdpr_consent=&https:/simage2.pubmatic.com/AdServer/Pug%3Fvcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&s=2?gdpr=0
Frame ID: 21B93E0217E90F5D6D7DFC881EEAA051
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZV-lzwAB4Qvx7QBd
Frame ID: 6F420231B78FBF1AD44F7D44331B2AF3
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=R1656BRe7-tcW-65Rw6h60Ff77pcCbS5Elm7vgzj
Frame ID: BB4708818318ACBC40B2CA8B73DA84E4
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=12ga5di2cane
Frame ID: 331AA959954323CCF2A606F2F300F679
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=VvsKSL_3W_1J1MHeEqGRKkLLcKM&gdpr=0&gdpr_consent=
Frame ID: BDD44D5BEFED40FBBD233A5B68B991CD
Requests: 1 HTTP requests in this frame

Frame: https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Frame ID: D44920FB708885E7DE618FCBD61248A2
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 62EB2B40EE42E3C9A42CB5574AE3D08D
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 2C74B10A52E658482174D954D8FF065D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=ff1ad6d7302d4690986ab88eaa6f6463
Frame ID: D11E26492E7FF029A8A67546EB27641F
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU1d80bda0d2304619906361725033a9c6
Frame ID: E713E3CD2CFC5B3F826EBA77742C2B91
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=HHqbwVdtDV6mwmv-z-VfZQ
Frame ID: 123E99CE76E9C391581A33BFA4BE6696
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=680f874e-8a5b-11ee-b797-8b289c061b88
Frame ID: 62E733393C2F4F7708083B87C04C880F
Requests: 1 HTTP requests in this frame

Frame: https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Frame ID: A76B779A2CB56A7891EF2F46812504A3
Requests: 1 HTTP requests in this frame

Frame: https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=0A657C5F-D245-45A8-9BC1-CB8389B02520
Frame ID: 4DE472EDB748366E821325D78460855B
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: A2DC76AD7645E1A260D7AB7DBFE9E210
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 9F409FAD1CC85AE4BD62B2D2BC8A9EFE
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 39A8BF6B5F3A22BA99AD3D261C6E758F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: EE429332B7F4154B36648BADE0834C5C
Requests: 1 HTTP requests in this frame

Frame: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1402230080&3rdpcid=0A657C5F-D245-45A8-9BC1-CB8389B02520
Frame ID: 9030487B52DBB93677C5FD6E4CE29DF0
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&cb=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Frame ID: 97247181CA7A86BE5FC5C968A616C538
Requests: 10 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 2822F28085668635FB2A6D0FEF3ADFC7
Requests: 3 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 5D79FB4B3FB8332ECA21E33871417F6E
Requests: 11 HTTP requests in this frame

Frame: https://freestar-d.openx.net/w/1.0/pd
Frame ID: 66B59B47A4FC21DFA455F1D1578226F9
Requests: 11 HTTP requests in this frame

Frame: https://ce.lijit.com/beacon?informer=13388523
Frame ID: D06EA3FF6415CC556AAD0B2BACA53F19
Requests: 21 HTTP requests in this frame

Frame: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Frame ID: 0DF3211DD0EA5941AB33A9729359BD0F
Requests: 6 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&predirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Frame ID: 6A48D37CC537284197E478518F2E5A84
Requests: 4 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Frame ID: 76F24041DFBA939B515D4B1B728BEDDD
Requests: 12 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=0A657C5F-D245-45A8-9BC1-CB8389B02520&gdpr=0&gdpr_consent=
Frame ID: 99BB827E08B49FA1869246599BB4B9D4
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:OkHa2n9z1R6jv35&gdpr=0&gdpr_consent=
Frame ID: 5FC6FC09CDF267DFA9D3280E6ACA0F1E
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1974054394973408202
Frame ID: 0C89167142F323A9A5B58E60A18A0E36
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=97&3pid=RX-38d097bd-d4ec-4a21-af4c-64c777d98054-004
Frame ID: F543E81AD6FF8DA1AB7DDF766011D922
Requests: 1 HTTP requests in this frame

Frame: https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=0A657C5F-D245-45A8-9BC1-CB8389B02520&gdpr=0&gdpr_consent=
Frame ID: FE95A7724285C509B1D3B36DBBBC2F19
Requests: 1 HTTP requests in this frame

Frame: https://s2s.t13.io/setuid?bidder=pubmatic&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=b&uid=0A657C5F-D245-45A8-9BC1-CB8389B02520
Frame ID: C4E7C72DBA13BCF246C33D3AEFA9CCC0
Requests: 1 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Frame ID: CC14C966968CD3CF99B6A6CEDEF2FF73
Requests: 8 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Frame ID: 1A9DBB2838216F0E038641EDF4CE1AA7
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Frame ID: 8AABC7EFD571F48A700C397838E560A6
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Frame ID: F296366BAFEF8F5F9B15E4878FE58F68
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 9D80475F95535E59C4BC667C11EF2E64
Requests: 1 HTTP requests in this frame

Frame: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1402230080&3rdpcid=0A657C5F-D245-45A8-9BC1-CB8389B02520
Frame ID: A648AB1AA2676664D93E42D6E2C7B983
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: BBB2EC6C053D7EDA26B53A3CC0F2AFFA
Requests: 19 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: E9EEA55FE051D5F0712CCE30DB5263F9
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595
Frame ID: C544A0545D755B0A1F54AD215662BD95
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.turtlediary.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: E3FB08471C2E0E1E0F47C9FB2CE48D6B
Requests: 10 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Frame ID: 86A1044272C4A65F94AF4CB17D55F581
Requests: 1 HTTP requests in this frame

Frame: https://s2s.t13.io/setuid?bidder=pubmatic&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=b&uid=0A657C5F-D245-45A8-9BC1-CB8389B02520
Frame ID: 002078F571C9A65DA77488368695B075
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=58&3pid=0A657C5F-D245-45A8-9BC1-CB8389B02520
Frame ID: 770E2773E935ECFEAF205B4B0D12AD11
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=71&3pid=0A657C5F-D245-45A8-9BC1-CB8389B02520
Frame ID: 36DAD1F80B7CC000867797953C06C66D
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=58&3pid=0A657C5F-D245-45A8-9BC1-CB8389B02520
Frame ID: BFE271077348C5FAAAD9D47B648EE904
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=71&3pid=0A657C5F-D245-45A8-9BC1-CB8389B02520
Frame ID: 60F3688774F86D601B39A92BD37FD78D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Educational Games | Educational Games For Kids | Turtle Diary

Page URL History Show full URLs

  1. http://www.turtlediary.com/ HTTP 301
    https://www.turtlediary.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • socket\.io.*\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

463
Requests

71 %
HTTPS

0 %
IPv6

108
Domains

180
Subdomains

109
IPs

13
Countries

6055 kB
Transfer

11204 kB
Size

211
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.turtlediary.com/ HTTP 301
    https://www.turtlediary.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 60
  • https://sb.scorecardresearch.com/b?c1=2&c2=23384447&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1700783563930&ns_c=UTF-8&cs_ucfr=&c7=https%3A%2F%2Fwww.turtlediary.com%2F&c8=Educational%20Games%20%7C%20Educational%20Games%20For%20Kids%20%7C%20Turtle%20Diary&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1700783563930&ns_c=UTF-8&cs_ucfr=&c7=https%3A%2F%2Fwww.turtlediary.com%2F&c8=Educational%20Games%20%7C%20Educational%20Games%20For%20Kids%20%7C%20Turtle%20Diary&c9=
Request Chain 69
  • https://freestar-io.videoplayerhub.com/gallery.js HTTP 301
  • https://btloader.com/tag?h=freestar-io&upapi=true
Request Chain 78
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=1434517136&rnd=758179&iiqidtype=2&iiqpcid=a3925b35-2c07-4c41-8b27-2674e680b371&iiqpciddate=1700783564739&tsrnd=851_1700783564739&vrref=www.turtlediary.com&jsver=5.4&abtp=95&abtg=A HTTP 302
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=1434517136&rnd=758179&iiqidtype=2&iiqpcid=a3925b35-2c07-4c41-8b27-2674e680b371&iiqpciddate=1700783564739&tsrnd=851_1700783564739&vrref=www.turtlediary.com&jsver=5.4&abtp=95&abtg=A&ckls=true&ci=BtXZLGESFI&nc=false&trid=347425782
Request Chain 99
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.turtlediary.com%2F&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.turtlediary.com%2F&rid=esp&cc=1
Request Chain 135
  • https://match.adsrvr.org/track/cmf/openx?oxid=ad4218e5-7acf-775c-ca21-d947595dd36d&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=26f23103-179c-4aa3-bd2c-21572cdcc184&ttd_puid=ad4218e5-7acf-775c-ca21-d947595dd36d&gdpr=0&gdpr_consent=
Request Chain 136
  • https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZV-lzcCo8XgAALbROUgAAAAA
Request Chain 137
  • https://cr-p3.ladsp.com/cookiesender/3 HTTP 302
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AcTLqXuvel_rks8AD7MPFmD6L88AAAGL_pmrVA
Request Chain 138
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ODEyZGNiMmYtYjNiOC0yOWY4LWRmYzEtODNmZTkzYmYxZDBk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ODEyZGNiMmYtYjNiOC0yOWY4LWRmYzEtODNmZTkzYmYxZDBk&google_tc=
Request Chain 139
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBQCWrk5cZV42cMZs7d8FdQ&google_cver=1
Request Chain 158
  • https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001700783566-T2QATTFP-8DA1&adnxs_id=$UID&gdpr=0 HTTP 302
  • https://ids.ad.gt/api/v1/match?id=AU1D-0100-001700783566-T2QATTFP-8DA1&adnxs_id=4572801297682017392&gdpr=0
Request Chain 159
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001700783566-T2QATTFP-8DA1&gdpr=0 HTTP 302
  • https://ids.ad.gt/api/v1/t_match?tdid=26f23103-179c-4aa3-bd2c-21572cdcc184&id=AU1D-0100-001700783566-T2QATTFP-8DA1
Request Chain 160
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001700783566-T2QATTFP-8DA1 HTTP 302
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001700783566-T2QATTFP-8DA1 HTTP 302
  • https://ids.ad.gt/api/v1/pbm_match?pbm=0A657C5F-D245-45A8-9BC1-CB8389B02520&id=AU1D-0100-001700783566-T2QATTFP-8DA1
Request Chain 162
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001700783566-T2QATTFP-8DA1&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001700783566-T2QATTFP-8DA1%26tapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3185&partner_device_id=AU1D-0100-001700783566-T2QATTFP-8DA1&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001700783566-T2QATTFP-8DA1%26tapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=2fd0d5b5-50bf-4118-9d4e-7d8d4331eb19%252Chttps%25253A%25252F%25252Fids.ad.gt%25252Fapi%25252Fv1%25252Ftapad_match%25253Fid%25253DAU1D-0100-001700783566-T2QATTFP-8DA1%252526tapad_id%25253D2fd0d5b5-50bf-4118-9d4e-7d8d4331eb19%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=26f23103-179c-4aa3-bd2c-21572cdcc184&ttd_puid=2fd0d5b5-50bf-4118-9d4e-7d8d4331eb19%2Chttps%253A%252F%252Fids.ad.gt%252Fapi%252Fv1%252Ftapad_match%253Fid%253DAU1D-0100-001700783566-T2QATTFP-8DA1%2526tapad_id%253D2fd0d5b5-50bf-4118-9d4e-7d8d4331eb19%2C HTTP 302
  • https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001700783566-T2QATTFP-8DA1&tapad_id=2fd0d5b5-50bf-4118-9d4e-7d8d4331eb19
Request Chain 163
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001700783566-T2QATTFP-8DA1 HTTP 302
  • https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001700783566-T2QATTFP-8DA1&google_gid=CAESEG21Wrx2SiV7S46niEE27as&google_cver=1&google_ula=450542624,0
Request Chain 164
  • https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001700783566-T2QATTFP-8DA1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcwMDc4MzU2Ni1UMlFBVFRGUC04REEx
Request Chain 166
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fsmart_match%3Fid%3DAU1D-0100-001700783566-T2QATTFP-8DA1%26sas_uid%3D%5bsas_uid%5d&gdpr=0 HTTP 302
  • https://sync.smartadserver.com/getuid?url=https://ids.ad.gt/api/v1/smart_match?id=AU1D-0100-001700783566-T2QATTFP-8DA1&sas_uid=[sas_uid]&gdpr=0&cklb=1
Request Chain 167
  • https://sync.go.sonobi.com/us?https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001700783566-T2QATTFP-8DA1&uid=[UID]&gdpr=0 HTTP 302
  • https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001700783566-T2QATTFP-8DA1&uid=3424a288-8de4-49d9-b442-47038e9ba8a0&gdpr=0
Request Chain 220
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26gdpr%3D0%26gdpr_consent%3D%26advId%3D98%26advUuid%3D HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&gdpr=0&gdpr_consent=&advId=98&advUuid=5ae7fe55-3689-4faf-8e44-4f64b5159078 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1486637409&3rdpcid=5ae7fe55-3689-4faf-8e44-4f64b5159078
Request Chain 225
  • https://x.bidswitch.net/sync?ssp=sekindo&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=sekindo&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sekindo&bsw_param=3cc72092-cbe6-47a1-a4f7-0360898fc560&google_hm=M2NjNzIwOTItY2JlNi00N2ExLWE0ZjctMDM2MDg5OGZjNTYw HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEHc25xBb2AFVZofldoRsqes&google_cver=1&ssp=sekindo&bsw_param=3cc72092-cbe6-47a1-a4f7-0360898fc560
Request Chain 226
  • https://csync.loopme.me/?pubid=11280&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D93%26advUuid%3D%7Bviewer_token%7D HTTP 307
  • https://live.primis.tech/live/liveCS.php?source=external&advId=93&advUuid=8dbad5b6-2f99-471c-876c-6c700708221d&gdpr_consent=null&gdpr=0 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=417208643&3rdpcid=8dbad5b6-2f99-471c-876c-6c700708221d
Request Chain 227
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191923&gdpr=0&gdpr_consent=&cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D99%26advUuid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D99%26advUuid%3D&gdpr=0&gdpr_consent=&s=191923&C=1 HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=99&advUuid=ZV-lzhynmEB9jLIUcQ17wgAA%264705 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=2120880633&3rdpcid=ZV-lzhynmEB9jLIUcQ17wgAA%264705
Request Chain 228
  • https://eb2.3lift.com/getuid?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D121%26advUuid%3D%24UID HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=121&advUuid=4432233494926843335826 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=259151345&3rdpcid=4432233494926843335826
Request Chain 229
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis&gdpr=0&gdpr_consent= HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LPBUMEW9-N-2Z93&gdpr=0 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LPBUMEW9-N-2Z93
Request Chain 230
  • https://ups.analytics.yahoo.com/ups/58818/sync?redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=128&advUuid=y-2dFoKitE2uKnZjrS2J7UtwiLvg.jkVfb~A HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1028935272&3rdpcid=y-2dFoKitE2uKnZjrS2J7UtwiLvg.jkVfb~A
Request Chain 231
  • https://mb9eo.publishers.tremorhub.com/pubsync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D126%26advUuid%3D%5Btvid%5D HTTP 302
  • https://mb9eo.publishers.tremorhub.com/pubsync/verify?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D126%26advUuid%3D%5Btvid%5D HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=126&advUuid=490ae67b0c49450a8be7b274506cf215 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=584182936&3rdpcid=490ae67b0c49450a8be7b274506cf215
Request Chain 232
  • https://cs.media.net/cksync?gdpr=0&gdpr_consent=&cs=34&type=pri&ovsid=655fe5cd86b79&redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D127%26advUuid%3D%3Cvsid%3E HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=127&advUuid=3437851672889994000V10 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1723987475&3rdpcid=3437851672889994000V10
Request Chain 233
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D130%26advUuid%3D%24UID HTTP 307
  • https://live.primis.tech/live/liveCS.php?source=external&advId=130&advUuid=HtPYCBZHK455dcM8RgS60SKz HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=396218182&3rdpcid=HtPYCBZHK455dcM8RgS60SKz
Request Chain 234
  • https://ads.stickyadstv.com/user-matching?id=3586&gdpr=0&gdpr_consent= HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=134&advUuid=194134d25b8e7f49e6297c71ab29890&gdpr_consent=&gdpr=0 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=484859127&3rdpcid=194134d25b8e7f49e6297c71ab29890
Request Chain 235
  • https://cs.admanmedia.com/3613a31b6329d1c17d5663d05b080db1.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D138%26advUuid%3D%5BUID%5D HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=138&advUuid=31abebff-afd5-4662-a348-a6b399a78fbb HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=2136778551&3rdpcid=31abebff-afd5-4662-a348-a6b399a78fbb
Request Chain 236
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=21&redirectUri=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D140%26advUuid%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=140&advUuid=8367014382429034701 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1881119486&3rdpcid=8367014382429034701
Request Chain 238
  • https://match.sharethrough.com/universal/v1?supply_id=Wog2sp89&gdpr=0&gdpr_consent= HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=144&advUuid=93b9f0fb-9ff4-4e23-914c-3da2902f1b41&gdpr=0 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=2011327056&3rdpcid=93b9f0fb-9ff4-4e23-914c-3da2902f1b41
Request Chain 239
  • https://sync.1rx.io/usersync2/rmpssp?sub=primis&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=primis&zcc=1&cb=1700783567847 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=7006105378 HTTP 302
  • https://sync.1rx.io/usersync/turn/3845728713393831377?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-38d097bd-d4ec-4a21-af4c-64c777d98054-004?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D119%26advUuid%3DRX-38d097bd-d4ec-4a21-af4c-64c777d98054-004 HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=119&advUuid=RX-38d097bd-d4ec-4a21-af4c-64c777d98054-004 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=541745869&3rdpcid=RX-38d097bd-d4ec-4a21-af4c-64c777d98054-004
Request Chain 254
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4572801297682017392&gdpr=0&gdpr_consent=
Request Chain 255
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=f958b8ca-fc9a-4181-9fe9-ebc3226aedb7&ssp=pubmatic
Request Chain 256
  • https://b1sync.zemanta.com/usersync/pubmatic/?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://b1sync.zemanta.com/usersync/pubmatic/?gdpr=0&gdpr_consent=&https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid%3A%24UID&s=2 HTTP 302
  • https://b1sync.zemanta.com/usersync/pubmatic/gdpr=0&gdpr_consent=&https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid%3A%24UID&s=2?gdpr=0 HTTP 301
  • https://b1sync.zemanta.com/usersync/pubmatic/gdpr=0&gdpr_consent=&https:/simage2.pubmatic.com/AdServer/Pug%3Fvcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&s=2?gdpr=0
Request Chain 257
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZV-lzwAB4Qvx7QBd
Request Chain 258
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=R1656BRe7-tcW-65Rw6h60Ff77pcCbS5Elm7vgzj
Request Chain 259
  • https://cm.ambientdsp.com/cm/send?vc=pmj HTTP 301
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=12ga5di2cane
Request Chain 260
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=VvsKSL_3W_1J1MHeEqGRKkLLcKM&gdpr=0&gdpr_consent=
Request Chain 264
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=ff1ad6d7302d4690986ab88eaa6f6463
Request Chain 265
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU1d80bda0d2304619906361725033a9c6
Request Chain 266
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=HHqbwVdtDV6mwmv-z-VfZQ
Request Chain 267
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=680f874e-8a5b-11ee-b797-8b289c061b88
Request Chain 270
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 273
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 274
  • https://live.primis.tech/live/liveCS.php?source=external&advId=91&advUuid=0A657C5F-D245-45A8-9BC1-CB8389B02520 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1402230080&3rdpcid=0A657C5F-D245-45A8-9BC1-CB8389B02520
Request Chain 275
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=CmV8X9JFRaibwcuDibAlIA%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 276
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=0A657C5F-D245-45A8-9BC1-CB8389B02520 HTTP 302
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D2fd0d5b5-50bf-4118-9d4e-7d8d4331eb19%252C%252C HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=4572801297682017392&pt=2fd0d5b5-50bf-4118-9d4e-7d8d4331eb19%2C%2C
Request Chain 278
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=0A657C5F-D245-45A8-9BC1-CB8389B02520&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=0A657C5F-D245-45A8-9BC1-CB8389B02520&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 279
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MEE2NTdDNUYtRDI0NS00NUE4LTlCQzEtQ0I4Mzg5QjAyNTIw&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 280
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHZEqQEqOHomDxQiwRVfEkA&google_cver=1
Request Chain 283
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=26f23103-179c-4aa3-bd2c-21572cdcc184&gdpr=0&gdpr_consent=
Request Chain 284
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=0A657C5F-D245-45A8-9BC1-CB8389B02520&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Oy3DkWFE2uVqTGFmDF.xEFKjdLvtKSk-~A&gdpr=0
Request Chain 285
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3917786307431759313&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 286
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8162966499268527634
Request Chain 287
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=0A657C5F-D245-45A8-9BC1-CB8389B02520&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=651c137dd9e9228f&is_secure=true&networkId=17100&version=1&nuid=0A657C5F-D245-45A8-9BC1-CB8389B02520&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMRxyfTNiCQwMUWD68AAAAAAA&expiration=1700869968&nuid=0A657C5F-D245-45A8-9BC1-CB8389B02520&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 292
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=26f23103-179c-4aa3-bd2c-21572cdcc184&expiration=1703375567&gdpr=0&gdpr_consent=
Request Chain 293
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZV-lzhynmEB9jLIUcQ17wgAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEM26JBjvhHgHfigS0TNQwfM&google_cver=1
Request Chain 294
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZV_lzhynmEB9jLIUcQ17wgAAEmEAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESECNkwQohI6FuesB2sO3KDqk&google_cver=1
Request Chain 295
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZV_lzhynmEB9jLIUcQ17wgAAEmEAAAIB&gpp=&gpp_sid= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZV_lzhynmEB9jLIUcQ17wgAAEmEAAAIB&gpp=&gpp_sid=&dcc=t
Request Chain 296
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 307
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=8dbad5b6-2f99-471c-876c-6c700708221d&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
Request Chain 297
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3989843901469687249
Request Chain 298
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZV-lzwAB4Qvx7QBd
Request Chain 310
  • https://ap.lijit.com/beacon?informer=13388523 HTTP 301
  • https://ce.lijit.com/beacon?informer=13388523
Request Chain 312
  • https://s.ad.smaato.net/c/?adExInit=s&redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DxTFJbLbs37tyhbKsPP9VC2cm%26source_user_id%3D%24UID&gpp=&gpp_sid= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=xTFJbLbs37tyhbKsPP9VC2cm&source_user_id=dd89a05fcd
Request Chain 314
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=26f23103-179c-4aa3-bd2c-21572cdcc184&gdpr=0&gdpr_consent=
Request Chain 317
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-triple13&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://s2s.t13.io/setuid?bidder=rubicon&uid=LPBUMEW9-N-2Z93
Request Chain 319
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=26f23103-179c-4aa3-bd2c-21572cdcc184&dongle=0cfd&gdpr=0&gdpr_consent=
Request Chain 320
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDQzMjIzMzQ5NDkyNjg0MzMzNTgyNg%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 321
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEKKFgAjLRat0-NwxqLkBHpw&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 322
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDQzMjIzMzQ5NDkyNjg0MzMzNTgyNg%3D%3D
Request Chain 324
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/4432233494926843335826?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-6Cp5MTRE2oR7UEQBMmQPAYvLlzHgkRkmUU31sGp91A--~A&dongle=0883
Request Chain 325
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=4432233494926843335826&gdpr=0&gdpr_consent=${GDPR_CONSENT} HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=triplelift HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=8162966499268527634&ssp=triplelift
Request Chain 327
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=4572801297682017392&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 329
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_cm&pn_id=c HTTP 302
  • https://ads.yieldmo.com/v000/sync?pn_id=c&google_gid=CAESEOTNAdQD_fXprPjrGmHstjs&google_cver=1
Request Chain 330
  • https://sync.1rx.io/usersync2/rmpssp?sub=yieldmo&redir%3Dhttps%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3D%5BRX_UUID%5D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4905060574 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/26f23103-179c-4aa3-bd2c-21572cdcc184 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-38d097bd-d4ec-4a21-af4c-64c777d98054-004?redir=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3DRX-38d097bd-d4ec-4a21-af4c-64c777d98054-004 HTTP 302
  • https://ads.yieldmo.com/v000/sync?pn_id=unl&id=RX-38d097bd-d4ec-4a21-af4c-64c777d98054-004
Request Chain 331
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=yieldmo&ttd_tpi=1&ttd_puid=3F3zVVV880Vliqozf89s HTTP 302
  • https://ads.yieldmo.com/v000/sync?tdid=26f23103-179c-4aa3-bd2c-21572cdcc184
Request Chain 333
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160648&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.yieldmo.com%252Fsync%253Fpn_id%253Dpub%2526id%253D%2523PMUID%2526gdpr%253DPM_GDPR%2526gdpr_consent%253DPM_CONSENT HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=160648&pmc=1&pr=https%3A%2F%2Fsync-pm.ads.yieldmo.com%2Fsync%3Fpn_id%3Dpub%26id%3D0A657C5F-D245-45A8-9BC1-CB8389B02520%26gdpr%3D-1%26gdpr_consent%3D HTTP 302
  • https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=0A657C5F-D245-45A8-9BC1-CB8389B02520&gdpr=-1&gdpr_consent=
Request Chain 334
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZV-lzwAB4Qvx7QBd
Request Chain 336
  • https://bk.r-ad.ne.jp/3/cs HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537097918&val=57UNqn00SBDAK0071rTO
Request Chain 338
  • https://sync.srv.stackadapt.com/sync?nid=268 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537082476&val=VvsKSL_3W_1J1MHeEqGRKkLLcKM
Request Chain 341
  • https://rtb.openx.net/sync/dds HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=chSS2dNJznIsVZXwikTp1w==&ox_sc=1&ox_init=1 HTTP 302
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Request Chain 343
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=3845728713393831377&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 350
  • https://sync.srv.stackadapt.com/sync?nid=13&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2319&xuid=0-56fb0a48-bff7-5bfd-49d4-c1de12a1912a$ip$66.203.112.163&dongle=4430
Request Chain 351
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://eb2.3lift.com/xuid?mid=3702&xuid=${ADELPHIC_CUID}&dongle=d54f&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3702&xuid=7b764684-b67a-4f5c-9051-193487fa428c&dongle=d54f&gdpr=0&gdpr_consent=
Request Chain 355
  • https://match.prod.bidr.io/cookie-sync/trl?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/trl?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://eb2.3lift.com/xuid?mid=7255&xuid=AALSuk7Kv8wAABNtGnu10g&dongle=bzwx&gdpr=0
Request Chain 356
  • https://triplelift-match.dotomi.com/match/bounce/current?networkId=74572&version=1&gdpr=0&gdpr_consent= HTTP 302
  • https://triplelift-match.dotomi.com/match/bounce/current?DotomiTest=5278ed04e7ab1ff2&is_secure=true&networkId=74572&version=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=6732&dongle=38F&xuid=AAALWW9tLGsnfwMMO0CzAAAAAAA&expiration=1700869969&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 357
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=83&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=83&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=3b7e9869-bcce-48a8-954a-57bf5e161fd2-655fe5d1-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D3b7e9869-bcce-48a8-954a-57bf5e161fd2-655fe5d1-5553%26partner_url%3Dhttps%253A%252F%252Feb2.3lift.com%252Fxuid%253Fmid%253D3646%2526xuid%253D3b7e9869-bcce-48a8-954a-57bf5e161fd2-655fe5d1-5553%2526dongle%253D1fa5%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=3b7e9869-bcce-48a8-954a-57bf5e161fd2-655fe5d1-5553&partner_url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3646%26xuid%3D3b7e9869-bcce-48a8-954a-57bf5e161fd2-655fe5d1-5553%26dongle%3D1fa5%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://eb2.3lift.com/xuid?mid=3646&xuid=3b7e9869-bcce-48a8-954a-57bf5e161fd2-655fe5d1-5553&dongle=1fa5&gdpr=0&gdpr_consent=
Request Chain 363
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:OkHa2n9z1R6jv35&gdpr=0&gdpr_consent=
Request Chain 364
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1974054394973408202
Request Chain 365
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/unruly?rndcb=3113068329 HTTP 302
  • https://usermatch.targeting.unrulymedia.com/usermatch/oath/y-aa0bQopE2oVqEGh3ta1Hej7cnaX2kjA_1IDj~A HTTP 302
  • https://sync.1rx.io/usersync/verizon/y-aa0bQopE2oVqEGh3ta1Hej7cnaX2kjA_1IDj~A HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-38d097bd-d4ec-4a21-af4c-64c777d98054-004?redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D97%263pid%3DRX-38d097bd-d4ec-4a21-af4c-64c777d98054-004 HTTP 302
  • https://ce.lijit.com/merge?pid=97&3pid=RX-38d097bd-d4ec-4a21-af4c-64c777d98054-004
Request Chain 366
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:ADA818C615014749BAEDB02F63B36160&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160648&pmc=1&pr=https%3A%2F%2Fsync-pm.ads.yieldmo.com%2Fsync%3Fpn_id%3Dpub%26id%3D0A657C5F-D245-45A8-9BC1-CB8389B02520%26gdpr%3D0%26gdpr_consent%3D&us_privacy=%24%7BUS_PRIVACY%7D HTTP 302
  • https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=0A657C5F-D245-45A8-9BC1-CB8389B02520&gdpr=0&gdpr_consent=
Request Chain 368
  • https://idsync.rlcdn.com/420486.gif?partner_uid=0A657C5F-D245-45A8-9BC1-CB8389B02520 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJDBBNjU3QzVGLUQyNDUtNDVBOC05QkMxLUNCODM4OUIwMjUyMBAAGg0I0cv_qgYSBQjoBxAAQgBKAA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=d6c7d6dd8392dd745264e49867dca9a36d02a0e81f8514253eb7bdb62e9cf8bc791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlBkNmM3ZDZkZDgzOTJkZDc0NTI2NGU0OTg2N2RjYTlhMzZkMDJhMGU4MWY4NTE0MjUzZWI3YmRiNjJlOWNmOGJjNzkxNDI2YjU0MTdkY2UyMRAAGgwI0cv_qgYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlBkNmM3ZDZkZDgzOTJkZDc0NTI2NGU0OTg2N2RjYTlhMzZkMDJhMGU4MWY4NTE0MjUzZWI3YmRiNjJlOWNmOGJjNzkxNDI2YjU0MTdkY2UyMRAAGgwI0cv_qgYSBAgCEABCAEoA&google_gid=CAESEKTXoa0aDPuSQcRxfMbVHcE&google_cver=1 HTTP 307
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
  • https://idsync.rlcdn.com/458249.gif?partner_uid=9aaee305-ea32-4b02-858e-807882080c4d
Request Chain 369
  • https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=27&3pid=26f23103-179c-4aa3-bd2c-21572cdcc184&gdpr=0&gdpr_consent=
Request Chain 370
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LPBUMEW9-N-2Z93&gdpr=0
Request Chain 371
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D92%263pid%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=92&3pid=4572801297682017392&gdpr=0&gdpr_consent=
Request Chain 372
  • https://tr.blismedia.com/v1/api/sync/sovrn?gdpr=0&gdpr_consent= HTTP 307
  • https://ap.lijit.com/merge?pid=94&3pid=655FE5D049CB44C07671CAA8BLIS&gdpr=0&gdpr_consent= HTTP 301
  • https://ce.lijit.com/merge?pid=94&3pid=655FE5D049CB44C07671CAA8BLIS&gdpr=0&gdpr_consent=
Request Chain 373
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=SHRQWUNCWkhLNDU1ZGNNOFJnUzYwU0t6&gdpr=0
Request Chain 374
  • https://um.simpli.fi/lj_match?r=1700783569303&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=ADA818C615014749BAEDB02F63B36160
Request Chain 375
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=SHRQWUNCWkhLNDU1ZGNNOFJnUzYwU0t6&gdpr=0 HTTP 302
  • https://s0.2mdn.net/dot.gif?gdpr=0
Request Chain 376
  • https://x.bidswitch.net/sync?ssp=fmx&us_privacy=&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?st=bidswitch&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D79%26user_id%3D_wfivefivec_%26expires%3D30%26ssp%3Dfmx%26bsw_param%3D3cc72092-cbe6-47a1-a4f7-0360898fc560 HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&st=bidswitch&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D79%26user_id%3D_wfivefivec_%26expires%3D30%26ssp%3Dfmx%26bsw_param%3D3cc72092-cbe6-47a1-a4f7-0360898fc560 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=79&user_id=aS0SQE7z1R6jv35&expires=30&ssp=fmx&bsw_param=3cc72092-cbe6-47a1-a4f7-0360898fc560
Request Chain 377
  • https://sync.1rx.io/usersync2/rmpssp?sub=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/unruly?rndcb=6216170040 HTTP 302
  • https://usermatch.targeting.unrulymedia.com/usermatch/oath/y-aa0bQopE2oVqEGh3ta1Hej7cnaX2kjA_1IDj~A HTTP 302
  • https://sync.1rx.io/usersync/verizon/y-aa0bQopE2oVqEGh3ta1Hej7cnaX2kjA_1IDj~A HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-38d097bd-d4ec-4a21-af4c-64c777d98054-004?redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D97%263pid%3DRX-38d097bd-d4ec-4a21-af4c-64c777d98054-004 HTTP 302
  • https://ce.lijit.com/merge?pid=97&3pid=RX-38d097bd-d4ec-4a21-af4c-64c777d98054-004
Request Chain 378
  • https://t.adx.opera.com/pub/sync?pubid=pub10014056052800&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?3pid=OPU1d80bda0d2304619906361725033a9c6&gdpr=0&gdpr_consent=&pid=102
Request Chain 379
  • https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=87&3pid=734eaab9-5b63-4bd3-b8a5-e9a06bc8b07b
Request Chain 380
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=23&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=3b7e9869-bcce-48a8-954a-57bf5e161fd2-655fe5d1-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D3b7e9869-bcce-48a8-954a-57bf5e161fd2-655fe5d1-5553%26partner_url%3Dhttps%253A%252F%252Fce.lijit.com%252Fmerge%253Fpid%253D16%25263pid%253D3b7e9869-bcce-48a8-954a-57bf5e161fd2-655fe5d1-5553%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=3b7e9869-bcce-48a8-954a-57bf5e161fd2-655fe5d1-5553&partner_url=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D16%263pid%3D3b7e9869-bcce-48a8-954a-57bf5e161fd2-655fe5d1-5553%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://ce.lijit.com/merge?pid=16&3pid=3b7e9869-bcce-48a8-954a-57bf5e161fd2-655fe5d1-5553&gdpr=0&gdpr_consent=
Request Chain 381
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://ce.lijit.com/merge?3pid=AAP3Yk7Kv8wAABQKlSZKBA&pid=85&gdpr=0
Request Chain 382
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=49&3pid=yiiqhoNVUZq6&ev=1&pid=558511&gdpr_consent=&gdpr=0
Request Chain 383
  • https://cs.krushmedia.com/77781087eb9a0621642f9ebec6beb8d1.gif?puid=[UID]&redir=[RED]&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.springserve.com/usersync?aid=1917&uuid=cd6484de-d7fb-4a4e-93e2-1a8fbf64cfc4
Request Chain 384
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=&tc=1 HTTP 302
  • https://ce.lijit.com/merge?pid=86&3pid=gTyfWo91to-gjHH_iK7qZMecdi4pHV-sk3fmoGs8F0k&pi=sovrn&gdpr=0&gdpr_consent=&tc=1
Request Chain 386
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=HtPYCBZHK455dcM8RgS60SKz&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=84&3pid=c:85944e7351e7baf3b71e9d4f972feb09
Request Chain 387
  • https://cms.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=vqAC3u2gVN2lpVWPvvAa3bihVIyl9w-P66eTmrpM
Request Chain 388
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=83&3pid=LPBUMEW9-N-2Z93&gdpr=0
Request Chain 394
  • https://openx2-match.dotomi.com/match/bounce/current?networkId=15900&version=1&nuid={OX_USER_ID} HTTP 302
  • https://openx2-match.dotomi.com/match/bounce/current?DotomiTest=c5dbc61d2c1fd1&is_secure=true&networkId=15900&version=1&nuid=%7BOX_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAALTbYYFojr7QMk6OHPAAAAAAA&expiration=1700869970&nuid={OX_USER_ID}&is_secure=true
Request Chain 396
  • https://um.simpli.fi/ox_match HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=ADA818C615014749BAEDB02F63B36160
Request Chain 399
  • https://i.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072979&val=REtXCVuJ1R6jv35
Request Chain 407
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://s2s.t13.io/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=i&uid=4572801297682017392
Request Chain 408
  • https://live.primis.tech/live/liveCS.php?source=external&advId=91&advUuid=0A657C5F-D245-45A8-9BC1-CB8389B02520 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1402230080&3rdpcid=0A657C5F-D245-45A8-9BC1-CB8389B02520
Request Chain 416
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=26f23103-179c-4aa3-bd2c-21572cdcc184&gdpr=0&gdpr_consent=
Request Chain 418
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694&gdpr=0&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LPBUMEW9-N-2Z93&gdpr=0
Request Chain 425
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZV-lzhynmEB9jLIUcQ17wgAA%264705&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZV-lzhynmEB9jLIUcQ17wgAA%264705&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=808fcfab1db14105aa777fe76022241b HTTP 303
  • https://i6.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZV-lzhynmEB9jLIUcQ17wgAA%264705&gpp_sid=&us_privacy=&gpdr=
Request Chain 426
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4572801297682017392
Request Chain 428
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAP3Yk7Kv8wAABQKlSZKBA&expiration=1701993170
Request Chain 429
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=S5hfSRiYCUpQnQgYS8hHSk2ZCRtQz1IYHp-_x3_V
Request Chain 430
  • https://sync.srv.stackadapt.com/sync?nid=68 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=VvsKSL_3W_1J1MHeEqGRKkLLcKM
Request Chain 431
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZV-lzhynmEB9jLIUcQ17wgAA%264705?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZV-lzhynmEB9jLIUcQ17wgAA%264705
Request Chain 432
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZV_lzhynmEB9jLIUcQ17wgAAEmEAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=194134d25b8e7f49e6297c71ab29890&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3d&34673=ZV_lzhynmEB9jLIUcQ17wgAAEmEAAAIB&gdpr=0&gdpr_consent=
Request Chain 434
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFBCVU1FVzktTi0yWjkz HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELFgyQ9bG0wnVbp2ZV4CbG0&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBCVU1FVzktTi0yWjkz&google_push=
Request Chain 435
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LPBUMEW9-N-2Z93
Request Chain 436
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECkg4HBpnxPtU35BjMVB0AA&google_cver=1
Request Chain 437
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/NOH3katHnbsx__KvaoOTgA?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-NjBGbQxE2oIoxjToY_HX2TTxW_8LQtcHNSTpgA--~A
Request Chain 438
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=M6Xqy3_vRzGA8pJWTWEA0w&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=M6Xqy3_vRzGA8pJWTWEA0w
Request Chain 439
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=26f23103-179c-4aa3-bd2c-21572cdcc184&gdpr=0&gdpr_consent=&expires=30
Request Chain 440
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LPBUMEW9-N-2Z93&ex=d-rubiconproject.com&status=ok
Request Chain 442
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OGU1Nzc0OWY3OTUyODdjZTQ4OWVmNDQzOGIyNTliZGQxOTJmMzA0NQ
Request Chain 443
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp HTTP 303
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAP3Yk7Kv8wAABQKlSZKBA&expires=30
Request Chain 444
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564 HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LPBUMEW9-N-2Z93&pId=11&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LPBUMEW9-N-2Z93&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
Request Chain 445
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LPBUMEW9-N-2Z93&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LPBUMEW9-N-2Z93&redir=true HTTP 302
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1PRWFxNXRKRTJ1RkVXbExYLlZLZzl4Slozd2dQazVvU35B&ovsid=LPBUMEW9-N-2Z93&dpid=58160
Request Chain 446
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LPBUMEW9-N-2Z93
Request Chain 447
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LPBUMEW9-N-2Z93
Request Chain 448
  • https://token.rubiconproject.com/token?pid=37556&a=1 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LPBUMEW9-N-2Z93
Request Chain 449
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LPBUMEW9-N-2Z93
Request Chain 453
  • https://sync.resetdigital.co/csync?pid=rubicon&puid={Publisher%20UID}&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dresetdigital%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24USER_ID HTTP 302
  • https://s2s.t13.io/setuid?bidder=resetdigital&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=i&uid=0000011E43D78C23

463 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.turtlediary.com/
Redirect Chain
  • http://www.turtlediary.com/
  • https://www.turtlediary.com/
173 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-62.syd62.r.cloudfront.net
Software
Apache/2.4.54 (Unix) OpenSSL/1.1.1n / PHP/7.4.14
Resource Hash
c6aafa40c0301e6e21601208fcb1e87a61acaa1da0cc62711e2d4fbcf5bd82cf
Security Headers
Name Value
X-Frame-Options allow-from SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-headers
Accept, Authorization, Origin, Content-Type
access-control-allow-methods
GET,POST,OPTIONS,DELETE,PUT
access-control-allow-origin
*
age
19184
content-encoding
gzip
content-length
28991
content-type
text/html; charset=UTF-8
date
Thu, 23 Nov 2023 18:32:58 GMT
server
Apache/2.4.54 (Unix) OpenSSL/1.1.1n
vary
Accept-Encoding
via
1.1 00f0469d54a973389150a36c64065326.cloudfront.net (CloudFront)
x-amz-cf-id
-FXAlnC6p6Sn6asybWtGcuxLloU54sIVdwtdvcgYfWFlWGI5etlIYw==
x-amz-cf-pop
SYD62-P1
x-cache
Hit from cloudfront
x-frame-options
allow-from SAMEORIGIN
x-powered-by
PHP/7.4.14

Redirect headers

Connection
keep-alive
Content-Length
167
Content-Type
text/html
Date
Thu, 23 Nov 2023 23:52:42 GMT
Location
https://www.turtlediary.com/
Server
CloudFront
Vary
Origin
Via
1.1 e575582c24a1bc95cd06311c3837a63a.cloudfront.net (CloudFront)
X-Amz-Cf-Id
Ig6DqD-sZa0Buw8FVMKw8GeB3UeXaT-FIR0RlP-e4_4fqOshDLIDHA==
X-Amz-Cf-Pop
SYD62-P1
X-Cache
Redirect from cloudfront
/
www.turtlediary.com/min/ 		272 KB
44 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.turtlediary.com/min/?g=tdcss_home&v=59.32
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-62.syd62.r.cloudfront.net
Software
Apache/2.4.54 (Unix) OpenSSL/1.1.1n / PHP/7.4.14
Resource Hash
81210e7ce6c6033375740aea23a5844dec8a611027f6bb3b7c44d1fdebe3a4ec
Security Headers
Name Value
X-Frame-Options allow-from SAMEORIGIN

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 20:53:01 GMT
content-encoding
gzip
via
1.1 00f0469d54a973389150a36c64065326.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P1
age
10781
x-powered-by
PHP/7.4.14
x-cache
Hit from cloudfront
content-length
44294
last-modified
Thu, 16 Nov 2023 07:34:22 GMT
server
Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag
"pub1700120062;gz"
x-frame-options
allow-from SAMEORIGIN
access-control-allow-methods
GET,POST,OPTIONS,DELETE,PUT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
vary
Accept-Encoding
access-control-allow-headers
Accept, Authorization, Origin, Content-Type
x-amz-cf-id
Vsu3K4BB2Bcmqv5Q_tAypVI-AJ8RpmULD_6zRdPwU6qqweXnPVY60g==
expires
Fri, 24 Nov 2023 20:53:00 GMT
css2
fonts.googleapis.com/ 		8 KB
980 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Dosis:wght@200;300;400;500;600;700;800&display=swap&v=?ver=59.32
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f10.1e100.net
Software
ESF /
Resource Hash
3988cd2abb8e7c863fa05d202933cb13ed0fbf32efbf30188312375cb85e930f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 23 Nov 2023 23:52:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 23 Nov 2023 23:29:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 23 Nov 2023 23:52:42 GMT
js
www.googletagmanager.com/gtag/ 		285 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-W1C8HMBE0D
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.232 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
26d05bbbc6161e973f251434c2e9888b7c1a5d465a8a6850d3caaf987cbf7510
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 23:52:44 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
95151
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 23 Nov 2023 23:52:44 GMT
td-logo-3.webp
cdn.turtlediary.com/homepage/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.turtlediary.com/homepage/td-logo-3.webp
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-16.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bad4155111cfa8d146fe8dcdcf3935651d730dfd8fc67550c14f8ae8fe41bb69

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
2sUMdTA_FDT2HqmxWnlmGyu7yYWYqo1T
date
Thu, 23 Nov 2023 00:36:47 GMT
via
1.1 701510d744831cda18c48da0cb099172.cloudfront.net (CloudFront)
last-modified
Tue, 30 Aug 2022 09:47:08 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
age
83756
etag
"1bf86a227e34fd0e168e424f076f3a28"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
binary/octet-stream
accept-ranges
bytes
content-length
2870
x-amz-cf-id
vUqZErFmadCr_Qh-Gj8KzrVabJhsOq8J2uuj3J6p91YpZX9zVG_jiA==
assignment.webp
media.turtlediary.com/homepage/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.turtlediary.com/homepage/assignment.webp
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-16.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f4a9c7e802b59da407d928f885788fca893d1e025169c9c2e32806143c23fdc0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
y1.UAig00LON3aL4HQFyL0kg4vkg4EbJ
date
Thu, 23 Nov 2023 00:53:29 GMT
via
1.1 701510d744831cda18c48da0cb099172.cloudfront.net (CloudFront)
last-modified
Tue, 30 Aug 2022 09:47:07 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
age
82769
etag
"3cbbd4a0ded33d4e7975634452871130"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
binary/octet-stream
accept-ranges
bytes
content-length
2272
x-amz-cf-id
FrwfN5xgemhEL85cuUlVpQWJcvLbF8EYAPllYG8ETP4e1hOpSwX8tw==
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f10.1e100.net
Software
sffe /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 10:58:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
132849
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31021
x-xss-protection
0
last-modified
Fri, 08 May 2020 07:05:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 21 Nov 2024 10:58:34 GMT
positionscroll2.js
www.turtlediary.com/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.turtlediary.com/js/positionscroll2.js
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-62.syd62.r.cloudfront.net
Software
Apache/2.4.54 (Unix) OpenSSL/1.1.1n /
Resource Hash
9c5eab6657a64c3738f572154f23d884c4d15da744a4eea7f6cc0d4a942d2bd9
Security Headers
Name Value
X-Frame-Options allow-from SAMEORIGIN

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 07:56:57 GMT
content-encoding
gzip
via
1.1 00f0469d54a973389150a36c64065326.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P1
age
662145
x-cache
Hit from cloudfront
content-length
2711
server
Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-frame-options
allow-from SAMEORIGIN
access-control-allow-methods
GET,POST,OPTIONS,DELETE,PUT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, public
vary
Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
Accept, Authorization, Origin, Content-Type
x-amz-cf-id
OSPz30KK3xJfdt8EZX7TfirgdShdXU8wapGTwJHihCvYeP82oMes8w==
expires
Thu, 23 Nov 2023 07:56:57 GMT
jquery.modal.min.css
cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.css
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eaa593bcfe485f4b5a8ac997cf9936604f9fbef91652db94a8e22b75d612bfc1
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 23:52:43 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
183215
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1541
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-c81"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i7MLa%2B2eo5725lCSc8kqOREE9lhcn%2FQmdbIk%2BjLEpqbIXEItDFhTg%2BUiczXHf%2F%2F7MJYNCgACq2Pd%2Bn8ss%2F6lKq%2FlrnOFjm8jbu6bIGPh7cx%2BzAcBbgDUFXk8LaZfqn%2FHgUMx340L"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
82ad53d60f905c05-SYD
expires
Tue, 12 Nov 2024 23:52:43 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.0.0/ 		84 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.0.0/jquery.min.js
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 23:52:43 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
183183
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27139
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-15145"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rKUn7YWFWSYAQmw2ks%2BFwsGCJvg3Q8lKzUX8lsNdkJnNAP5H4FbA47QReDp4bI6fczGu2lOVIFgWbCOm82yLh%2FzyCxhOFkWGYNsPiJ14nnlQSF3U06NZKJU%2FTiflzuu0ZLv12loT"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
82ad53d60f925c05-SYD
expires
Tue, 12 Nov 2024 23:52:43 GMT
jquery.modal.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.js
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7e8ed2d7bbdbcaeeee81c3433f057d64a32c000112bbd09b5969fc658d0a655
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 23:52:43 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
183215
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1399
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-1359"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dmoSFbbREVQ5QuOM1YFVMrwW%2BIHkU0bHQOqWksXP5u%2B8%2BtJ9fDzLvcqMcu1mxMauAyFreH7uZ4e7cZXje5nqCou52vv91MtdPHrvxEsua6CGER4pWu0gHSvMUGosOIMs6URStSJ2"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
82ad53d62fb85c05-SYD
expires
Tue, 12 Nov 2024 23:52:43 GMT
adv-rt-img.webp
media.turtlediary.com/homepage/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.turtlediary.com/homepage/adv-rt-img.webp
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-16.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c561d7fffec8bd07961d6d60c7be2d27f6898d162b603329254f6dcef7394d53

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
u6PLcvIPylJwCAka00RUmK9URXMKr099
date
Thu, 23 Nov 2023 21:39:38 GMT
via
1.1 701510d744831cda18c48da0cb099172.cloudfront.net (CloudFront)
last-modified
Tue, 30 Aug 2022 09:47:07 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
age
10782
etag
"244065c3ea0b6b8f7862858e45233ce8"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
binary/octet-stream
accept-ranges
bytes
content-length
6096
x-amz-cf-id
_8eW0YhlMzRsyPWcRinL_WTeTf-3uBA82ObpVDJqA3NFXOcHPCsQ1w==
adv-lft-img.webp
media.turtlediary.com/homepage/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.turtlediary.com/homepage/adv-lft-img.webp
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-16.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
35981b6766cb407cfcff7271ceff3057e9ad15da9a56bf9cac2dfe5bb9f5cf47

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:08:31 GMT
x-amz-version-id
5e3049gEVsB9kdwTE.GuO2lds.vM7Shm
via
1.1 701510d744831cda18c48da0cb099172.cloudfront.net (CloudFront)
last-modified
Tue, 30 Aug 2022 09:47:07 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
age
74653
etag
"b5a2d3d4e5a802c50f5d35e31c77442a"
vary
Origin
x-cache
Hit from cloudfront
content-type
binary/octet-stream
accept-ranges
bytes
content-length
6568
x-amz-cf-id
FOEXpBBgtv1C4N5CiK90nwaWpKU7bFrgUGLHCYaht-mKqQpxACLzwQ==
car-race-multiplayer-th.webp
media.turtlediary.com/games/span/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.turtlediary.com/games/span/car-race-multiplayer-th.webp
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-16.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d2531c060499a31d29528942642ecaf731ca7d26f8c2ffe3b9aba20f79a51419

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
dZeLjLivMnqLNL69h8CtqjkB9CkM2Z4l
date
Thu, 23 Nov 2023 06:09:10 GMT
via
1.1 701510d744831cda18c48da0cb099172.cloudfront.net (CloudFront)
last-modified
Tue, 30 Aug 2022 09:46:19 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
age
63814
etag
"94cabeea6c460450113a6f1b19a56155"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
binary/octet-stream
accept-ranges
bytes
content-length
5200
x-amz-cf-id
w9ErUnO_ifJc8JySi-3nTUSHuGv4moO6b22znh5xGlHkAws7lFc_6w==
plyThumbOn.webp
media.turtlediary.com/homepage/ 		940 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.turtlediary.com/homepage/plyThumbOn.webp
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-16.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a5ee1ee672866c689ca31e8c8ed157d602f67f0e25125cadebff402152a5f0e4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
yOkKWrOJAheBdk00cgu2C.K4WV1hNiD3
date
Thu, 23 Nov 2023 13:32:05 GMT
via
1.1 701510d744831cda18c48da0cb099172.cloudfront.net (CloudFront)
last-modified
Tue, 30 Aug 2022 09:47:08 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
age
37238
etag
"021c8a7abb4f42a3f492f1c8c260aa86"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
binary/octet-stream
accept-ranges
bytes
content-length
940
x-amz-cf-id
YIKYhD2K0iaEbzTMwNW4AbWuPT7XLTMd0TbdIhkZBtH4IsagUUyqqw==
basketball.webp
media.turtlediary.com/games/span/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.turtlediary.com/games/span/basketball.webp
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-16.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dfb95277447e40b12c0841ece47ecc7b56e0e596e2ba986c31fb09db7d76c844

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
vADIfdDz.ibrIrGEB9iCjN3OLlLLcw7Q
date
Thu, 23 Nov 2023 19:45:23 GMT
via
1.1 701510d744831cda18c48da0cb099172.cloudfront.net (CloudFront)
last-modified
Tue, 30 Aug 2022 09:46:18 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
age
14840
etag
"c6d91cf51d7019bba904fa99d3ce442b"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
binary/octet-stream
accept-ranges
bytes
content-length
5382
x-amz-cf-id
aAWPmUoHhvWBuBqoHTO9CnhR2UCkaRnAPbBvqHQXxxMRfkVCPO1x4w==
ninja-car-race-multiplayer.webp
media.turtlediary.com/games/span/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.turtlediary.com/games/span/ninja-car-race-multiplayer.webp
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-16.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
92033b58253abb0529325a307ee85442a1fdea546a274288480595391784a510

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
JwFMk3Bl0Vc3ZwhRtzP8KmqjMCd9N8GD
date
Thu, 23 Nov 2023 20:44:35 GMT
via
1.1 701510d744831cda18c48da0cb099172.cloudfront.net (CloudFront)
last-modified
Tue, 30 Aug 2022 09:46:49 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
age
11944
etag
"fe03d8ba7054ce8e1811d321f2441dfd"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
binary/octet-stream
accept-ranges
bytes
content-length
3734
x-amz-cf-id
OJh2MsjCBPxQ_hFX4jns_d7Hm6NP-277PcxBl54UGIor02Z3Uo9KCw==
preschool-color-by-number.webp
media.turtlediary.com/games/span/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.turtlediary.com/games/span/preschool-color-by-number.webp
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-16.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
781a26644f200441299dd3f071392c63fcf15cab6a77f699936866a2b9d6c883

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
V4LdJO9S2eAepykZyZYWLioeOZxVKBRM
date
Thu, 23 Nov 2023 06:26:25 GMT
via
1.1 701510d744831cda18c48da0cb099172.cloudfront.net (CloudFront)
last-modified
Tue, 30 Aug 2022 09:46:52 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
age
62779
etag
"6f76f25371b7bb3face630e32e514f2c"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
binary/octet-stream
accept-ranges
bytes
content-length
4252
x-amz-cf-id
63OVOz4HtYULnf4FB5eO8_andfk_zfen3cwDYEDNAn9tMzxEG6a0_w==
car-race-multiplayer.webp
media.turtlediary.com/games/span/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.turtlediary.com/games/span/car-race-multiplayer.webp
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-16.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
caaccf1f675a43bfcd899e0530dc1d60bab848db13170024b741abf316d02c73

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 04:01:35 GMT
x-amz-version-id
dsFvqS2pJEwQDcyFeyUxGft.8pE7kZnh
via
1.1 701510d744831cda18c48da0cb099172.cloudfront.net (CloudFront)
last-modified
Thu, 19 Jan 2023 13:21:01 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
age
71469
etag
"4bef26a172f138ddac863bb5876dbcc3"
x-amz-server-side-encryption
AES256
vary
Origin
x-cache
Hit from cloudfront
content-type
image/webp
accept-ranges
bytes
content-length
4110
x-amz-cf-id
NBZHginYAQ8B8FwBnQQUBOGg2qUCOQJtWqFgRuC_h4IUjF_uWJ0ytg==
what-are-nouns.webp
media.turtlediary.com/games/span/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.turtlediary.com/games/span/what-are-nouns.webp
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-16.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c7f1618546c551ed350b3f5c066681e91bd17ce9f2eaf1c539f2a65cb3e1966d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
nc8VzkJQsLLgPLggmNj6b_dpam.TO2_D
date
Thu, 23 Nov 2023 06:38:08 GMT
via
1.1 701510d744831cda18c48da0cb099172.cloudfront.net (CloudFront)
last-modified
Mon, 13 Feb 2023 06:30:18 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
age
62076
x-amz-server-side-encryption
AES256
etag
"b4b2dc6a169650419bbb597718b13974"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
image/webp
accept-ranges
bytes
content-length
5432
x-amz-cf-id
CvSOY5espxAlwPeKhIpxValQy92O2ZJ6sHelTm4oefYzF_cPoRaLRw==
balloon-typing.webp
media.turtlediary.com/games/span/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.turtlediary.com/games/span/balloon-typing.webp
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-16.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4bb3c40a43446eab98cb29c3b7981dee8aa8be1be445fdcbf2e50067e39e6875

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:08:31 GMT
x-amz-version-id
0mEKqrWuH.PpaGKm9oGilhaalsFWT8x_
via
1.1 701510d744831cda18c48da0cb099172.cloudfront.net (CloudFront)
last-modified
Tue, 30 Aug 2022 09:46:18 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
age
74653
etag
"fba9af9799d3d59c42b757ca799186a5"
vary
Origin
x-cache
Hit from cloudfront
content-type
binary/octet-stream
accept-ranges
bytes
content-length
2836
x-amz-cf-id
1wx2G7hs2vleaqNfjXs03eFDAF77dJPZZurzyIBb_wX7VhQogo2fbw==
climbing-stickman-multiplayer.webp
media.turtlediary.com/games/span/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.turtlediary.com/games/span/climbing-stickman-multiplayer.webp
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-16.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
334416c325a77993e33c282928a7f6b05d28c54ed5aaebfc9fd1614008c81ab7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
xsb5h56vXe__eeESpTpjgYBOMcPCEWC5
date
Thu, 23 Nov 2023 20:19:30 GMT
via
1.1 701510d744831cda18c48da0cb099172.cloudfront.net (CloudFront)
last-modified
Tue, 30 Aug 2022 09:46:19 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
age
12793
etag
"244d88d55c142e75a0b1bbf1fb67e191"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
binary/octet-stream
accept-ranges
bytes
content-length
7314
x-amz-cf-id
F8XySyihTbtMk0Vsdv4hcy9PIVXbpF6xUyEJ--TfUukdImHUedoaAg==
grade-4-shoot-for-metaphors-and-similes.webp
media.turtlediary.com/games/span/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.turtlediary.com/games/span/grade-4-shoot-for-metaphors-and-similes.webp
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-16.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7a915f4bd01ad242715e416ee5f0bcad56a0d7f785df6f10f1343ce4f0531265

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:08:31 GMT
x-amz-version-id
ouamcrFADw5G7ISptq.6GUDRgqHu3kmn
via
1.1 701510d744831cda18c48da0cb099172.cloudfront.net (CloudFront)
last-modified
Tue, 30 Aug 2022 09:46:27 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
age
74653
etag
"125fbd189e0f55dc2e6bcadd977d94f2"
vary
Origin
x-cache
Hit from cloudfront
content-type
binary/octet-stream
accept-ranges
bytes
content-length
4556
x-amz-cf-id
qNYxF14gcO6raVBpIU53GEWvX72R9QgN44SIA9s2G7inwPWwY3sV3A==
grade-k-box-the-keys.webp
media.turtlediary.com/games/span/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.turtlediary.com/games/span/grade-k-box-the-keys.webp
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-16.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1d67b9c2184e174c895b39e925c743bf2b20c2e6bdaf908a6860a51cbfc28c5d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
rm2qTyavlV2xZYbxmqxyoZ30kewwJ_Bo
date
Thu, 23 Nov 2023 06:38:08 GMT
via
1.1 701510d744831cda18c48da0cb099172.cloudfront.net (CloudFront)
last-modified
Tue, 30 Aug 2022 09:46:28 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
age
62076
etag
"2ed39dc024e46e0639237d480468bb7a"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
binary/octet-stream
accept-ranges
bytes
content-length
3644
x-amz-cf-id
UPBswDNVCCoTfuJ2wQh1Cl0ohpu108NJQkX7KrBZCSZ3iQOHKzi7rQ==
candy-typing.webp
media.turtlediary.com/games/span/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.turtlediary.com/games/span/candy-typing.webp
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-16.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5871778f6ee047af0d2aa445d97b568e374fab1f88da69e5f1041939f3474fc4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
cEsGB7VZ1a4DMgeKRLVZ6JnSfJ8.96On
date
Thu, 23 Nov 2023 21:39:38 GMT
via
1.1 701510d744831cda18c48da0cb099172.cloudfront.net (CloudFront)
last-modified
Tue, 30 Aug 2022 09:46:19 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
age
10782
etag
"c400fbf3bc5459889d29a15a6b59a5e2"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
binary/octet-stream
accept-ranges
bytes
content-length
4276
x-amz-cf-id
O7Fwwd0iAa6panQGX_Et5_4wkoLMjJnyo-ijPLVzEgX1KY_1ojvWcA==
typing-ninja.webp
media.turtlediary.com/games/span/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.turtlediary.com/games/span/typing-ninja.webp
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-16.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fc8295c10eb74bfc39252e0cdb679d5652befa2123a3bafd9edf35d05338b9bf

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
wiyQClkdLqZP8ofuTAfJZutcczo8fWVz
date
Thu, 23 Nov 2023 21:39:38 GMT
via
1.1 701510d744831cda18c48da0cb099172.cloudfront.net (CloudFront)
last-modified
Tue, 30 Aug 2022 09:46:57 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
age
10781
etag
"fd6566f214f8e1f1af1b60a065e3cd27"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
binary/octet-stream
accept-ranges
bytes
content-length
2728
x-amz-cf-id
UgoJSeA9j2Lj83OH_ZfLawRncWFCeKOUhPvRge7MP_J0fn72vpq7ug==
td-logo.webp
cdn.turtlediary.com/homepage/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.turtlediary.com/homepage/td-logo.webp
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-16.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bf49e27fc683ba28a41f55094272531e6b8375d5c37e90392a671f5c551a2888

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
mHMgW7OEMz_g8NyEx9sbRhHsP_jZeo30
date
Thu, 23 Nov 2023 02:22:06 GMT
via
1.1 701510d744831cda18c48da0cb099172.cloudfront.net (CloudFront)
last-modified
Tue, 30 Aug 2022 09:47:08 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
age
77438
etag
"35df5228350d00f2008ffba3da6de96c"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
binary/octet-stream
accept-ranges
bytes
content-length
2692
x-amz-cf-id
V2qCS6n_OSEDB3hrmzvaW6XaNT0xcBjwiQDWQ_8Uk_eqrsjxR_3t6A==
xleading-educators.webp
cdn.turtlediary.com/homepage/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.turtlediary.com/homepage/xleading-educators.webp
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-16.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8c51666dc597f3c00d8b96c9cdcea12f28b4add101103868b0df81fbaa0b069f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
4FUA0yaaaV8SYzc58VTew5TodZL9RFQN
date
Thu, 23 Nov 2023 00:52:40 GMT
via
1.1 701510d744831cda18c48da0cb099172.cloudfront.net (CloudFront)
last-modified
Tue, 30 Aug 2022 09:47:08 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
age
82804
etag
"e2b76b3ca8979422326401c07af39dbb"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
binary/octet-stream
accept-ranges
bytes
content-length
3084
x-amz-cf-id
DyEpPmBZyLVI1pp6BLY-teUQfeWjxxK4Gin4sTwaMKjzBhTTH3ocZg==
gw-kids.webp
cdn.turtlediary.com/homepage/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.turtlediary.com/homepage/gw-kids.webp
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-16.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
94250919b0ff8ec072aa2503949b2aa0d54064c771413d59f9e688f4edff260d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
fgzrhKHFkhP3mWf.Ig_UbhjKeSdfDYD8
date
Thu, 23 Nov 2023 00:52:40 GMT
via
1.1 701510d744831cda18c48da0cb099172.cloudfront.net (CloudFront)
last-modified
Tue, 30 Aug 2022 09:47:07 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
age
82804
etag
"9049e4fcf27efd6fc5eb8e005a58903d"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
binary/octet-stream
accept-ranges
bytes
content-length
2522
x-amz-cf-id
tbDYzrJQrTEJtGWcQlrz6KNhJyn97lpYxWpAV3kugs-Rb46MiPRADg==
home-school-img.webp
cdn.turtlediary.com/homepage/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.turtlediary.com/homepage/home-school-img.webp
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-16.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fdf89d1a74034d42ce15ca995a045aa9a3dac6a12209cba90445d6a0ca2368d5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
RqNfQqscqg8f2GnP9FQy8OhFaKp5bGqb
date
Thu, 23 Nov 2023 02:22:06 GMT
via
1.1 701510d744831cda18c48da0cb099172.cloudfront.net (CloudFront)
last-modified
Tue, 30 Aug 2022 09:47:07 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
age
77438
etag
"841cdc4243d36ce2725035ef2e60fbe7"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
binary/octet-stream
accept-ranges
bytes
content-length
1820
x-amz-cf-id
DgpJfDxumwp_NNT5vua0PE43-TlbvRsTUf9cQMH1A1PX4h4oSg0XjA==
ads-badge.webp
cdn.turtlediary.com/homepage/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.turtlediary.com/homepage/ads-badge.webp
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-16.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fc76ad27ec124c4daa115980a9bea11d31252e3f7a580b455e5578f90a2ef98d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
S753Bf1zJ0TM6kTVSGkZWozCI0Hk0J1i
date
Thu, 23 Nov 2023 01:12:23 GMT
via
1.1 701510d744831cda18c48da0cb099172.cloudfront.net (CloudFront)
last-modified
Tue, 30 Aug 2022 09:47:07 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
age
81621
etag
"66bea8b05cd38d033b7b619ac5c92edc"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
binary/octet-stream
accept-ranges
bytes
content-length
3032
x-amz-cf-id
d3_vGsdd6TfDkW0Lds7BAd-uiKrdDiZPwp_9etdonwEulo-vzHgPtA==
socket.io.js
nodejs.turtlediary.com/socket.io/ 		105 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nodejs.turtlediary.com/socket.io/socket.io.js
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.198.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-198-148.compute-1.amazonaws.com
Software
/
Resource Hash
78f843d3abb760189d189f74b3f80bb0ca13e40ede8caad1c05c321ffeb78cf4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 23:52:43 GMT
cache-control
public, max-age=0
content-encoding
gzip
etag
"4.4.1"
content-type
application/javascript
client.js
www.turtlediary.com/js/html5/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.turtlediary.com/js/html5/client.js?v=59.43
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-62.syd62.r.cloudfront.net
Software
Apache/2.4.54 (Unix) OpenSSL/1.1.1n /
Resource Hash
bd351964a6d11d6d1080c25b6d081821d598622929758e010a337bc04710a5aa
Security Headers
Name Value
X-Frame-Options allow-from SAMEORIGIN

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 07:56:57 GMT
content-encoding
gzip
via
1.1 00f0469d54a973389150a36c64065326.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P1
age
662146
x-cache
Hit from cloudfront
content-length
3170
server
Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-frame-options
allow-from SAMEORIGIN
access-control-allow-methods
GET,POST,OPTIONS,DELETE,PUT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, public
vary
Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
Accept, Authorization, Origin, Content-Type
x-amz-cf-id
PciTv6sOaIM7HoHDEl0kKUEfQVnW86oD9iA283RmfKEsSuGFdWEsBQ==
expires
Thu, 23 Nov 2023 07:56:57 GMT
jquery-3.5.1.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.5.1.min.js
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 23:52:43 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
2328876
x-cache
HIT, HIT
content-length
30879
x-served-by
cache-lga13628-LGA, cache-bne12521-BNE
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1700783564.848335,VS0,VE0
etag
W/"28feccc0-15d84"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
39, 545901
custom.js
www.turtlediary.com/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.turtlediary.com/js/custom.js?v=59.43
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-62.syd62.r.cloudfront.net
Software
Apache/2.4.54 (Unix) OpenSSL/1.1.1n /
Resource Hash
abb60e7cf9f019236835676934158d2c4ab822b64e56b9afa627bde68c0e4a5b
Security Headers
Name Value
X-Frame-Options allow-from SAMEORIGIN

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 07:56:57 GMT
content-encoding
gzip
via
1.1 00f0469d54a973389150a36c64065326.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P1
age
662146
x-cache
Hit from cloudfront
content-length
767
server
Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-frame-options
allow-from SAMEORIGIN
access-control-allow-methods
GET,POST,OPTIONS,DELETE,PUT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, public
vary
Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
Accept, Authorization, Origin, Content-Type
x-amz-cf-id
LQXHvOhBhQqwHJykVJA6j01Z3g21DEI5XcxAkjHC0rKQtR_GzNFn4w==
expires
Thu, 23 Nov 2023 07:56:57 GMT
/
www.turtlediary.com/min/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.turtlediary.com/min/?g=tdjs&v=59.43
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-62.syd62.r.cloudfront.net
Software
Apache/2.4.54 (Unix) OpenSSL/1.1.1n / PHP/7.4.14
Resource Hash
3df6b36b3d9ec91ec8ee170906cc6ef2f2247be1d1e715880ee5477dd38c4e37
Security Headers
Name Value
X-Frame-Options allow-from SAMEORIGIN

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 08:07:14 GMT
content-encoding
gzip
via
1.1 00f0469d54a973389150a36c64065326.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P1
age
56729
x-powered-by
PHP/7.4.14
x-cache
Hit from cloudfront
content-length
3598
last-modified
Thu, 16 Nov 2023 07:34:22 GMT
server
Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag
"pub1700120062;gz"
x-frame-options
allow-from SAMEORIGIN
access-control-allow-methods
GET,POST,OPTIONS,DELETE,PUT
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
vary
Accept-Encoding
access-control-allow-headers
Accept, Authorization, Origin, Content-Type
x-amz-cf-id
275-rNW2PMoJ7ndsPLUGScE1Du6S2G8nAyzbMh-Ry7PHrAbvotPn3w==
expires
Fri, 24 Nov 2023 08:07:14 GMT
/
www.turtlediary.com/min/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.turtlediary.com/min/?g=jqueryjs&v=59.43
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-62.syd62.r.cloudfront.net
Software
Apache/2.4.54 (Unix) OpenSSL/1.1.1n / PHP/7.4.14
Resource Hash
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
Security Headers
Name Value
X-Frame-Options allow-from SAMEORIGIN

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 08:07:15 GMT
content-encoding
gzip
via
1.1 00f0469d54a973389150a36c64065326.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P1
age
56728
x-powered-by
PHP/7.4.14
x-cache
Hit from cloudfront
content-length
33217
last-modified
Thu, 16 Nov 2023 07:34:22 GMT
server
Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag
"pub1700120062;gz"
x-frame-options
allow-from SAMEORIGIN
access-control-allow-methods
GET,POST,OPTIONS,DELETE,PUT
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
vary
Accept-Encoding
access-control-allow-headers
Accept, Authorization, Origin, Content-Type
x-amz-cf-id
zpA0MM7-prUgZJsXiTIdi9ivjlbOf6_oO6ytLMurcJo5c-QiHtH-4A==
expires
Fri, 24 Nov 2023 08:07:15 GMT
/
www.turtlediary.com/min/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.turtlediary.com/min/?g=footertdjs2&v=59.43
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-62.syd62.r.cloudfront.net
Software
Apache/2.4.54 (Unix) OpenSSL/1.1.1n / PHP/7.4.14
Resource Hash
ad6e2d53f24ebad6e0d6be3058074a91caef2453cceba2b27e4774e1c88e3afe
Security Headers
Name Value
X-Frame-Options allow-from SAMEORIGIN

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 08:07:15 GMT
content-encoding
gzip
via
1.1 00f0469d54a973389150a36c64065326.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P1
age
56728
x-powered-by
PHP/7.4.14
x-cache
Hit from cloudfront
content-length
2517
last-modified
Thu, 16 Nov 2023 07:34:22 GMT
server
Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag
"pub1700120062;gz"
x-frame-options
allow-from SAMEORIGIN
access-control-allow-methods
GET,POST,OPTIONS,DELETE,PUT
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
vary
Accept-Encoding
access-control-allow-headers
Accept, Authorization, Origin, Content-Type
x-amz-cf-id
OOMI7cg44tLbhG4tv2rV-7SJyuU6k5bJdZr8JQ45P9wuU9M_3mJ3QQ==
expires
Fri, 24 Nov 2023 08:07:15 GMT
/
www.turtlediary.com/min/ 		52 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.turtlediary.com/min/?g=footertdjs1&v=59.43
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-62.syd62.r.cloudfront.net
Software
Apache/2.4.54 (Unix) OpenSSL/1.1.1n / PHP/7.4.14
Resource Hash
778599c0c8c1d5e2f5f9f4776c0a15f08eb09b0a3a7617f1ae9c4b05c8109b03
Security Headers
Name Value
X-Frame-Options allow-from SAMEORIGIN

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 08:07:15 GMT
content-encoding
gzip
via
1.1 00f0469d54a973389150a36c64065326.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P1
age
56728
x-powered-by
PHP/7.4.14
x-cache
Hit from cloudfront
content-length
15200
last-modified
Thu, 16 Nov 2023 07:34:22 GMT
server
Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag
"pub1700120062;gz"
x-frame-options
allow-from SAMEORIGIN
access-control-allow-methods
GET,POST,OPTIONS,DELETE,PUT
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
vary
Accept-Encoding
access-control-allow-headers
Accept, Authorization, Origin, Content-Type
x-amz-cf-id
noQ7askJTplZkdG53D7FrEb7XOUEwhvD5J4-1SMQEP-ubOUYcIw8Lw==
expires
Fri, 24 Nov 2023 08:07:15 GMT
/
www.turtlediary.com/min/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.turtlediary.com/min/?g=footertdjs3&v=59.43
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-62.syd62.r.cloudfront.net
Software
Apache/2.4.54 (Unix) OpenSSL/1.1.1n / PHP/7.4.14
Resource Hash
e2e1ad18cce5424b905ba2f78b3970a9f26ce651ac6c03b99d706e639d392b06
Security Headers
Name Value
X-Frame-Options allow-from SAMEORIGIN

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 08:07:15 GMT
content-encoding
gzip
via
1.1 00f0469d54a973389150a36c64065326.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P1
age
56728
x-powered-by
PHP/7.4.14
x-cache
Hit from cloudfront
content-length
2302
last-modified
Thu, 16 Nov 2023 07:34:22 GMT
server
Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag
"pub1700120062;gz"
x-frame-options
allow-from SAMEORIGIN
access-control-allow-methods
GET,POST,OPTIONS,DELETE,PUT
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
vary
Accept-Encoding
access-control-allow-headers
Accept, Authorization, Origin, Content-Type
x-amz-cf-id
tXLZuKtGVa7mR7ocrtkZ1O2sv2eibRzjS11SKi0hyB9_n2a7NfdGkg==
expires
Fri, 24 Nov 2023 08:07:15 GMT
/
www.turtlediary.com/min/ 		38 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.turtlediary.com/min/?g=bootstrapjs&v=59.43
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-62.syd62.r.cloudfront.net
Software
Apache/2.4.54 (Unix) OpenSSL/1.1.1n / PHP/7.4.14
Resource Hash
980c96107d8f974d249b98757877f4a51db8cf7172903fe99aba4b5466631ee1
Security Headers
Name Value
X-Frame-Options allow-from SAMEORIGIN

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 08:07:16 GMT
content-encoding
gzip
via
1.1 00f0469d54a973389150a36c64065326.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P1
age
56727
x-powered-by
PHP/7.4.14
x-cache
Hit from cloudfront
content-length
9907
last-modified
Thu, 16 Nov 2023 07:34:22 GMT
server
Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag
"pub1700120062;gz"
x-frame-options
allow-from SAMEORIGIN
access-control-allow-methods
GET,POST,OPTIONS,DELETE,PUT
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
vary
Accept-Encoding
access-control-allow-headers
Accept, Authorization, Origin, Content-Type
x-amz-cf-id
dRt-uA9xqyMOUVYDHzt4MDUmwnPtAM0u-XEfFKpEpsSanUX4FjyOMA==
expires
Fri, 24 Nov 2023 08:07:16 GMT
cls.css
a.pub.network/turtlediary-com/ 		1 KB
865 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/turtlediary-com/cls.css
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.20.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
123b47f66fb33ca08ec61c8066351f3ef9d04fa5ad3664ba3bddfeff59b62be9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 23:52:43 GMT
content-encoding
gzip
cf-cache-status
HIT
x-guploader-uploadid
ABPtcPpQY3tfcwTgmC90a8NL9YujAQrH5cSPXbbZ-2OmmF4ZnRaUMvRZKUNfwhJN1hbWR45GrbDa8cvz-w
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
last-modified
Fri, 17 Nov 2023 16:43:57 GMT
server
cloudflare
etag
W/"64d0a56263b2299822429f0b1baaa669"
vary
Accept-Encoding
x-goog-hash
crc32c=WPHuRw==, md5=ZNClYmOyKZgiQp8LG6qmaQ==
x-goog-generation
1700239436959939
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=1800
x-goog-stored-content-length
1359
cf-ray
82ad53d6edaca959-SYD
expires
Fri, 24 Nov 2023 00:22:43 GMT
pubfig.min.js
a.pub.network/turtlediary-com/ 		121 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/turtlediary-com/pubfig.min.js
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.20.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10f77140f943fed56fd24ef6d31198c70f8d72eff3717438ea334ebebed545c4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 23:52:43 GMT
content-encoding
gzip
cf-cache-status
HIT
age
184849
x-guploader-uploadid
ABPtcPoI5PKuvNVh-Zmug41mWoc0sQIfQ9wnUKclihr_P--WalLs0xrcKs7RsNtQafVED7J9BlU
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
last-modified
Fri, 17 Nov 2023 16:43:57 GMT
server
cloudflare
etag
W/"d09794a66f1e4dbbe2deb1507e44f5cc"
vary
Accept-Encoding
x-goog-generation
1700239437309535
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=CE/1cQ==, md5=0JeUpm8eTbvi3rFQfkT1zA==
access-control-expose-headers
*
cache-control
public, max-age=1800
x-goog-stored-content-length
123680
cf-ray
82ad53d8afa0a959-SYD
link
<https://d.pub.network/v2/sites/turtlediary-com/configs?env=PROD>; rel="preload"; as="fetch"; crossorigin="use-credentials", <https://optimise.net>; rel="preconnect", <https://api.floors.dev>; rel="preconnect"
expires
Fri, 24 Nov 2023 00:22:43 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.76.110 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 23 Nov 2023 23:16:38 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
2166
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 24 Nov 2023 01:16:38 GMT
fontawesome-webfont.woff2
www.turtlediary.com/fonts/new/ 		65 KB
66 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.turtlediary.com/fonts/new/fontawesome-webfont.woff2?v=4.5.0
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/min/?g=tdcss_home&v=59.32
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-62.syd62.r.cloudfront.net
Software
Apache/2.4.54 (Unix) OpenSSL/1.1.1n /
Resource Hash
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995
Security Headers
Name Value
X-Frame-Options allow-from SAMEORIGIN

Request headers

Referer
https://www.turtlediary.com/min/?g=tdcss_home&v=59.32
Origin
https://www.turtlediary.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 08:21:53 GMT
content-encoding
gzip
via
1.1 00f0469d54a973389150a36c64065326.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P1
age
55850
x-cache
Hit from cloudfront
last-modified
Thu, 16 Nov 2023 07:34:22 GMT
server
Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag
"10440-60a400c5efb80-gzip"
x-frame-options
allow-from SAMEORIGIN
access-control-allow-methods
GET,POST,OPTIONS,DELETE,PUT
content-type
font/woff2
access-control-allow-origin
*
vary
Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
Accept, Authorization, Origin, Content-Type
x-amz-cf-id
ZXf61E34-FyiJz6TsL6k4PlXI7lslTojFIRJQAASWn_AkrB1AbeYdw==
HhyaU5sn9vOmLzloC_U.woff2
fonts.gstatic.com/s/dosis/v32/ 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/dosis/v32/HhyaU5sn9vOmLzloC_U.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Dosis:wght@200;300;400;500;600;700;800&display=swap&v=?ver=59.32
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f3.1e100.net
Software
sffe /
Resource Hash
0dcac7cabd17a67b5d09d54d506c6ed734516248e9e8552d194b1a5cf16b7722
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.turtlediary.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 23:17:01 GMT
x-content-type-options
nosniff
age
2142
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30208
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 20:45:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Nov 2024 23:17:01 GMT
configs
d.pub.network/v2/sites/turtlediary-com/ 		51 KB
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://d.pub.network/v2/sites/turtlediary-com/configs?env=PROD
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
1248843480d9a6683a6d6c3c2f9ac80e48455d854e883d1204b7663a2f2845e2

Request headers

Referer
https://www.turtlediary.com/
Origin
https://www.turtlediary.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 23:52:43 GMT
content-encoding
gzip
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
content-type
application/json
access-control-allow-origin
https://www.turtlediary.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
grades.webp
cdn.turtlediary.com/homepage/ 		194 KB
194 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.turtlediary.com/homepage/grades.webp
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/min/?g=tdcss_home&v=59.32
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-16.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d037ba3209044db2ccff64a55106d5e69f4f0e4b78429fcdf1ca12936edb519e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
jLteJADQyQUHhaNu44ZBjLZrpmWFZzR9
date
Thu, 23 Nov 2023 10:34:25 GMT
via
1.1 701510d744831cda18c48da0cb099172.cloudfront.net (CloudFront)
last-modified
Tue, 30 Aug 2022 09:47:07 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
age
47898
etag
"6f678c4c10d00cfb5e090fa0b0c622e4"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
binary/octet-stream
accept-ranges
bytes
content-length
198366
x-amz-cf-id
88dj8LK0oibjsNPiaIz2xvKIJOREIq_JD687OlMbrIaSWXVVXUddng==
138ee6b51dd171d212710cf13483a286c139c2.index.js
fronttoad.com/public/ 		68 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fronttoad.com/public/138ee6b51dd171d212710cf13483a286c139c2.index.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/turtlediary-com/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.63.134 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
134.63.160.34.bc.googleusercontent.com
Software
/
Resource Hash
ddb5418954db43dc55c388d48c29d73a0a03513089f6a8f09563f839fbf516e4
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
via
1.1 google
date
Thu, 23 Nov 2023 23:52:44 GMT
x-datacenter
gce-asia-east1
etag
"06fd56130d11fb7b9766afb6b299e5617b098695fadf2166f25889a6f99e1cff"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-asia-east1-spot-5cvp
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
x-buildnumber
1072352451
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
grass-bg.webp
cdn.turtlediary.com/homepage/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.turtlediary.com/homepage/grass-bg.webp
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/min/?g=tdcss_home&v=59.32
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-16.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1d4ee19b918d965bcd79df0e57ea9b99e928e0302a09e534a587975126f2f920

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
URdG38hH2n9lkRnBxYr.kppEjM9jmkGy
date
Thu, 23 Nov 2023 10:34:25 GMT
via
1.1 701510d744831cda18c48da0cb099172.cloudfront.net (CloudFront)
last-modified
Tue, 30 Aug 2022 09:47:07 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
age
47898
etag
"485e3f7eea01b61ff832db198e1cc6c2"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
binary/octet-stream
accept-ranges
bytes
content-length
15724
x-amz-cf-id
qWb8xhkNSmbuef0jg7R-TPTMv4XZ9nagJd4JK3waS3de0uU0QajJGg==
circular-ribbon.png
cdn.turtlediary.com/homepage/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.turtlediary.com/homepage/circular-ribbon.png
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/min/?g=tdcss_home&v=59.32
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-16.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
68fb114544676a7ff3da526d1c5944d17659f972759f4d6712dc03989ca078a0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
xxQQIdno6HZb6Uk33F0J4K0dTZXBOvQo
date
Thu, 23 Nov 2023 10:34:26 GMT
via
1.1 701510d744831cda18c48da0cb099172.cloudfront.net (CloudFront)
last-modified
Tue, 30 Aug 2022 09:47:07 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
age
47898
etag
"0ef11f5b8493c2e0b9fabbec839af632"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
3706
x-amz-cf-id
JOdU8yRyoTDvMnEQ6T86iec4zK1HSANUJVAH5rqkm2xDs1PeAfzWbQ==
topics.webp
cdn.turtlediary.com/homepage/ 		218 KB
218 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.turtlediary.com/homepage/topics.webp
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/min/?g=tdcss_home&v=59.32
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-16.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0d16cfa1e268735fa201c27d03314ddbcd003f3164214fa04462eb19222eed5c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
DbJmoWLRGJ5NibucR3r0RsbPeA0o7BBB
date
Thu, 23 Nov 2023 22:13:55 GMT
via
1.1 701510d744831cda18c48da0cb099172.cloudfront.net (CloudFront)
last-modified
Thu, 09 Mar 2023 10:20:11 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
age
10780
x-amz-server-side-encryption
AES256
etag
"6d6592b012a713e37cb9b4272660ce88"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
image/webp
accept-ranges
bytes
content-length
222750
x-amz-cf-id
KjqeLUnAeiE2F94w5WZ70b3D3ZLSauURGDbscArGZmEko8cnM0bwrA==
cloud-bg.png
cdn.turtlediary.com/homepage/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.turtlediary.com/homepage/cloud-bg.png
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/min/?g=tdcss_home&v=59.32
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-16.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7b08eca7e48d4cdb0c939b874869d7e2f404de6328519c758e70301cffb01afd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
nttfsSB_m2oMthe44iKvB2CkAu2E0k8y
date
Thu, 23 Nov 2023 20:53:04 GMT
via
1.1 701510d744831cda18c48da0cb099172.cloudfront.net (CloudFront)
last-modified
Tue, 30 Aug 2022 09:47:07 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
age
10780
etag
"1614f5d942541a6d968950211128a5de"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
8464
x-amz-cf-id
L15OCqdd7DYFy9BfcOAcqvhF0TiuC6fgy9xmIJSo9u1vHk6MBrVcDQ==
ajax-loader.gif
cdn.turtlediary.com/homepage/ 		771 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.turtlediary.com/homepage/ajax-loader.gif
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/min/?g=tdcss_home&v=59.32
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-16.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
81a161d5793ac2a33f02ddcd64fb0dc2d028616dac084e4f64e77f4898b0c4e4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
.FabN2arNKFI7OWKmnCgi92t.AmYqDQJ
date
Thu, 23 Nov 2023 02:34:05 GMT
via
1.1 701510d744831cda18c48da0cb099172.cloudfront.net (CloudFront)
last-modified
Tue, 30 Aug 2022 09:47:07 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
age
76719
etag
"00ef871b291bc03a497d608a5bd8ec99"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
771
x-amz-cf-id
a00YZQCMcdnr6dOim-07hSb8K5ksLi2xK9ILjx8IsFYSbMetLSqksQ==
quiz.webp
cdn.turtlediary.com/homepage/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.turtlediary.com/homepage/quiz.webp
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/min/?g=tdcss_home&v=59.32
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-16.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8a2e2fb6f3fb55c6e082d8761acce94483842596ef9cbcf2792290ed07e9a314

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
jmwCsqoG9DpyXenr.ZF_L0Rs5qwTEvyP
date
Thu, 23 Nov 2023 10:34:26 GMT
via
1.1 701510d744831cda18c48da0cb099172.cloudfront.net (CloudFront)
last-modified
Tue, 30 Aug 2022 09:47:08 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
age
47898
etag
"a6a5ade3a11194b609ea071259884a8b"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
binary/octet-stream
accept-ranges
bytes
content-length
26780
x-amz-cf-id
AnWeA3UASYoRo527wNH5XhhwzBkDgof8oS3htUTFJq_aE3cyGzEOLg==
subfooter_bg.png
cdn.turtlediary.com/homepage/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.turtlediary.com/homepage/subfooter_bg.png
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/min/?g=tdcss_home&v=59.32
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-16.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6935aeb7ce0d9da986f062094e9d6fe081cd13f29517c42bd770b72e551895b9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
ThAs0cw6JPM6S9gHqq5mQEnGg15y325e
date
Thu, 23 Nov 2023 10:34:26 GMT
via
1.1 701510d744831cda18c48da0cb099172.cloudfront.net (CloudFront)
last-modified
Tue, 30 Aug 2022 09:47:08 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
age
47898
etag
"913025bffe0fe0d37f5f806b56e5d5f4"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
7048
x-amz-cf-id
YxQgpRkwm7F6Te0tOv_iLeGEBap2aWffQL_YKmAD8a3_Qo-nORRrdA==
footer-bottom-bg.png
cdn.turtlediary.com/homepage/ 		655 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.turtlediary.com/homepage/footer-bottom-bg.png
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/min/?g=tdcss_home&v=59.32
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-16.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3b325dc4cc400ce5817dd28c5bfaabdce34e9e637f8a25840665055ead80d727

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
TuehOAH4W_cjS0TSfj9zos2jtKfUphRv
date
Thu, 23 Nov 2023 02:22:06 GMT
via
1.1 701510d744831cda18c48da0cb099172.cloudfront.net (CloudFront)
last-modified
Tue, 30 Aug 2022 09:47:07 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
age
77438
etag
"c9964caeadc1ca933a37176af2b43499"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
655
x-amz-cf-id
WuE7dPgIBZJZsTk9mBG4pNOUC257ALhasVNc97_F44mpf1SJuTo-2Q==
footer-top-bg.png
cdn.turtlediary.com/homepage/ 		635 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.turtlediary.com/homepage/footer-top-bg.png
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/min/?g=tdcss_home&v=59.32
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-16.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
82b1ac7bac4f54d30e2a421e5bc0a1e9fc338eb18acb299f0edd64462daf9cf7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
Unvhut5h9xss1xciWlM54tT3FW0RAnIt
date
Thu, 23 Nov 2023 00:36:48 GMT
via
1.1 701510d744831cda18c48da0cb099172.cloudfront.net (CloudFront)
last-modified
Tue, 30 Aug 2022 09:47:07 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
age
83756
etag
"c62f2a331e72a9a86218e756c4c4801a"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
635
x-amz-cf-id
TMJG70JTVz46O3waZN4Hx3XKUZcVn8QQTThGFzxBWS2TaupQ94dZpw==
g2t.turtle.png
cdn.turtlediary.com/homepage/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.turtlediary.com/homepage/g2t.turtle.png?ver=2
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/min/?g=tdcss_home&v=59.32
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-16.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e62a00258a2118faad7754b5c5c19174124e4b2ec83a330bd5f9515c19529b94

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
bSBAuFau9OErTrpqSFY0Szfra2arlyds
date
Thu, 23 Nov 2023 02:22:06 GMT
via
1.1 701510d744831cda18c48da0cb099172.cloudfront.net (CloudFront)
last-modified
Tue, 30 Aug 2022 09:47:07 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
age
77438
etag
"389ffe9a68fc5640b5ec54ac4fc3f46c"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
5013
x-amz-cf-id
Vizff4dTEf8Ru-wDJgfZc3USltkMOm0ZHKsENuG3qkvVF0dl-kVFMg==
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/turtlediary-com/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-14.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:40:40 GMT
content-encoding
gzip
via
1.1 3aea472dcaab0d179b019b33b044a9be.cloudfront.net (CloudFront)
last-modified
Fri, 21 Jul 2023 22:21:17 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
age
72724
x-amz-server-side-encryption
AES256
etag
W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
19QRQub_4jyIKkZ9X3r7tK_LbmQ9kHWSnVibYD_HPvM2k9hgiZONHg==
pubfig.engine.js
a.pub.network/core/pubfig/5.19.15/ 		548 KB
152 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/core/pubfig/5.19.15/pubfig.engine.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/turtlediary-com/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.20.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ebadfb0328064c5cee4e463f60f6b67ad4111578429bb00206d358826752596

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 23:52:43 GMT
content-encoding
gzip
cf-cache-status
HIT
age
21632
x-guploader-uploadid
ABPtcPqZ6U9RKn2Dp7ZaSCfata3HEkm_sXcZT_1Ka1zEgu1__1XYbpQiRNJZ8WE-kqymyIePjvgnIzYiag
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
last-modified
Wed, 15 Nov 2023 20:20:05 GMT
server
cloudflare
etag
W/"c83575c9bb19202c6fd0b61ba45c60a3"
vary
Accept-Encoding
x-goog-hash
crc32c=J8SUlA==, md5=yDV1ybsZICxv0LYbpFxgow==
x-goog-generation
1700079605019407
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=3600
x-goog-stored-content-length
560817
cf-ray
82ad53da59b0a959-SYD
expires
Fri, 24 Nov 2023 00:52:43 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=23384447&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1700783563930&ns_c=UTF-8&cs_ucfr=&c7=https%3A%2F%2Fwww.turtlediary.com%2F&c8=Educational%20Games%20%7C%20Edu...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1700783563930&ns_c=UTF-8&cs_ucfr=&c7=https%3A%2F%2Fwww.turtlediary.com%2F&c8=Educational%20Games%20%7C%20Ed...
0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1700783563930&ns_c=UTF-8&cs_ucfr=&c7=https%3A%2F%2Fwww.turtlediary.com%2F&c8=Educational%20Games%20%7C%20Educational%20Games%20For%20Kids%20%7C%20Turtle%20Diary&c9=
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Server
18.67.93.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-14.syd62.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 23:52:44 GMT
via
1.1 3aea472dcaab0d179b019b33b044a9be.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
SYD62-P1
x-amz-cf-id
ytMBxe_n4fbOkuWdwmiW759d5sR6Pl7S9poYgy34kZuN5MXzLd0uPA==
x-cache
Miss from cloudfront

Redirect headers

date
Thu, 23 Nov 2023 23:52:44 GMT
via
1.1 3aea472dcaab0d179b019b33b044a9be.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
SYD62-P1
x-cache
Miss from cloudfront
location
/b2?c1=2&c2=23384447&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1700783563930&ns_c=UTF-8&cs_ucfr=&c7=https%3A%2F%2Fwww.turtlediary.com%2F&c8=Educational%20Games%20%7C%20Educational%20Games%20For%20Kids%20%7C%20Turtle%20Diary&c9=
content-length
0
x-amz-cf-id
nJ-pqqIqJoKEURrHqCykZJLjL7yxnT-VMtwf7Fi0D1L96qFRil0HdQ==
/
optimise.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://optimise.net/?k=0&d=www.turtlediary.com&t=desktop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.152.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.152.111.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
x-api-key
Access-Control-Request-Method
GET
Origin
https://www.turtlediary.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key
access-control-allow-methods
ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
access-control-allow-origin
https://www.turtlediary.com
access-control-expose-headers
fs-client-rtt
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
date
Thu, 23 Nov 2023 23:52:44 GMT
expires
0
fs-client-rtt
2
pragma
no-cache
strict-transport-security
max-age=31536000;includeSubDomains;preload;
via
1.1 google
/
optimise.net/ 		3 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://optimise.net/?k=0&d=www.turtlediary.com&t=desktop
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/5.19.15/pubfig.engine.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.152.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.152.111.34.bc.googleusercontent.com
Software
/
Resource Hash
3029adbcd8e7d319000b2558e106ee866e7120f4f21f232ad52c1963725f6097
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload;

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
x-api-key
4e799501-b8b6-4ef1-bad5-225b3dd1aa8d

Response headers

strict-transport-security
max-age=31536000;includeSubDomains;preload;
via
1.1 google
date
Thu, 23 Nov 2023 23:43:29 GMT
fs-client-rtt
1
age
555
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3523
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
content-type
application/json
access-control-allow-origin
https://www.turtlediary.com
access-control-expose-headers
fs-client-rtt
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key
expires
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		99 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/5.19.15/pubfig.engine.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
9753bf5dc6e8bfc154553bc01aa09680ef407fc1dfc112892e745a9d2fc4a4f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 23:52:44 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30582
x-xss-protection
0
server
cafe
etag
123 / 19684 / 31079694 / config-hash: 16204867678510254442
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 23 Nov 2023 23:52:44 GMT
prebid-analytics-7.48.4.js
a.pub.network/core/ 		596 KB
193 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/core/prebid-analytics-7.48.4.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/5.19.15/pubfig.engine.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.20.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
788c13994d09fd809cb431d4a0a2aaba6dd88c9b2ba4c0c9e03345362d9633ec

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 23:52:44 GMT
content-encoding
gzip
cf-cache-status
HIT
age
29585
x-guploader-uploadid
ABPtcPpyOtnhawW2oAUv2cGjZ4VqY0RG_s5Kb42hRdA2hv1ZzEIBkBpIyFuf3fmkZ_a6o5GFgT8
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
last-modified
Tue, 18 Jul 2023 18:59:55 GMT
server
cloudflare
etag
W/"5243e8ea27fda1bab8578db0b34dba61"
vary
Accept-Encoding
x-goog-generation
1689706795179212
content-type
text/html
access-control-allow-origin
*
x-goog-hash
crc32c=hSRCNw==, md5=UkPo6if9obq4V42ws026YQ==
content-language
en
access-control-expose-headers
*
cache-control
public, max-age=31420012
x-goog-stored-content-length
610321
cf-ray
82ad53dafa5fa959-SYD
expires
Thu, 21 Nov 2024 15:39:36 GMT
collect
www.google-analytics.com/j/ 		3 B
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1170208718&t=pageview&_s=1&dl=https%3A%2F%2Fwww.turtlediary.com%2F&ul=en-us&de=UTF-8&dt=Educational%20Games%20%7C%20Educational%20Games%20For%20Kids%20%7C%20Turtle%20Diary&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=476380451&gjid=64955060&cid=1678017089.1700783564&tid=UA-31320576-1&_gid=1184689771.1700783564&_r=1&_slc=1&z=1996899799
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.76.110 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.turtlediary.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
nodejs.turtlediary.com/socket.io/ 		97 B
258 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://nodejs.turtlediary.com/socket.io/?EIO=4&transport=polling&t=Ol-cQKB
Requested by
Host: nodejs.turtlediary.com
URL: https://nodejs.turtlediary.com/socket.io/socket.io.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.198.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-198-148.compute-1.amazonaws.com
Software
/
Resource Hash
233e15521ef6656de413653baff7f21f8820228263a990affd3b95b9be193a00

Request headers

Accept
*/*
Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin
https://www.turtlediary.com
date
Thu, 23 Nov 2023 23:52:44 GMT
access-control-allow-credentials
true
content-length
97
vary
Origin
content-type
text/plain; charset=UTF-8
html2canvas.js
www.turtlediary.com/js/new/ 		58 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.turtlediary.com/js/new/html2canvas.js?v=1.1
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/min/?g=footertdjs1&v=59.43
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-62.syd62.r.cloudfront.net
Software
Apache/2.4.54 (Unix) OpenSSL/1.1.1n /
Resource Hash
eca003642178c47d53f4b1c5ae15b453eb75bf875f40d4505f790760345dc3d0
Security Headers
Name Value
X-Frame-Options allow-from SAMEORIGIN

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 08:08:29 GMT
content-encoding
gzip
via
1.1 00f0469d54a973389150a36c64065326.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P1
age
661455
x-cache
Hit from cloudfront
content-length
15368
server
Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-frame-options
allow-from SAMEORIGIN
access-control-allow-methods
GET,POST,OPTIONS,DELETE,PUT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, public
vary
Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
Accept, Authorization, Origin, Content-Type
x-amz-cf-id
OzUHM2IIUUVPyTmvJG7XbzJHW0LytLmHsh_k1hn1kYRVd5U0EHwUpg==
expires
Thu, 23 Nov 2023 08:08:29 GMT
jquery.simplePopup.js
www.turtlediary.com/js/new/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.turtlediary.com/js/new/jquery.simplePopup.js?v=1
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/min/?g=footertdjs1&v=59.43
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-62.syd62.r.cloudfront.net
Software
Apache/2.4.54 (Unix) OpenSSL/1.1.1n /
Resource Hash
42c1f6a66ff3442adb9b6d0a97b9e66bec0c8c7fc5f1c95345c73430dbc35d7c
Security Headers
Name Value
X-Frame-Options allow-from SAMEORIGIN

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 08:05:10 GMT
content-encoding
gzip
via
1.1 00f0469d54a973389150a36c64065326.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P1
age
661654
x-cache
Hit from cloudfront
content-length
740
server
Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-frame-options
allow-from SAMEORIGIN
access-control-allow-methods
GET,POST,OPTIONS,DELETE,PUT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, public
vary
Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
Accept, Authorization, Origin, Content-Type
x-amz-cf-id
t7gdafW-gaup11_Xj3fEky14wNXP8LxQE9RLBcrGo747oI1Hhts7Tw==
expires
Thu, 23 Nov 2023 08:05:10 GMT
tag
btloader.com/
Redirect Chain
  • https://freestar-io.videoplayerhub.com/gallery.js
  • https://btloader.com/tag?h=freestar-io&upapi=true
412 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?h=freestar-io&upapi=true
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Server
104.22.74.216 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c7419b74ad71f441448e81efb781c3449155cc9238ce996ade4663abefec695

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 23:52:44 GMT
content-encoding
gzip
via
1.1 google
cf-cache-status
HIT
last-modified
Thu, 23 Nov 2023 23:07:09 GMT
server
cloudflare
age
2546
etag
"f721e9da135e7c3033bcfb3b17152b10"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges
bytes
cf-ray
82ad53e00be45bf4-SYD
content-length
97351

Redirect headers

date
Thu, 23 Nov 2023 23:52:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3PnGIdkuLvDv1T%2Fot6nDaeb%2BQoaIdWBybp2wm3Q9oeBAyKD%2FeF1qH6q8UhiVwv9ChcuxsdempalFUiyB5VWedSSQ7GIm18CS3urwED8n7dgqb57VC93Z4nTHsrjgJHE9kyLb%2FpwVZ%2BI26bqirWUuIg%3D%3D"}],"group":"cf-nel","max_age":604800}
location
https://btloader.com/tag?h=freestar-io&upapi=true
cache-control
max-age=3600
cf-ray
82ad53ddd8db6a54-SYD
expires
Fri, 24 Nov 2023 00:52:44 GMT
collect
www.google-analytics.com/g/ 		0
57 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-W1C8HMBE0D&gtm=45je3b81v9101581670&_p=1700783563619&gcd=11l1l1l1l1&dma=0&cid=1678017089.1700783564&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1700783564&sct=1&seg=0&dl=https%3A%2F%2Fwww.turtlediary.com%2F&dt=Educational%20Games%20%7C%20Educational%20Games%20For%20Kids%20%7C%20Turtle%20Diary&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2529
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-W1C8HMBE0D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.76.110 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:44 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.turtlediary.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
skeleton.gif
static.adsafeprotected.com/ 		43 B
481 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif?adunitid=frwjhs&adnum=4425014
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.203.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-203-31.lax3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 18:06:55 GMT
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via
1.1 a881cb8cde2d5f28c5d1e3662b510ada.cloudfront.net (CloudFront)
x-amz-cf-pop
LAX3-C3
age
10647951
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
etag
"45cf913e5d9d3c9b2058033056d3dd23"
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
nQWcjOicPfCCWvcsYhCGGJLo2v3jjCli0qsGv97RfiPOI2wq_0XauA==
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/ 		430 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079694
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
87960e7994f9fc5f6d2fc8c0b93be02f4b9b7cdca0dd9c726f5806d8e9092068
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 23:16:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
2148
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138013
x-xss-protection
0
server
cafe
etag
17202369310903786887
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 22 Nov 2024 23:16:56 GMT
/
nodejs.turtlediary.com/socket.io/ 		2 B
149 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://nodejs.turtlediary.com/socket.io/?EIO=4&transport=polling&t=Ol-cQTf&sid=3oyDQ_paa_CD1et0Im8m
Requested by
Host: nodejs.turtlediary.com
URL: https://nodejs.turtlediary.com/socket.io/socket.io.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.198.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-198-148.compute-1.amazonaws.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept
*/*
Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.turtlediary.com
date
Thu, 23 Nov 2023 23:52:44 GMT
access-control-allow-credentials
true
content-length
2
vary
Origin
content-type
text/html
/
nodejs.turtlediary.com/socket.io/ 		32 B
192 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://nodejs.turtlediary.com/socket.io/?EIO=4&transport=polling&t=Ol-cQTh&sid=3oyDQ_paa_CD1et0Im8m
Requested by
Host: nodejs.turtlediary.com
URL: https://nodejs.turtlediary.com/socket.io/socket.io.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.198.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-198-148.compute-1.amazonaws.com
Software
/
Resource Hash
ea6da3fd9b357ff8c3d3c12a21aaf4be7d7139b7addc52bcb22dae3f50f3ecad

Request headers

Accept
*/*
Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin
https://www.turtlediary.com
date
Thu, 23 Nov 2023 23:52:44 GMT
access-control-allow-credentials
true
content-length
32
vary
Origin
content-type
text/plain; charset=UTF-8
hadron.js
cdn.hadronid.net/ 		55 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.turtlediary.com%2F&ref=&_it=freestar&partner_id=474&ha=_hadron
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/5.19.15/pubfig.engine.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.36.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ee69abe38a87fd8aa0867401e1e14d2831eab6dfb1bb2d97abf65ac57cb5705

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 23:52:45 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 07 Sep 2023 17:31:32 GMT
server
cloudflare
x-amz-request-id
907P0TB94S36DGVM
age
3176
etag
W/"8bbf05f440008747d4df642e30fc4ddc"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
82ad53e14bfcaaf3-SYD
x-amz-id-2
h/ONXLwae6iM09gh9FAps6RtAYH3Y0Kwsp/Odih6j7jcgPhpo1/xVSCaJJeV+QY3MnwBFDbKvY0=
IIQUniversalID.js
a.pub.network/core/intentIQ/20230622/ 		55 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/core/intentIQ/20230622/IIQUniversalID.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/5.19.15/pubfig.engine.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.20.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48c76c91f2d42a1668fee310da41b7c1f0d97d7ab0fa55fcf794e2cd3e412242

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 23:52:44 GMT
content-encoding
gzip
cf-cache-status
HIT
age
32560
x-guploader-uploadid
ABPtcPog4tSuwgmcgeerjGkGqnQJp60fk9sxzOKcAFEGPTUsvo2cGpfPMtDCXrrL7iYjJF_ml8Q
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
last-modified
Thu, 22 Jun 2023 23:15:14 GMT
server
cloudflare
etag
W/"c45a15a8a50c2a275e14695cf631d08d"
vary
Accept-Encoding
x-goog-hash
crc32c=6m2COg==, md5=xFoVqKUMKideFGlc9jHQjQ==
x-goog-generation
1687475714790007
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=3600
x-goog-stored-content-length
56442
cf-ray
82ad53df4f1ea959-SYD
expires
Fri, 24 Nov 2023 00:52:44 GMT
ProfilesEngineServlet
api.intentiq.com/profiles_engine/ 		92 B
930 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=1434517136&pt=17&dpn=1&jsver=5.4&iiqidtype=2&iiqpcid=a3925b35-2c07-4c41-8b27-2674e680b371&iiqpciddate=1700783564739&jaesc=0&jafc=0&jaensc=0&iiqlocalstorageenabled=true&tsrnd=13_1700783564739&cttl=43200000&rrtt=0&dud=0&abtg=A&vrref=www.turtlediary.com&japbjs=true&japs=false
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/intentIQ/20230622/IIQUniversalID.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.181.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-181-84.syd1.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
0c0d9eaa19e916706042c05e57dd0a59b959a94e2ea59705d30c63ed292adbb6

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 23:52:44 GMT
via
1.1 f5d6d53193540aa659ec28d5052668d0.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD1-C2
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
patent
https://www.almondnet.com/ip
alt-svc
h3=":443"; ma=86400
pragma
no-cache
server
Apache-Coyote/1.1
vary
Origin
access-control-allow-methods
POST, GET
content-type
text/html
access-control-allow-origin
https://www.turtlediary.com
access-control-max-age
3600
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type, Accept, X-Requested-With, remember-me
x-amz-cf-id
90ThCu7N_Gxt7bW-W35xXhFt_9_DkH18QY7CMw-nOfHo77yDnosw-A==
expires
Thu, 01 Jan 1970 00:00:00 GMT
ProfilesEngineServlet
sync1.intentiq.com/profiles_engine/
Redirect Chain
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=1434517136&rnd=758179&iiqidtype=2&iiqpcid=a3925b35-2c07-4c41-8b27-2674e680b371&iiqpciddate=1700783564739&tsr...
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=1434517136&rnd=758179&iiqidtype=2&iiqpcid=a3925b35-2c07-4c41-8b27-2674e680b371&iiqpciddate=1700783564739&ts...
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=1434517136&rnd=758179&iiqidtype=2&iiqpcid=a3925b35-2c07-4c41-8b27-2674e680b371&iiqpciddate=1700783564739&tsrnd=851_1700783564739&vrref=www.turtlediary.com&jsver=5.4&abtp=95&abtg=A&ckls=true&ci=BtXZLGESFI&nc=false&trid=347425782
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Server
18.67.93.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-44.syd62.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:45 GMT
via
1.1 e3f64b5e1795622ac1fd367fad798c10.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
SYD62-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
YtTOnOj7dvdWIhv7_IW8UigB7lsGVChLbD3f4b_6XOFjzZePGF2d9Q==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:44 GMT
via
1.1 e3f64b5e1795622ac1fd367fad798c10.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
SYD62-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=1434517136&rnd=758179&iiqidtype=2&iiqpcid=a3925b35-2c07-4c41-8b27-2674e680b371&iiqpciddate=1700783564739&tsrnd=851_1700783564739&vrref=www.turtlediary.com&jsver=5.4&abtp=95&abtg=A&ckls=true&ci=BtXZLGESFI&nc=false&trid=347425782
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
patent
https://www.almondnet.com/ip
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
rydHvpxXk4YtLDNij9wp0zn4_MIcZp7PvoYHQZ8UgNFe8680KsdNbQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
nodejs.turtlediary.com/socket.io/ 		2 B
149 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://nodejs.turtlediary.com/socket.io/?EIO=4&transport=polling&t=Ol-cQWm&sid=3oyDQ_paa_CD1et0Im8m
Requested by
Host: nodejs.turtlediary.com
URL: https://nodejs.turtlediary.com/socket.io/socket.io.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.198.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-198-148.compute-1.amazonaws.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept
*/*
Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.turtlediary.com
date
Thu, 23 Nov 2023 23:52:44 GMT
access-control-allow-credentials
true
content-length
2
vary
Origin
content-type
text/html
/
nodejs.turtlediary.com/socket.io/ 		1 B
160 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://nodejs.turtlediary.com/socket.io/?EIO=4&transport=polling&t=Ol-cQWn&sid=3oyDQ_paa_CD1et0Im8m
Requested by
Host: nodejs.turtlediary.com
URL: https://nodejs.turtlediary.com/socket.io/socket.io.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.198.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-198-148.compute-1.amazonaws.com
Software
/
Resource Hash
e7f6c011776e8db7cd330b54174fd76f7d0216b612387a5ffcfb81e6f0919683

Request headers

Accept
*/*
Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin
https://www.turtlediary.com
date
Thu, 23 Nov 2023 23:52:45 GMT
access-control-allow-credentials
true
content-length
1
vary
Origin
content-type
text/plain; charset=UTF-8
state
api.btloader.com/mw/ 		0
102 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/mw/state?bt_env=prod
Requested by
Host: freestar-io.videoplayerhub.com
URL: https://freestar-io.videoplayerhub.com/gallery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 23 Nov 2023 23:52:44 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
px.gif
ad-delivery.net/ 		43 B
915 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 23:52:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1723304
x-guploader-uploadid
ABPtcPp_OFZlMHB4UquwVAukM0D-WH7x5C9E3Q7ACTOyOgs380VpCYO9HJnQGVAVOvCDOSDsQW3_pJTMNA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UGyXECnHnVdYtLqWlnAwFKbLtRPpUT3NIMVSGgTEO6YQ7Lf%2BYMrQ8R8%2FE%2BN6CZlXjN4orVySl9A6T%2Fq3l2eqk7w8U%2FcRSekgMM%2BmmwuSarxw5oXoynyA12G9twHuoqvHsg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
82ad53e26887a876-SYD
expires
Sat, 04 Nov 2023 01:45:05 GMT
favicon.ico
ad.doubleclick.net/ 		1 KB
571 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.198 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 09:15:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
52641
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 24 Nov 2023 09:15:23 GMT
px.gif
ad-delivery.net/ 		43 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.5383389676492487
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 23:52:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1723304
x-guploader-uploadid
ABPtcPp_OFZlMHB4UquwVAukM0D-WH7x5C9E3Q7ACTOyOgs380VpCYO9HJnQGVAVOvCDOSDsQW3_pJTMNA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vM4ZYNcwSiCyMxaa7qXom3%2Bfiu%2FrIBop5%2FuU1Tc0%2F2NV87X9EqBKD0FyNxZV8uqq%2Fc%2BviOUS1VvPlpikJMiOLSzArjas7PblIkzPHlrcVyE4ua3eJDarZfPsstrjJwuLBA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
82ad53e26886a876-SYD
expires
Sat, 04 Nov 2023 01:45:05 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.turtlediary.com%2F&domain=www.turtlediary.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.turtlediary.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.turtlediary.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 23 Nov 2023 23:52:45 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
281679
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
liveView.php
live.primis.tech/live/ 		47 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?s=114564&cbuster=1700783565&pubUrl=https://www.turtlediary.com/&x=400&y=272&playerApiId=freestarPrimisPlayer&schain=1.0,1!freestar.com,1564,1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/5.19.15/pubfig.engine.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-4.sin5.r.cloudfront.net
Software
nginx /
Resource Hash
ece307e0b49c55605f17563e2376dd43d013b02632b9dfc3cc71194854d751bb

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:45 GMT
content-encoding
gzip
via
1.1 fb176da9df72832dd488674f28c0a880.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SIN5-C1
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
SCGR10Rz5ud1u7PjMRlPq-JRiNRS94B5eMqvwg7ex12ExMEBy636QQ==
quant.js
secure.quantserve.com/ 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/5.19.15/pubfig.engine.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.180 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
77daa4388c965a3e23b5a6c800727d8025ab108f89cf5679e79136986d5b4561

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 23:52:45 GMT
content-encoding
gzip
etag
"e23JaXq4HVtlOmThpFhluQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Thu, 30 Nov 2023 23:52:45 GMT
iiqFreestar.js
a.pub.network/turtlediary-com/ 		158 B
507 B 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/turtlediary-com/iiqFreestar.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/5.19.15/pubfig.engine.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.20.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54380fe85dacc6105a5f55caa3c04d80229700c906dc120f68a54dde9bfe1fa8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 23:52:44 GMT
content-encoding
gzip
cf-cache-status
HIT
age
15193
x-guploader-uploadid
ABPtcPotukdd9aNa_2LeNo5pv5ATP5irT690kl92UfbycEJsNNUfSA9AxRjaoc1vcsZrdAsgkFM
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
last-modified
Mon, 09 Oct 2023 15:40:48 GMT
server
cloudflare
etag
W/"8d110f894879ea12dacc1ba4b86d61ef"
vary
Accept-Encoding
x-goog-generation
1696866048033990
content-type
text/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=p/cqQg==, md5=jREPiUh56hLazBukuG1h7w==
access-control-expose-headers
*
cache-control
public, max-age=3600
x-goog-stored-content-length
158
cf-ray
82ad53e10935a959-SYD
expires
Fri, 24 Nov 2023 00:52:44 GMT
hadronid
id.hadron.ad.gt/api/v1/ 		54 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/api/v1/hadronid?_it=prebid&partner_id=474&_it=prebid
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1bf5435c55a81e3f050dc22ed008eb354bcecd1c042316e81a95a488a6c0ae43

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 23:52:45 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
Content-Type; text/javascript; charset=UTF-8
access-control-allow-origin
*
access-control-allow-credentials
true
debug
NON-OPTIONS
access-control-allow-headers
authorization
content-length
55794
cf-ray
82ad53e338475741-SYD
json
gum.criteo.com/sid/ 		367 B
675 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.turtlediary.com%2F&domain=www.turtlediary.com&cw=1&lsw=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
9caa50bd166770d892272d538231e7f08c8c56da618388852e4570eee524a127
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:45 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.turtlediary.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
931574
expires
0
pbhid
id.hadron.ad.gt/api/v1/ 		227 B
342 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/api/v1/pbhid?partner_id=474&_it=prebid
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c6a7df01af9bcc78211a661e3a4b0d3cc83bb2e97ffa27f44b0098e414c06db

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 23 Nov 2023 23:52:45 GMT
content-encoding
gzip
server
cloudflare
allow
POST, OPTIONS, GET
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cf-ray
82ad53e33e11558d-SYD
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
rid
match.adsrvr.org/track/ 		109 B
570 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=6bjin1p&fmt=json
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
0d616f2f5275b6161bd73ff81b74ef302b814c65532e28aa5640038323fabcfd

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 23 Nov 2023 23:52:44 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.turtlediary.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Sat, 23 Dec 2023 23:52:44 GMT
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079694
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 20:09:43 GMT
content-encoding
gzip
age
531781
x-guploader-uploadid
ABPtcPrGE26--ufa6gq8E9gNfsX3K0Hs07n7McA4-cBU6gmH_C_vaa2Q9M2FaRi2xuEsl8G2Dk6xhl2TMtOKMdC3pFCw5dESG7si
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Sat, 16 Nov 2024 20:09:43 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079694
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.111.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-37.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 23:57:36 GMT
content-encoding
gzip
via
1.1 2a6cd2383f2f70d74f5acfbb719135b8.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:57 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P2
age
86110
x-amz-server-side-encryption
AES256
etag
W/"e073e71ed7a44e6f9cdd72904fda5940"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
wn_LFyf689ASz3qkZrT0tg-OQ4c-iSMNu1aiYnjFFDX_JY7e6DtSVg==
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079694
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 23:52:45 GMT
via
1.1 google, 1.1 google
last-modified
Thu, 03 Aug 2023 03:28:51 GMT
server
Google Frontend
etag
fc4e6bfe266081c4873c6f08c8298e5c
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
ea13ac202a91cc9820b18e92ff0b2a5d
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1207
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
898 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079694
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.229 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 23 Nov 2023 23:52:45 GMT
x-content-type-options
nosniff
content-encoding
br
age
12356
x-jsd-version
master
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
439
x-served-by
cache-fra-eddf8230042-FRA, cache-bne12520-BNE
x-jsd-version-type
branch
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
esp.js
cdn.id5-sync.com/api/1.0/ 		156 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079694
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.38.106 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22a1257891d7523261ed7426751d43a5dfeb83e2211aed3b71f085b5a45149ed
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 23:52:45 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 22 Nov 2023 08:19:05 GMT
server
cloudflare
x-amz-request-id
6X21JJJARJPSN8YV
age
610
etag
W/"6d1031a5affe091aafc4dbcf111418ee"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
82ad53e36aa9a838-SYD
x-amz-id-2
ecRVF0Dq4FNO4pIvKm6jVrvNTk51iFUpuk3pIwiUkAgohBsMltJB6l6I4r0tGTWl6qBIQYDCGLk=
analytics.min.js
a.pub.network/core/analytics/1.2.5/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/core/analytics/1.2.5/analytics.min.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/5.19.15/pubfig.engine.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.20.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
150abf5d65851c215b785dc90f363002897279f75a0f466caa6c92534a20a2d7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 23:52:45 GMT
content-encoding
gzip
cf-cache-status
HIT
age
30042
x-guploader-uploadid
ABPtcPoMFMmxgdWsdv3Ct41mWR4VALWcQNgrIHbkh9e8_htOrkxBqOM3cBo9zYUfx0gh7ROtCyk0fN2BbQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
last-modified
Wed, 04 Oct 2023 16:03:51 GMT
server
cloudflare
etag
W/"defe674f4bb712938099078798b0a1bc"
vary
Accept-Encoding
x-goog-hash
crc32c=JGNbPw==, md5=3v5nT0u3EpOAmQeHmLChvA==
x-goog-generation
1696435431727744
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=3600
x-goog-stored-content-length
13192
cf-ray
82ad53e13979a959-SYD
expires
Fri, 24 Nov 2023 00:52:45 GMT
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.turtlediary.com%2F&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.turtlediary.com%2F&rid=esp&cc=1
85 B
194 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.turtlediary.com%2F&rid=esp&cc=1
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Server
34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.107.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
534fe3532c0c71b2ea6696ec27c4e4ca36d16c1a83cd2869c2ad1a05b195557f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 23:52:45 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-01/gMYBiNsDa2hp/O33XeI+LO4c"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.turtlediary.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Thu, 23 Nov 2023 23:52:45 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://www.turtlediary.com
location
/esp?url=https%3A%2F%2Fwww.turtlediary.com%2F&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
map
bcp.crwdcntrl.net/6/ 		235 B
698 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.140.225.254 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-140-225-254.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
76c5530c20a5deb829a5223cce07c6f05df9ccd3aef9b53ae7310e7bbef76cfe

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:45 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.turtlediary.com
cache-control
no-cache
x-server
10.42.28.16
access-control-allow-credentials
true
content-length
235
expires
0
hadron.json
id.hadron.ad.gt/v1/ 		110 B
294 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=freestar&partner_id=474&sync=0&domain=www.turtlediary.com&url=https://www.turtlediary.com/
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.turtlediary.com%2F&ref=&_it=freestar&partner_id=474&ha=_hadron
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4022cb9ff13180686b7258efb389a65689f6a8b566f5705b3631db660a4e5d49

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 23 Nov 2023 23:52:45 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
private,max-age=30
access-control-allow-credentials
true
debug
NON-OPTIONS
access-control-allow-headers
authorization
cf-ray
82ad53e44f88558d-SYD
hadron.json
id.hadron.ad.gt/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=freestar&partner_id=474&sync=0&domain=www.turtlediary.com&url=https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.turtlediary.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin
*
allow
POST, OPTIONS, GET
cf-cache-status
DYNAMIC
cf-ray
82ad53e33e14558d-SYD
content-length
0
content-type
application/json
date
Thu, 23 Nov 2023 23:52:45 GMT
debug
OPTIONS block
server
cloudflare
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.77.152.198 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-152-198.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.90 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.turtlediary.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.turtlediary.com
access-control-max-age
600
age
0
content-length
0
date
Thu, 23 Nov 2023 23:52:45 GMT
server
ATS/9.1.10.90
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.77.152.198 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-152-198.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.90 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.turtlediary.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.turtlediary.com
access-control-max-age
600
age
0
content-length
0
date
Thu, 23 Nov 2023 23:52:45 GMT
server
ATS/9.1.10.90
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.77.152.198 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-152-198.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.90 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.turtlediary.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.turtlediary.com
access-control-max-age
600
age
0
content-length
0
date
Thu, 23 Nov 2023 23:52:45 GMT
server
ATS/9.1.10.90
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.77.152.198 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-152-198.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.90 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.turtlediary.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.turtlediary.com
access-control-max-age
600
age
0
content-length
0
date
Thu, 23 Nov 2023 23:52:45 GMT
server
ATS/9.1.10.90
cookie_sync
s2s.t13.io/ 		2 KB
802 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s2s.t13.io/cookie_sync
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
3153b9a9e9fc6e6d187194096a6494ebd7fac22938e59daf14b6dd3f5786148c

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:47 GMT
content-encoding
gzip
via
1.1 google
content-type
application/json
access-control-allow-origin
https://www.turtlediary.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
575
expires
0
auction
s2s.t13.io/openrtb2/ 		0
0
prebid
prebid.media.net/rtb/ 		32 B
427 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUJ8GUQF
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
dbe5b7ecbb1e59ac15de1b1ea340c9540f8d1cf1764c667aeca64a1fdd3b639c

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:44 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.turtlediary.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
202
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 23 Nov 2023 23:52:45 GMT
hbjson
grid.bidswitch.net/ 		24 B
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.7.59 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
59.7.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
8b20f11d9b2716dc1026da78aea85f5918477486b82055a103ec063ee7d7a2bb

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 23 Nov 2023 23:52:45 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.turtlediary.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
49
prebid
ads.yieldmo.com/exchange/ 		0
374 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=7.48.0&p=%5B%7B%22placement_id%22%3A%22turtlediary_rightrail_1%22%2C%22callback_id%22%3A%223217faaa4704593%22%2C%22sizes%22%3A%5B%5B336%2C280%5D%2C%5B300%2C250%5D%2C%5B250%2C250%5D%2C%5B300%2C100%5D%2C%5B300%2C50%5D%5D%2C%22ym_placement_id%22%3A%223229990568557748911%22%2C%22gpid%22%3A%22%2F15184186%2Fturtlediary_rightrail_1%2Fturtlediary_rightrail_1%22%2C%22tid%22%3A%22e9d2d42e-c5f8-455d-82eb-f610f09ae476%22%2C%22auctionId%22%3A%2293baacb3-af72-4310-877a-7302577bb152%22%7D%2C%7B%22placement_id%22%3A%22turtlediary_rightrail_2%22%2C%22callback_id%22%3A%2233503a11597483c%22%2C%22sizes%22%3A%5B%5B336%2C280%5D%2C%5B300%2C250%5D%2C%5B250%2C250%5D%2C%5B300%2C100%5D%2C%5B300%2C50%5D%5D%2C%22ym_placement_id%22%3A%223229990568557748911%22%2C%22gpid%22%3A%22%2F15184186%2Fturtlediary_rightrail_2%2Fturtlediary_rightrail_2%22%2C%22tid%22%3A%22798e9798-b7bd-4cef-808c-763c27d6a65a%22%2C%22auctionId%22%3A%2293baacb3-af72-4310-877a-7302577bb152%22%7D%5D&page_url=https%3A%2F%2Fwww.turtlediary.com%2F&bust=1700783565040&dnt=false&description=1000%2B%20Free%20Educational%20Games%20for%20kids%20in%20Grade%20K%20to%205.%20Play%20Online%20and%20learn%20math%2C%20science%2C%20language%20arts%2C%20geography%20%26%20much%20more%20only%20with%20our%20award%20winning%20educational%20website.&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=&pr=&scrd=1&title=Educational%20Games%20%7C%20Educational%20Games%20For%20Kids%20%7C%20Turtle%20Diary&w=1600&h=1200&pubcid=ce45ec5d-c3ea-4794-b32a-eadddffa2a8e&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.com%22%2C%22sid%22%3A%221564%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.0.243.35 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-0-243-35.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.turtlediary.com
pragma
no-cache
date
Thu, 23 Nov 2023 23:52:45 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
prebid
ib.adnxs.com/ut/v3/ 		261 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.178 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
7bff505e90701ae8b85f4d38433170cb16bc5156e045b9b10ad96f4c9e9ee96a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:45 GMT
an-x-request-uuid
29e932a7-6eb5-4a8a-a8ef-e20360889533
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.turtlediary.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
66.203.112.163; 66.203.112.163; 591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
261
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebidjs
rtb.openx.net/openrtbb/ 		53 B
353 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
06802a62d7b8ad9d0191dd9d2cab7e6ad5027c2b4f0bd112145674bfac534254

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 23 Nov 2023 23:52:45 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.turtlediary.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
515 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.77.152.198 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-152-198.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.90 /
Resource Hash
64cf3f445f28fd01c8231d61df095e936df8dbe625e88c461a3989ec52009027

Request headers

Referer
https://www.turtlediary.com/
x-openrtb-version
2.5
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 23 Nov 2023 23:52:45 GMT
content-encoding
gzip
server
ATS/9.1.10.90
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.turtlediary.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
285 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.77.152.198 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-152-198.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.90 /
Resource Hash
a5151c85cac25834a3fb848f6bde2d3a8638dde14b3c4a0bcce09badf90c75f5

Request headers

Referer
https://www.turtlediary.com/
x-openrtb-version
2.5
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 23 Nov 2023 23:52:45 GMT
content-encoding
gzip
server
ATS/9.1.10.90
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.turtlediary.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/ 		0
0
bidRequest
c2shb.pubgw.yahoo.com/ 		0
0
auction
tlx.3lift.com/header/ 		19 B
763 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.48.0&referrer=https%3A%2F%2Fwww.turtlediary.com%2F&tmax=740
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.76.40.2 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-76-40-2.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:45 GMT
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory
x-auction-status
29
content-type
application/json; charset=utf-8
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.turtlediary.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
imp
g2.gumgum.com/hbid/ 		2 B
334 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1700783565050&to=-480&aun=turtlediary_rightrail_1&gpid=%2F15184186%2Fturtlediary_rightrail_1%2Fturtlediary_rightrail_1&maxw=336&maxh=280&si=956834&pi=3&bf=336x280%2C300x250%2C250x250%2C300x100%2C300x50&schain=1.0%2C1!freestar.com%2C1564%2C1%2Cc01de26d-41c3-4819-9e34-ac312eddd222%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.turtlediary.com%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.48.0%22%7D&ogu=null&ns=10240
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.177.11.1 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-177-11-1.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:45 GMT
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.turtlediary.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
content-length
2
expires
0
imp
g2.gumgum.com/hbid/ 		2 B
333 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1700783565050&to=-480&aun=turtlediary_rightrail_1&gpid=%2F15184186%2Fturtlediary_rightrail_1%2Fturtlediary_rightrail_1&maxw=336&maxh=280&si=956833&pi=3&bf=336x280%2C300x250%2C250x250%2C300x100%2C300x50&schain=1.0%2C1!freestar.com%2C1564%2C1%2Cc01de26d-41c3-4819-9e34-ac312eddd222%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.turtlediary.com%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.48.0%22%7D&ogu=null&ns=10240
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.177.11.1 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-177-11-1.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:45 GMT
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.turtlediary.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
content-length
2
expires
0
imp
g2.gumgum.com/hbid/ 		2 B
333 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1700783565050&to=-480&aun=turtlediary_rightrail_2&gpid=%2F15184186%2Fturtlediary_rightrail_2%2Fturtlediary_rightrail_2&maxw=336&maxh=280&si=956834&pi=3&bf=336x280%2C300x250%2C250x250%2C300x100%2C300x50&schain=1.0%2C1!freestar.com%2C1564%2C1%2Cc01de26d-41c3-4819-9e34-ac312eddd222%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.turtlediary.com%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.48.0%22%7D&ogu=null&ns=10240
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.177.11.1 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-177-11-1.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:45 GMT
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.turtlediary.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
content-length
2
expires
0
imp
g2.gumgum.com/hbid/ 		2 B
333 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1700783565051&to=-480&aun=turtlediary_rightrail_2&gpid=%2F15184186%2Fturtlediary_rightrail_2%2Fturtlediary_rightrail_2&maxw=336&maxh=280&si=956833&pi=3&bf=336x280%2C300x250%2C250x250%2C300x100%2C300x50&schain=1.0%2C1!freestar.com%2C1564%2C1%2Cc01de26d-41c3-4819-9e34-ac312eddd222%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.turtlediary.com%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.48.0%22%7D&ogu=null&ns=10240
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.177.11.1 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-177-11-1.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:45 GMT
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.turtlediary.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
content-length
2
expires
0
bid
ap.lijit.com/rtb/ 		94 B
629 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.48.0
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.191.163.208 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e0e0b845af590c1ff82adf4b689da8fc18281e5b27c59979b4e9168733bdb4bb

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 23 Nov 2023 23:52:45 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.turtlediary.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
v1
btlr.sharethrough.com/universal/ 		700 B
782 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.77.24.115 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-24-115.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
47712824c48b5c8149ee07b4e04c0cd35ec75dcc98c5e6f0fc75f1854f69e35f

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 23 Nov 2023 23:52:45 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.turtlediary.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
409
v1
btlr.sharethrough.com/universal/ 		441 B
641 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.77.24.115 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-24-115.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
e77b0425c3e856209c5aa03aa406be4fae9fe9b0623429bf8a862c473f68abd3

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 23 Nov 2023 23:52:45 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.turtlediary.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
269
v1
btlr.sharethrough.com/universal/ 		688 B
759 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.77.24.115 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-24-115.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
865b9a963a93f64ec8206011abd5887fa8b2555e840990064c12ff469ebf74e4

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 23 Nov 2023 23:52:45 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.turtlediary.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
387
v1
btlr.sharethrough.com/universal/ 		664 B
789 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.77.24.115 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-24-115.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
18c9f28396a1900f21ec53fb6edc249d8c16e2d7523704e5b7061367b18a7c1c

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 23 Nov 2023 23:52:45 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.turtlediary.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
417
v1
btlr.sharethrough.com/universal/ 		859 B
848 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.77.24.115 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-24-115.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
9278d9ec4107061297756436259a4ed28ebb0c6bee94fbca0c06475de0896496

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 23 Nov 2023 23:52:45 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.turtlediary.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
476
v1
btlr.sharethrough.com/universal/ 		600 B
746 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.77.24.115 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-24-115.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
67e9ef2dad9b6e57008ef45c10c87262d4bc5008e66224827c2c4ccc871de835

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 23 Nov 2023 23:52:45 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.turtlediary.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
374
3879e30ec529461c54c5f461a411be58eabc3fbaed
fronttoad.com/create/2a6ee3a48f0c/ 		299 B
818 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fronttoad.com/create/2a6ee3a48f0c/3879e30ec529461c54c5f461a411be58eabc3fbaed
Requested by
Host: fronttoad.com
URL: https://fronttoad.com/public/138ee6b51dd171d212710cf13483a286c139c2.index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.63.134 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
134.63.160.34.bc.googleusercontent.com
Software
/
Resource Hash
30daa447f4de7cc794ddff076fd1e834d59271f68d4937faeb75d4bdee465c77
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Thu, 23 Nov 2023 23:52:45 GMT
via
1.1 google
x-buildnumber
1072352451
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
299
x-datacenter
gce-asia-east1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.turtlediary.com
x-hostname
fen-hoothoot-asia-east1-spot-5cvp
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Thu, 23 Nov 2023 23:52:44 GMT
country
api.btloader.com/ 		16 B
133 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/country
Requested by
Host: freestar-io.videoplayerhub.com
URL: https://freestar-io.videoplayerhub.com/gallery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
fa1f876cb70f7a711191b9dab191d9cc1c037ae4f5f5ea032dfe742f51c07f65

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 23:52:45 GMT
via
1.1 google
vary
Origin
content-type
application/json
access-control-allow-origin
*
cache-control
private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
pv
api.btloader.com/ 		0
67 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/pv?tid=ILAqxGxCWH&w=5171088952131584&o=5714937848528896&cv=2.1.24-1-g0c437e2&widget=false&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fwww.turtlediary.com%2F&sid=ZWURy0puC&pm=true&upapi=true
Requested by
Host: freestar-io.videoplayerhub.com
URL: https://freestar-io.videoplayerhub.com/gallery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 23 Nov 2023 23:52:45 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
pd
google-bidout-d.openx.net/w/1.0/ Frame 1E03 		484 B
735 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
f2af5eb48fa05a661a8ae11c8ef6872d268402d53ffc0351860504406c496783

Request headers

Referer
https://www.turtlediary.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
308
content-type
text/html
date
Thu, 23 Nov 2023 23:52:45 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
increment
id5-sync.com/api/esp/ 		0
235 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.turtlediary.com
date
Thu, 23 Nov 2023 23:52:45 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
sd
us-u.openx.net/w/1.0/ Frame 1E03
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=ad4218e5-7acf-775c-ca21-d947595dd36d&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=26f23103-179c-4aa3-bd2c-21572cdcc184&ttd_puid=ad4218e5-7acf-775c-ca21-d947595dd36d&gdpr=0&gdpr_consent=
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=26f23103-179c-4aa3-bd2c-21572cdcc184&ttd_puid=ad4218e5-7acf-775c-ca21-d947595dd36d&gdpr=0&gdpr_consent=
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:45 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=26f23103-179c-4aa3-bd2c-21572cdcc184&ttd_puid=ad4218e5-7acf-775c-ca21-d947595dd36d&gdpr=0&gdpr_consent=
date
Thu, 23 Nov 2023 23:52:45 GMT
server
Kestrel
content-length
335
sd
jp-u.openx.net/w/1.0/ Frame 1E03
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=openx
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZV-lzcCo8XgAALbROUgAAAAA
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZV-lzcCo8XgAALbROUgAAAAA
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:46 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

X-SO-Cluster-ID
0
Date
Thu, 23 Nov 2023 23:52:46 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":0,"gdpr":false,"ipv4":"66.203.112.163","key":"ZV-lzcCo8XgAALbROUgAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40366"}
X-SO-Key
ZV-lzcCo8XgAALbROUgAAAAA
Server
nginx
X-SO-Upstream-ID
a-ad40366
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZV-lzcCo8XgAALbROUgAAAAA
Cache-Control
private
X-SO-HostName
a-ad40366.dc2p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
1
Content-Length
0
X-SO-LB-Hostname
m-tgng20.dc4p.scaleout.jp
X-SO-IP
66.203.112.163
sd
jp-u.openx.net/w/1.0/ Frame 1E03
Redirect Chain
  • https://cr-p3.ladsp.com/cookiesender/3
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AcTLqXuvel_rks8AD7MPFmD6L88AAAGL_pmrVA
43 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AcTLqXuvel_rks8AD7MPFmD6L88AAAGL_pmrVA
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:45 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:45 GMT
via
1.1 59c28089b3545e4c431888bcebce405c.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
SYD1-C2
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AcTLqXuvel_rks8AD7MPFmD6L88AAAGL_pmrVA
cache-control
no-cache
content-length
0
x-amz-cf-id
_qIcctcO5P1g7zOUxvTATF2hn2-q1ijMcf0lGzGPCjCvqPXt-JSSbA==
expires
-1
pixel
cm.g.doubleclick.net/ Frame 1E03
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ODEyZGNiMmYtYjNiOC0yOWY4LWRmYzEtODNmZTkzYmYxZDBk
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ODEyZGNiMmYtYjNiOC0yOWY4LWRmYzEtODNmZTkzYmYxZDBk&google_tc=
170 B
244 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ODEyZGNiMmYtYjNiOC0yOWY4LWRmYzEtODNmZTkzYmYxZDBk&google_tc=
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
142.250.204.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:45 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ODEyZGNiMmYtYjNiOC0yOWY4LWRmYzEtODNmZTkzYmYxZDBk&google_tc=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 1E03
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBQCWrk5cZV42cMZs7d8FdQ&google_cver=1
43 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBQCWrk5cZV42cMZs7d8FdQ&google_cver=1
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:45 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:45 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBQCWrk5cZV42cMZs7d8FdQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
c
c.pub.network/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.turtlediary.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.turtlediary.com
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 23 Nov 2023 23:52:45 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
via
1.1 google
c
c.pub.network/v2/ 		36 B
53 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/analytics/1.2.5/analytics.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
270fd5ef990d8cdcc91e68e2ddb14b00d9403ea70a146d60622c246161374c0b

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 23 Nov 2023 23:52:45 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://www.turtlediary.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
rules-p-UeXruRVtZz7w6.js
rules.quantcount.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-UeXruRVtZz7w6.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.181.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-181-49.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a7b5f5f96f81dea4efc53e1d4dae8b37c28bec27a45b42ccf604ee759e20caec

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 23:10:13 GMT
content-encoding
gzip
via
1.1 483c7c88d4db2ecfd894042db6a4e9c8.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD1-C2
age
2553
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Thu, 07 Dec 2017 17:06:25 GMT
server
AmazonS3
etag
W/"cbc97d16c77ea1fcbbf42d246001e982"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-id
6r4AD-rCrZXgG1oAKeqDVm3GblVAi2TSxRc3bfEkQ_V87gZtn6BfyA==
474
a.ad.gt/api/v1/u/matches/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/u/matches/474?_it=prebid
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.turtlediary.com%2F&ref=&_it=freestar&partner_id=474&ha=_hadron
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c054d631a869a67d8e42c49e3f48283f5d66b9c444b889a8efae0d936eb0188d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 23:52:46 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 23 Nov 2023 23:49:29 GMT
server
cloudflare
age
197
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cross-origin-resource-policy
cross-origin
cf-ray
82ad53e77a885581-SYD
liveView.php
live.primis.tech/live/ Frame 563F 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?s=114564&cbuster=1700783565&pubUrl=https://www.turtlediary.com/&x=400&y=272&playerApiId=freestarPrimisPlayer&schain=1.0,1!freestar.com,1564,1&cbuster=1700783565&pubUrlAuto=https%3A%2F%2Fwww.turtlediary.com%2F&videoType=sticky&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=114564&cbuster=1700783565&pubUrl=https://www.turtlediary.com/&x=400&y=272&playerApiId=freestarPrimisPlayer&schain=1.0,1!freestar.com,1564,1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-4.sin5.r.cloudfront.net
Software
nginx /
Resource Hash
3d1d5ea5e3e39a432b9619f393b448b15aa4af365a22b30ac2cce130463c6525

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:45 GMT
content-encoding
gzip
via
1.1 fb176da9df72832dd488674f28c0a880.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SIN5-C1
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
jMSItTfipnOtXV6TbCiieyXzg525IMdhFCzrz988qz7Zo3JkBDo04A==
ads
securepubads.g.doubleclick.net/gampad/ 		1 KB
872 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4037120793813158&correlator=3834674502831778&eid=31079673%2C31079694%2C31079527&output=ldjh&gdfp_req=1&vrg=202311130101&ptt=17&impl=fifs&iu_parts=15184186%3A5358318%2Cturtlediary_rightrail_1%2Cturtlediary_rightrail_2&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=300x50%7C300x100%7C250x250%7C300x250%7C336x280%2C300x50%7C300x100%7C250x250%7C300x250%7C336x280&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1700783565756&lmt=1700783565&adxs=1240%2C1240&adys=183%2C515&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.turtlediary.com%2F&vis=1&psz=400x-1%7C400x-1&msz=400x-1%7C400x-1&fws=516%2C516&ohw=1600%2C1600&ga_vid=1678017089.1700783564&ga_sid=1700783566&ga_hid=1170208718&ga_fc=true&a3p=EloKDWNyd2RjbnRybC5uZXQSQDU3M2M1ZDg4MWNkYWIzZDNiYzAwNDAyMjE3YzQxNmQ1MzkzODY1NWI5YmZiNGI4ZGE2ZjVkMDM0NTYyOGVlZGMYntTm9L8xSAASGQoKcHViY2lkLm9yZxix1Ob0vzFIAFICCGoSFwoIcnRiaG91c2UY69Pm9L8xSABSAghqEj4KBW9wZW54EixleUpwSWpvaVpuVTBiblpPVGtsVFMzVlJPWGhIZGxCWWNtZHJRVDA5SW4wPRi11Ob0vzFIABIbCgxpZDUtc3luYy5jb20YuNHm9L8xSABSAghk&dlt=1700783562511&idt=2166&prev_scp=fsrefresh%3D0%26fsrebid%3D0%26fs_uuid%3Dbe4040b3-1215-407b-a036-6b97ebb92186%26fs_placementName%3Dturtlediary_rightrail_1%26fs_ad_product%3Dbanner%26fsbid%3Dtimeout%7Cfsrefresh%3D0%26fsrebid%3D0%26fs_uuid%3D29193551-28ba-40f3-922a-d13563846d63%26fs_placementName%3Dturtlediary_rightrail_2%26fs_ad_product%3Dbanner%26fsbid%3Dtimeout&cust_params=user-agent%3DChrome%26fs_session_id%3D8c363077-3a1e-458f-82b0-67ed9265b43d%26fs_pageview_id%3D41dd9f03604084fd52d200f3ad1731c1%26fs_iiq_enabled%3Dtrue%26floors_user%3D0%26floors_rtt%3D1%26fs_clientservermask%3D220232331212212102112%26fs_testgroup%3Doptimised&adks=469835515%2C1327134113&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079694
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
f8ef0b666f8dea62b61e1e25734e1823e810b661651d639ed5663cef4f15c9bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 23:52:46 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
362
x-xss-protection
0
google-lineitem-id
-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.turtlediary.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
1652a92e08b530b0cf1938630f75d069.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 847A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1652a92e08b530b0cf1938630f75d069.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079694
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.turtlediary.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 23 Nov 2023 23:52:46 GMT
expires
Fri, 22 Nov 2024 23:52:46 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
optimise.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://optimise.net/?k=1&d=www.turtlediary.com&t=desktop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.152.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.152.111.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
x-api-key
Access-Control-Request-Method
GET
Origin
https://www.turtlediary.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key
access-control-allow-methods
ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
access-control-allow-origin
https://www.turtlediary.com
access-control-expose-headers
fs-client-rtt
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
date
Thu, 23 Nov 2023 23:52:45 GMT
expires
0
fs-client-rtt
2
pragma
no-cache
strict-transport-security
max-age=31536000;includeSubDomains;preload;
via
1.1 google
/
optimise.net/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://optimise.net/?k=1&d=www.turtlediary.com&t=desktop
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/5.19.15/pubfig.engine.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.152.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.152.111.34.bc.googleusercontent.com
Software
/
Resource Hash
d672b8fc4ad807877b8b70812b79b9464af39f3bf4a6c05ab5015d3eb227e864
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload;

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
x-api-key
4e799501-b8b6-4ef1-bad5-225b3dd1aa8d

Response headers

strict-transport-security
max-age=31536000;includeSubDomains;preload;
via
1.1 google
date
Thu, 23 Nov 2023 23:41:48 GMT
fs-client-rtt
2
age
657
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1481
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
content-type
application/json
access-control-allow-origin
https://www.turtlediary.com
access-control-expose-headers
fs-client-rtt
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key
expires
0
deflate.min.js
live.primis.tech/main/js/ Frame 563F 		13 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/main/js/deflate.min.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=114564&cbuster=1700783565&pubUrl=https://www.turtlediary.com/&x=400&y=272&playerApiId=freestarPrimisPlayer&schain=1.0,1!freestar.com,1564,1&cbuster=1700783565&pubUrlAuto=https%3A%2F%2Fwww.turtlediary.com%2F&videoType=sticky&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-4.sin5.r.cloudfront.net
Software
nginx /
Resource Hash
407a567abfabf78843c1dfe24457bb650325d8f93e9396a00ce686172756244f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 23:52:45 GMT
content-encoding
gzip
via
1.1 fb176da9df72832dd488674f28c0a880.cloudfront.net (CloudFront)
last-modified
Tue, 15 Aug 2023 09:50:11 GMT
server
nginx
x-amz-cf-pop
SIN5-C1
etag
W/"64db4a53-3217"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
YabQ0ScoogNspvaz3B5lD3CZHhHfE6ytV5s8-jwGp3K7tZRM9OtuBA==
omweb-v1.min.js
live.primis.tech/content/omid/static/ Frame 563F 		39 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/omid/static/omweb-v1.min.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=114564&cbuster=1700783565&pubUrl=https://www.turtlediary.com/&x=400&y=272&playerApiId=freestarPrimisPlayer&schain=1.0,1!freestar.com,1564,1&cbuster=1700783565&pubUrlAuto=https%3A%2F%2Fwww.turtlediary.com%2F&videoType=sticky&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-4.sin5.r.cloudfront.net
Software
nginx /
Resource Hash
01172e9ac9330920e66e282d2d77ed1ae863bbab08aec27b168e8d3c82d50c18

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 23:52:45 GMT
content-encoding
gzip
via
1.1 fb176da9df72832dd488674f28c0a880.cloudfront.net (CloudFront)
last-modified
Mon, 07 Aug 2023 08:33:09 GMT
server
nginx
x-amz-cf-pop
SIN5-C1
etag
W/"64d0ac45-9c3c"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
W8UJdOplCVdpx5nOzSJzC7Jd7RP2Js4ldAz_qtp5O2tP_4MJ_NJGBQ==
omid-session-client-v1.js
live.primis.tech/content/omid/static/ Frame 563F 		64 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/omid/static/omid-session-client-v1.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=114564&cbuster=1700783565&pubUrl=https://www.turtlediary.com/&x=400&y=272&playerApiId=freestarPrimisPlayer&schain=1.0,1!freestar.com,1564,1&cbuster=1700783565&pubUrlAuto=https%3A%2F%2Fwww.turtlediary.com%2F&videoType=sticky&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-4.sin5.r.cloudfront.net
Software
nginx /
Resource Hash
0804a138d2373d667829f97ef1789c8563ed2730275ef0a6aba5facb75b29a85

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 23:52:45 GMT
content-encoding
gzip
via
1.1 fb176da9df72832dd488674f28c0a880.cloudfront.net (CloudFront)
last-modified
Mon, 07 Aug 2023 08:33:09 GMT
server
nginx
x-amz-cf-pop
SIN5-C1
etag
W/"64d0ac45-1013e"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
I3Dxjy2aOaBtwV19HsqlgrolFlkAfCcbCbgiNtk17l6zUCf_8dpeGw==
hls.0.12.4_3.min.js
live.primis.tech/content/video/hls/ Frame 563F 		258 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=114564&cbuster=1700783565&pubUrl=https://www.turtlediary.com/&x=400&y=272&playerApiId=freestarPrimisPlayer&schain=1.0,1!freestar.com,1564,1&cbuster=1700783565&pubUrlAuto=https%3A%2F%2Fwww.turtlediary.com%2F&videoType=sticky&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-4.sin5.r.cloudfront.net
Software
nginx /
Resource Hash
a20010b26bce05ea3cfc83cf3a162b7c16b5d2fa2bcf2253b0394b0eb322347a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 23:52:45 GMT
content-encoding
gzip
via
1.1 fb176da9df72832dd488674f28c0a880.cloudfront.net (CloudFront)
last-modified
Wed, 23 Mar 2022 12:48:40 GMT
server
nginx
x-amz-cf-pop
SIN5-C1
etag
W/"623b1728-409bc"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
oTEFjCAJtmBBL8ZcAJiW1CSRGtCVP1eFAeC3QVV7HC4DBqSoXu1qSQ==
expires
Fri, 22 Nov 2024 23:52:45 GMT
prebidVid.7.16.0_18.min.js
live.primis.tech/content/prebid/ Frame 563F 		527 KB
265 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/prebid/prebidVid.7.16.0_18.min.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=114564&cbuster=1700783565&pubUrl=https://www.turtlediary.com/&x=400&y=272&playerApiId=freestarPrimisPlayer&schain=1.0,1!freestar.com,1564,1&cbuster=1700783565&pubUrlAuto=https%3A%2F%2Fwww.turtlediary.com%2F&videoType=sticky&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-4.sin5.r.cloudfront.net
Software
nginx /
Resource Hash
de495615086d5c815a2b07dddb246c9ad6ca96f6f44de4975424586b5b91fbe3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 23:52:45 GMT
content-encoding
gzip
via
1.1 fb176da9df72832dd488674f28c0a880.cloudfront.net (CloudFront)
last-modified
Wed, 15 Nov 2023 09:16:13 GMT
server
nginx
x-amz-cf-pop
SIN5-C1
etag
W/"65548c5d-83ac7"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
yuP978B7gxxQzPjDcQgdBPuoOCRoErH9RjZUlRFDiWqtfDhvs1dJQg==
expires
Fri, 22 Nov 2024 23:52:45 GMT
liveVideo.php
live.primis.tech/live/ Frame 563F 		622 KB
246 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D31312D32345F30317D7B7331373235363937307D7B4337377D7B53643364334C6E5231636E52735A57527059584A354C6D4E7662513D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593237327D7B66317D7B4C373734387DFEFE&userIpAddr=66.203.112.163&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F119.0.6045.159+Safari%2F537.36&debugInformation=&isWePassGdpr=1&schain=1.0%2C1%21freestar.com%2C1564%2C1&noViewableMidrollPolicy=off&isDoublePreroll=1&autoSkipVideoSec=20&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1700783565&csuuid=655fe5cd86b79&debugInfo=17256970_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17256970&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed3306uhxzrtjs&secondaryContent=&x=400&y=272&pubUrl=https%3A%2F%2Fwww.turtlediary.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=105&impGap=1&flow_width=400&flow_height=225&videoType=sticky&gdpr=0&gdprConsent=&contentFeedId=&geoLati=-33&geoLong=146&vpTemplate=7748&flowMode=seenboth&isRealPreroll=0&playerApiId=freestarPrimisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=&appName=&appBundleId=https%3A%2F%2Fwww.turtlediary.com%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=114564&cbuster=1700783565&pubUrl=https://www.turtlediary.com/&x=400&y=272&playerApiId=freestarPrimisPlayer&schain=1.0,1!freestar.com,1564,1&cbuster=1700783565&pubUrlAuto=https%3A%2F%2Fwww.turtlediary.com%2F&videoType=sticky&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-4.sin5.r.cloudfront.net
Software
nginx /
Resource Hash
fd6dfd3500d3e4291cbc3e2c675fb950d1ec7f7b7eaae2c16c7b739bdc4bf717

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 23:52:45 GMT
content-encoding
gzip
via
1.1 fb176da9df72832dd488674f28c0a880.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SIN5-C1
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
fMkLoAUdFx-Myjco-Nivu_LREKYV4KaH4EQhXvMW7Q_I0LRkUeVO6g==
pixel;r=927397705;labels=keywords.free%20educational%20games%2Ckeywords.kids%20educational%20games%2Ckeywords.online%20educational%20games%20for%20kids%2Ckeywords.education%20games%20online%2Ckeywo...
pixel.quantserve.com/ 		35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=927397705;labels=keywords.free%20educational%20games%2Ckeywords.kids%20educational%20games%2Ckeywords.online%20educational%20games%20for%20kids%2Ckeywords.education%20games%20online%2Ckeywords.educational%20computer%20games%20for%20kids%2Ckeywords.educational%20games%20for%20kids%20online%2Ckeywords.kids%20educational%20videos%2Ckeywords.interactive%20educational%20games%2Ckeywords.kids%20learning%20games%2Ckeywords.free%20online%20learning%20games%2Ckeywords.free%20kids%20learning%20games%2Ckeywords.gudli%2Ckeywords.cookie%20games%2Ckeywords.cookies%20games;rf=0;a=p-UeXruRVtZz7w6;url=https%3A%2F%2Fwww.turtlediary.com%2F;uht=2;fpan=1;fpa=P0-773952562-1700783565642;pbc=;ns=0;ce=1;qjs=1;qv=6076e8c2-20231114150359;cm=;gdpr=0;ref=;d=turtlediary.com;dst=0;et=1700783565985;tzo=-480;ogl=;ses=dd55a960-64ad-48cb-8baa-dbb060fc6324;mdl=
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.180 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:46 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
474
p.ad.gt/api/v1/p/ 		46 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.ad.gt/api/v1/p/474
Requested by
Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/474?_it=prebid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.5.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b37d9f1009dc8fec3476dbafc42de9ea497971896cfb3487ddf4adaec2ee970

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 23:52:46 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 23 Nov 2023 23:52:40 GMT
server
cloudflare
age
6
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
82ad53e9cf5e6a5a-SYD
halo_match
ids.ad.gt/api/v1/ 		43 B
171 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/halo_match?id=AU1D-0100-001700783566-T2QATTFP-8DA1&halo_id=060968ie9966h9h7aj8chfld7high6ec6k9604um6600s6s2ew4iso0k2suqs0mi0
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.5.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 23:52:46 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
82ad53e9cc15a96e-SYD
content-length
43
content-type
image/gif
match
ids.ad.gt/api/v1/
Redirect Chain
  • https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001700783566-T2QATTFP-8DA1&adnxs_id=$UID&gdpr=0
  • https://ids.ad.gt/api/v1/match?id=AU1D-0100-001700783566-T2QATTFP-8DA1&adnxs_id=4572801297682017392&gdpr=0
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001700783566-T2QATTFP-8DA1&adnxs_id=4572801297682017392&gdpr=0
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Server
104.22.5.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 23:52:46 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
82ad53e9cc17a96e-SYD
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:46 GMT
an-x-request-uuid
a1bfb279-ebd1-4d5a-9897-0fdf2dcf1609
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001700783566-T2QATTFP-8DA1&adnxs_id=4572801297682017392&gdpr=0
x-proxy-origin
66.203.112.163; 66.203.112.163; 591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
t_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001700783566-T2QATTFP-8DA1&gdpr=0
  • https://ids.ad.gt/api/v1/t_match?tdid=26f23103-179c-4aa3-bd2c-21572cdcc184&id=AU1D-0100-001700783566-T2QATTFP-8DA1
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/t_match?tdid=26f23103-179c-4aa3-bd2c-21572cdcc184&id=AU1D-0100-001700783566-T2QATTFP-8DA1
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Server
104.22.5.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 23:52:46 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
82ad53e9cc16a96e-SYD
content-length
43
content-type
image/gif

Redirect headers

location
https://ids.ad.gt/api/v1/t_match?tdid=26f23103-179c-4aa3-bd2c-21572cdcc184&id=AU1D-0100-001700783566-T2QATTFP-8DA1
date
Thu, 23 Nov 2023 23:52:46 GMT
server
Kestrel
content-length
259
pbm_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001700783566-T2QATTFP-8DA1
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001700783566-T2QATTFP-8DA1
  • https://ids.ad.gt/api/v1/pbm_match?pbm=0A657C5F-D245-45A8-9BC1-CB8389B02520&id=AU1D-0100-001700783566-T2QATTFP-8DA1
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/pbm_match?pbm=0A657C5F-D245-45A8-9BC1-CB8389B02520&id=AU1D-0100-001700783566-T2QATTFP-8DA1
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Server
104.22.5.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 23:52:46 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
82ad53ea3cc2a96e-SYD
content-length
43
content-type
image/gif

Redirect headers

location
https://ids.ad.gt/api/v1/pbm_match?pbm=0A657C5F-D245-45A8-9BC1-CB8389B02520&id=AU1D-0100-001700783566-T2QATTFP-8DA1
date
Thu, 23 Nov 2023 17:00:08 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
token
token.rubiconproject.com/ 		0
695 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/token?pid=50242&puid=AU1D-0100-001700783566-T2QATTFP-8DA1&gdpr=0
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
f60a7260b0ebb7a40a81234af4a9e826
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tapad_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001700783566-T2QATTFP-8DA1&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001700783566...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3185&partner_device_id=AU1D-0100-001700783566-T2QATTFP-8DA1&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001700...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=2fd0d5b5-50bf-4118-9d4e-7d8d4331eb19%252Chttps%25253A%25252F%25252Fids.ad.gt%25252Fapi%25252Fv1%25252Ftapad_match%25253Fi...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=26f23103-179c-4aa3-bd2c-21572cdcc184&ttd_puid=2fd0d5b5-50bf-4118-9d4e-7d8d4331eb19%2Chttps%253A%252F%252Fids.ad.gt%252Fap...
  • https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001700783566-T2QATTFP-8DA1&tapad_id=2fd0d5b5-50bf-4118-9d4e-7d8d4331eb19
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001700783566-T2QATTFP-8DA1&tapad_id=2fd0d5b5-50bf-4118-9d4e-7d8d4331eb19
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Server
104.22.5.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 23:52:46 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
82ad53ea9d35a96e-SYD
content-length
43
content-type
image/gif

Redirect headers

date
Thu, 23 Nov 2023 23:52:46 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001700783566-T2QATTFP-8DA1&tapad_id=2fd0d5b5-50bf-4118-9d4e-7d8d4331eb19
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
g_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001700783566-T2QATTFP-8DA1
  • https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001700783566-T2QATTFP-8DA1&google_gid=CAESEG21Wrx2SiV7S46niEE27as&google_cver=1&google_ula=450542624,0
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001700783566-T2QATTFP-8DA1&google_gid=CAESEG21Wrx2SiV7S46niEE27as&google_cver=1&google_ula=450542624,0
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Server
104.22.5.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 23:52:46 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
82ad53e9cc19a96e-SYD
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:46 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001700783566-T2QATTFP-8DA1&google_gid=CAESEG21Wrx2SiV7S46niEE27as&google_cver=1&google_ula=450542624,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
357
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001700783566-T2QATTFP-8DA1
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcwMDc4MzU2Ni1UMlFBVFRGUC04REEx
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcwMDc4MzU2Ni1UMlFBVFRGUC04REEx
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H3
Server
142.250.204.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcwMDc4MzU2Ni1UMlFBVFRGUC04REEx
date
Thu, 23 Nov 2023 23:52:46 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
82ad53e9cc14a96e-SYD
content-type
text/html; charset=utf-8
ium
ssum-sec.casalemedia.com/ 		0
481 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/ium?sourceid=15&uid=060968ie9966h9h7aj8chfld7high6ec6k9604um6600s6s2ew4iso0k2suqs0mi0&gdpr=0
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:46 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Aunt3mdDoS2%2Bk4SRpVWhEM7v72conHuPDDcJcW1PyaJmc7U%2FEilkvUoVx7qNV26wS0iogTL8CKq1385y2o3%2B5DhTlyQqWd%2FD0SQbv%2BLJLfJYMXBT076hP%2Bf8X7PuINbgtXFvpeYALX6kkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=0, no-cache, no-store
cf-ray
82ad53e7dd8ea955-SYD
alt-svc
h3=":443"; ma=86400
content-length
0
expires
Thu, 23 Nov 2023 23:52:46 GMT
getuid
sync.smartadserver.com/
Redirect Chain
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fsmart_match%3Fid%3DAU1D-0100-001700783566-T2QATTFP-8DA1%26sas_uid%3D%5bsas_uid%5d&gdpr=0
  • https://sync.smartadserver.com/getuid?url=https://ids.ad.gt/api/v1/smart_match?id=AU1D-0100-001700783566-T2QATTFP-8DA1&sas_uid=[sas_uid]&gdpr=0&cklb=1
0
316 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.smartadserver.com/getuid?url=https://ids.ad.gt/api/v1/smart_match?id=AU1D-0100-001700783566-T2QATTFP-8DA1&sas_uid=[sas_uid]&gdpr=0&cklb=1
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
HTTP/1.1
Server
23.106.127.169 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:46 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://sync.smartadserver.com:443/getuid?url=https://ids.ad.gt/api/v1/smart_match?id=AU1D-0100-001700783566-T2QATTFP-8DA1&sas_uid=[sas_uid]&gdpr=0&cklb=1
pragma
no-cache
date
Thu, 23 Nov 2023 23:52:47 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
son_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://sync.go.sonobi.com/us?https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001700783566-T2QATTFP-8DA1&uid=[UID]&gdpr=0
  • https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001700783566-T2QATTFP-8DA1&uid=3424a288-8de4-49d9-b442-47038e9ba8a0&gdpr=0
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001700783566-T2QATTFP-8DA1&uid=3424a288-8de4-49d9-b442-47038e9ba8a0&gdpr=0
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Server
104.22.5.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 23:52:46 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
82ad53eb8e3da96e-SYD
content-length
43
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 23:52:46 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-lax-1-5-75
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001700783566-T2QATTFP-8DA1&uid=3424a288-8de4-49d9-b442-47038e9ba8a0&gdpr=0
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
2b1e91cf83e04ef163928945e655af3574b813747ef
fronttoad.com/4d0840710d7/ 		3 B
100 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fronttoad.com/4d0840710d7/2b1e91cf83e04ef163928945e655af3574b813747ef
Requested by
Host: fronttoad.com
URL: https://fronttoad.com/public/138ee6b51dd171d212710cf13483a286c139c2.index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.63.134 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
134.63.160.34.bc.googleusercontent.com
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Thu, 23 Nov 2023 23:52:46 GMT
via
1.1 google
x-buildnumber
1072352451
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
x-datacenter
gce-asia-east1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.turtlediary.com
x-hostname
fen-hoothoot-asia-east1-spot-5cvp
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Thu, 23 Nov 2023 23:52:45 GMT
rtd
id.hadron.ad.gt/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/api/v1/rtd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.turtlediary.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
allow
POST, OPTIONS, GET
cf-cache-status
DYNAMIC
cf-ray
82ad53e9ecbb558d-SYD
content-length
0
content-type
application/json
date
Thu, 23 Nov 2023 23:52:46 GMT
debug
rtd-nx-sv
server
cloudflare
rtd
id.hadron.ad.gt/api/v1/ 		27 B
86 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/api/v1/rtd
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33c1ab6a01b4049878497c2874d8cbb72e14ee7cf14fafec3c09b45f9874b67e

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 23 Nov 2023 23:52:46 GMT
cf-cache-status
DYNAMIC
server
cloudflare
allow
POST, OPTIONS, GET
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
debug
rtd-nx-sv
access-control-allow-headers
*
content-length
27
cf-ray
82ad53eaedc9558d-SYD
rtd
id.hadron.ad.gt/api/v1/ 		27 B
83 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/api/v1/rtd
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33c1ab6a01b4049878497c2874d8cbb72e14ee7cf14fafec3c09b45f9874b67e

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 23 Nov 2023 23:52:46 GMT
cf-cache-status
DYNAMIC
server
cloudflare
allow
POST, OPTIONS, GET
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
debug
rtd-nx-sv
access-control-allow-headers
*
content-length
27
cf-ray
82ad53eafdd3558d-SYD
rtd
id.hadron.ad.gt/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/api/v1/rtd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.turtlediary.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
allow
POST, OPTIONS, GET
cf-cache-status
DYNAMIC
cf-ray
82ad53e9ecc2558d-SYD
content-length
0
content-type
application/json
date
Thu, 23 Nov 2023 23:52:46 GMT
debug
rtd-nx-sv
server
cloudflare
ecommerce.js
www.google-analytics.com/plugins/ua/ 		1 KB
962 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ecommerce.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.76.110 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f14.1e100.net
Software
sffe /
Resource Hash
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 23:20:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
1942
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
630
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 24 Nov 2023 00:20:24 GMT
ec.js
www.google-analytics.com/plugins/ua/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.76.110 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f14.1e100.net
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 23:20:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
1941
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1129
x-xss-protection
0
last-modified
Tue, 27 Jun 2023 17:28:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 24 Nov 2023 00:20:25 GMT
collect
a.ad.gt/api/v1/ 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/collect
Requested by
Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/474
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-type
text/plain

Response headers

date
Thu, 23 Nov 2023 23:52:46 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.turtlediary.com
access-control-allow-credentials
true
cf-ray
82ad53ebe8f76a6c-SYD
getpixels
pixels.ad.gt/api/v1/ 		0
109 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pixels.ad.gt/api/v1/getpixels?tagger_id=b675edec88cbaf204be8e99a026de854&url=https%3A%2F%2Fwww.turtlediary.com%2F&code=%27none%27
Requested by
Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/474
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 23:52:46 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
82ad53ec0d995587-SYD
content-type
text/html; charset=utf-8
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.77.152.198 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-152-198.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.90 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.turtlediary.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.turtlediary.com
access-control-max-age
600
age
0
content-length
0
date
Thu, 23 Nov 2023 23:52:46 GMT
server
ATS/9.1.10.90
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.77.152.198 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-152-198.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.90 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.turtlediary.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.turtlediary.com
access-control-max-age
600
age
0
content-length
0
date
Thu, 23 Nov 2023 23:52:46 GMT
server
ATS/9.1.10.90
auction
s2s.t13.io/openrtb2/ 		0
0
auction
tlx.3lift.com/header/ 		19 B
762 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.48.0&referrer=https%3A%2F%2Fwww.turtlediary.com%2F&tmax=740
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.76.40.2 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-76-40-2.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:46 GMT
accept-ch
sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list
x-auction-status
29
content-type
application/json; charset=utf-8
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.turtlediary.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
v1
btlr.sharethrough.com/universal/ 		539 B
725 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.77.24.115 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-24-115.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
1d615cce173cd5fc0a4bf61282c600b5bf90a45df308f8c3017274434b28a8c4

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 23 Nov 2023 23:52:46 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.turtlediary.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
353
v1
btlr.sharethrough.com/universal/ 		697 B
794 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.77.24.115 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-24-115.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
b4716830c4d28552ad0b3999b59d28187ec2ba819618bbfac3ca9a2f0ba1c3b7

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 23 Nov 2023 23:52:46 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.turtlediary.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
422
v1
btlr.sharethrough.com/universal/ 		623 B
756 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.77.24.115 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-24-115.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
85953b4641cdc7eb32550f557d1f1e8cc617dc1ec47199a2d360feed4c13ba3c

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 23 Nov 2023 23:52:46 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.turtlediary.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
384
prebid
ib.adnxs.com/ut/v3/ 		139 B
821 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.178 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
f0b9f311ad90f73a67e8d16a392ba1e8950e4030828d44197803d831acfc8ffb
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:46 GMT
an-x-request-uuid
e6304e01-a4fc-434b-96c6-0da2f5ab9199
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.turtlediary.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
66.203.112.163; 66.203.112.163; 591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
139
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
ap.lijit.com/rtb/ 		95 B
628 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.48.0
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.191.163.208 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
03bd3a5d2e936c7de83bc2059c35850d748e225a9d9366318717b10c875ec298

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 23 Nov 2023 23:52:46 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.turtlediary.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
98
hbjson
grid.bidswitch.net/ 		24 B
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.7.59 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
59.7.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
10ba8eb1e99bad838502157cbda8525b4783dce0ce219366ac6d01eade3e468d

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 23 Nov 2023 23:52:46 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.turtlediary.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
49
imp
g2.gumgum.com/hbid/ 		2 B
333 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1700783566430&to=-480&aun=turtlediary_rightrail_1&criteoId=ewaYKl93dkU1MFhZbCUyQnZjcTV4TDlxV0psdHBwR2FYUXNSeCUyQmY5WXJ2VSUyRmlqM0I4ZW1TckFKUWpWUlFzRFdtQlJ1dU9vJTJCQU94VmEzR2J5djYwbEEwUTV0N0ZRJTNEJTNE&hadronId=060968ie9966h9h7aj8chfld7high6ec6k9604um6600s6s2ew4iso0k2suqs0mi0&pubcid=62d589a0-990d-45cb-9116-6badf0e9dc12&tdid=26f23103-179c-4aa3-bd2c-21572cdcc184&gpid=%2F15184186%2Fturtlediary_rightrail_1%2Fturtlediary_rightrail_1&maxw=336&maxh=280&si=956834&pi=3&bf=336x280%2C300x250%2C250x250%2C300x100%2C300x50&schain=1.0%2C1!freestar.com%2C1564%2C1%2Cc01de26d-41c3-4819-9e34-ac312eddd222%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.turtlediary.com%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.48.0%22%7D&ogu=null&ns=10240
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.177.11.1 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-177-11-1.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:46 GMT
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.turtlediary.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
content-length
2
expires
0
imp
g2.gumgum.com/hbid/ 		2 B
333 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1700783566430&to=-480&aun=turtlediary_rightrail_1&criteoId=ewaYKl93dkU1MFhZbCUyQnZjcTV4TDlxV0psdHBwR2FYUXNSeCUyQmY5WXJ2VSUyRmlqM0I4ZW1TckFKUWpWUlFzRFdtQlJ1dU9vJTJCQU94VmEzR2J5djYwbEEwUTV0N0ZRJTNEJTNE&hadronId=060968ie9966h9h7aj8chfld7high6ec6k9604um6600s6s2ew4iso0k2suqs0mi0&pubcid=62d589a0-990d-45cb-9116-6badf0e9dc12&tdid=26f23103-179c-4aa3-bd2c-21572cdcc184&gpid=%2F15184186%2Fturtlediary_rightrail_1%2Fturtlediary_rightrail_1&maxw=336&maxh=280&si=956833&pi=3&bf=336x280%2C300x250%2C250x250%2C300x100%2C300x50&schain=1.0%2C1!freestar.com%2C1564%2C1%2Cc01de26d-41c3-4819-9e34-ac312eddd222%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.turtlediary.com%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.48.0%22%7D&ogu=null&ns=10240
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.177.11.1 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-177-11-1.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:46 GMT
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.turtlediary.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
content-length
2
expires
0
prebidjs
rtb.openx.net/openrtbb/ 		53 B
230 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
2c5326f95c3af5c4574e31d614d17f43618da2d43464536f5029a677f6b1629d

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 23 Nov 2023 23:52:46 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.turtlediary.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
prebid
ads.yieldmo.com/exchange/ 		0
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=7.48.0&p=%5B%7B%22placement_id%22%3A%22turtlediary_rightrail_1%22%2C%22callback_id%22%3A%2210294888ae6d8371%22%2C%22sizes%22%3A%5B%5B336%2C280%5D%2C%5B300%2C250%5D%2C%5B250%2C250%5D%2C%5B300%2C100%5D%2C%5B300%2C50%5D%5D%2C%22ym_placement_id%22%3A%223229990568557748911%22%2C%22gpid%22%3A%22%2F15184186%2Fturtlediary_rightrail_1%2Fturtlediary_rightrail_1%22%2C%22tid%22%3A%2281cb17d0-dd83-4ab2-872d-fba2a0433c58%22%2C%22auctionId%22%3A%2231f67a14-2bba-48a8-a4b8-115d10d94fee%22%7D%5D&page_url=https%3A%2F%2Fwww.turtlediary.com%2F&bust=1700783566432&dnt=false&description=1000%2B%20Free%20Educational%20Games%20for%20kids%20in%20Grade%20K%20to%205.%20Play%20Online%20and%20learn%20math%2C%20science%2C%20language%20arts%2C%20geography%20%26%20much%20more%20only%20with%20our%20award%20winning%20educational%20website.&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=&pr=&scrd=1&title=Educational%20Games%20%7C%20Educational%20Games%20For%20Kids%20%7C%20Turtle%20Diary&w=1600&h=1200&pubcid=62d589a0-990d-45cb-9116-6badf0e9dc12&tdid=26f23103-179c-4aa3-bd2c-21572cdcc184&cri_prebid=ewaYKl93dkU1MFhZbCUyQnZjcTV4TDlxV0psdHBwR2FYUXNSeCUyQmY5WXJ2VSUyRmlqM0I4ZW1TckFKUWpWUlFzRFdtQlJ1dU9vJTJCQU94VmEzR2J5djYwbEEwUTV0N0ZRJTNEJTNE&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.com%22%2C%22sid%22%3A%221564%22%2C%22hp%22%3A1%2C%22rid%22%3A%22c01de26d-41c3-4819-9e34-ac312eddd222%22%7D%5D%7D&eids=%5B%7B%22source%22%3A%22criteo.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22ewaYKl93dkU1MFhZbCUyQnZjcTV4TDlxV0psdHBwR2FYUXNSeCUyQmY5WXJ2VSUyRmlqM0I4ZW1TckFKUWpWUlFzRFdtQlJ1dU9vJTJCQU94VmEzR2J5djYwbEEwUTV0N0ZRJTNEJTNE%22%2C%22atype%22%3A1%7D%5D%7D%2C%7B%22source%22%3A%22audigent.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22060968ie9966h9h7aj8chfld7high6ec6k9604um6600s6s2ew4iso0k2suqs0mi0%22%2C%22atype%22%3A1%7D%5D%7D%2C%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2262d589a0-990d-45cb-9116-6badf0e9dc12%22%2C%22atype%22%3A1%7D%5D%7D%2C%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2226f23103-179c-4aa3-bd2c-21572cdcc184%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%5D%7D%5D
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.0.243.35 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-0-243-35.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.turtlediary.com
pragma
no-cache
date
Thu, 23 Nov 2023 23:52:46 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
prebid
prebid.media.net/rtb/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUJ8GUQF
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
d534291efb7d78d1fcf5cb0e1b2273acb11d6c989fd5f110473d2f570134b43c

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:46 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.turtlediary.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
211
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 23 Nov 2023 23:52:46 GMT
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.77.152.198 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-152-198.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.90 /
Resource Hash
5cb7a35776d6b39fca1209001dff98b5c26fc81de178c4cad9f07e8f0fd18948

Request headers

Referer
https://www.turtlediary.com/
x-openrtb-version
2.5
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 23 Nov 2023 23:52:46 GMT
content-encoding
gzip
server
ATS/9.1.10.90
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.turtlediary.com
access-control-allow-credentials
true
content-length
82
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.77.152.198 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-152-198.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.90 /
Resource Hash
561afc2bac4821081c6022d9e0b232653060a8bbb609d8f451fbb1c90ecce12a

Request headers

Referer
https://www.turtlediary.com/
x-openrtb-version
2.5
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 23 Nov 2023 23:52:46 GMT
content-encoding
gzip
server
ATS/9.1.10.90
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.turtlediary.com
access-control-allow-credentials
true
content-length
84
c
c.pub.network/v2/ 		36 B
53 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/analytics/1.2.5/analytics.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
270fd5ef990d8cdcc91e68e2ddb14b00d9403ea70a146d60622c246161374c0b

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 23 Nov 2023 23:52:46 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://www.turtlediary.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
c
c.pub.network/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.turtlediary.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.turtlediary.com
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 23 Nov 2023 23:52:46 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
via
1.1 google
primisslate.css
live.primis.tech/content/video/css/ 		18 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/video/css/primisslate.css
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D31312D32345F30317D7B7331373235363937307D7B4337377D7B53643364334C6E5231636E52735A57527059584A354C6D4E7662513D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593237327D7B66317D7B4C373734387DFEFE&userIpAddr=66.203.112.163&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F119.0.6045.159+Safari%2F537.36&debugInformation=&isWePassGdpr=1&schain=1.0%2C1%21freestar.com%2C1564%2C1&noViewableMidrollPolicy=off&isDoublePreroll=1&autoSkipVideoSec=20&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1700783565&csuuid=655fe5cd86b79&debugInfo=17256970_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17256970&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed3306uhxzrtjs&secondaryContent=&x=400&y=272&pubUrl=https%3A%2F%2Fwww.turtlediary.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=105&impGap=1&flow_width=400&flow_height=225&videoType=sticky&gdpr=0&gdprConsent=&contentFeedId=&geoLati=-33&geoLong=146&vpTemplate=7748&flowMode=seenboth&isRealPreroll=0&playerApiId=freestarPrimisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=&appName=&appBundleId=https%3A%2F%2Fwww.turtlediary.com%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-4.sin5.r.cloudfront.net
Software
nginx /
Resource Hash
dcbb76a8cb268e3ed25b14f8d4a9b8e906f20da34d903111c2d77fc2c34d83cc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 23:52:46 GMT
content-encoding
gzip
via
1.1 fb176da9df72832dd488674f28c0a880.cloudfront.net (CloudFront)
last-modified
Mon, 05 Jun 2023 10:07:42 GMT
server
nginx
x-amz-cf-pop
SIN5-C1
etag
W/"647db3ee-469b"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
_SamFbSrzyVDqSEi2UHClVAg54r0ebb6NFJ7SylztjHftbD0MAcm1A==
apstag.js
c.amazon-adsystem.com/aax2/ Frame 563F 		267 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D31312D32345F30317D7B7331373235363937307D7B4337377D7B53643364334C6E5231636E52735A57527059584A354C6D4E7662513D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593237327D7B66317D7B4C373734387DFEFE&userIpAddr=66.203.112.163&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F119.0.6045.159+Safari%2F537.36&debugInformation=&isWePassGdpr=1&schain=1.0%2C1%21freestar.com%2C1564%2C1&noViewableMidrollPolicy=off&isDoublePreroll=1&autoSkipVideoSec=20&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1700783565&csuuid=655fe5cd86b79&debugInfo=17256970_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17256970&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed3306uhxzrtjs&secondaryContent=&x=400&y=272&pubUrl=https%3A%2F%2Fwww.turtlediary.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=105&impGap=1&flow_width=400&flow_height=225&videoType=sticky&gdpr=0&gdprConsent=&contentFeedId=&geoLati=-33&geoLong=146&vpTemplate=7748&flowMode=seenboth&isRealPreroll=0&playerApiId=freestarPrimisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=&appName=&appBundleId=https%3A%2F%2Fwww.turtlediary.com%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.92.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-92-138.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c484c78d502a9769494d9fe87c9a826618b36fd60b567dee2cfa0f4e9163d79d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 22:59:23 GMT
content-encoding
gzip
via
1.1 0cd8fe15d9bdb168de9cd5f22954d220.cloudfront.net (CloudFront), 1.1 1d3e75fe2262e8a6f4a318b2bf3e6570.cloudfront.net (CloudFront)
last-modified
Mon, 13 Nov 2023 20:18:44 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P2, SYD62-P1
age
3204
x-amz-server-side-encryption
AES256
etag
W/"08899ab5b5f986f64974630ad47b39a1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
BtCb7AOR7PPUMeFIw1QIfBE9ce8hGU4N0a7x0mHhWeZayh1tODyOtg==
ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame 563F 		80 B
818 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=793790479&pt=17&dpn=1&jsver=5.09&dbsaved=false&iiqidtype=2&iiqpcid=a3925b35-2c07-4c41-8b27-2674e680b371&iiqpciddate=1700783564739&iiqcallcount=0&iiqfailcount=0&iiqnodata=false&iiqlocalstorageenabled=true&tsrnd=101_1700783566572&fbp=1120628899&cttl=43200000&rrtt=0&dud=0&abtg=A&iiqppcc=0&vrref=https%3A%2F%2Fwww.turtlediary.com%2F&ref=www.turtlediary.com
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D31312D32345F30317D7B7331373235363937307D7B4337377D7B53643364334C6E5231636E52735A57527059584A354C6D4E7662513D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593237327D7B66317D7B4C373734387DFEFE&userIpAddr=66.203.112.163&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F119.0.6045.159+Safari%2F537.36&debugInformation=&isWePassGdpr=1&schain=1.0%2C1%21freestar.com%2C1564%2C1&noViewableMidrollPolicy=off&isDoublePreroll=1&autoSkipVideoSec=20&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1700783565&csuuid=655fe5cd86b79&debugInfo=17256970_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17256970&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed3306uhxzrtjs&secondaryContent=&x=400&y=272&pubUrl=https%3A%2F%2Fwww.turtlediary.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=105&impGap=1&flow_width=400&flow_height=225&videoType=sticky&gdpr=0&gdprConsent=&contentFeedId=&geoLati=-33&geoLong=146&vpTemplate=7748&flowMode=seenboth&isRealPreroll=0&playerApiId=freestarPrimisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=&appName=&appBundleId=https%3A%2F%2Fwww.turtlediary.com%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.181.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-181-84.syd1.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
108e7c09a9d190083c217592e2059a6278e7f23d92f2190be2daa0b9c80440a9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 23:52:46 GMT
via
1.1 f5d6d53193540aa659ec28d5052668d0.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD1-C2
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
patent
https://www.almondnet.com/ip
alt-svc
h3=":443"; ma=86400
pragma
no-cache
server
Apache-Coyote/1.1
vary
Origin
access-control-allow-methods
POST, GET
content-type
text/html
access-control-allow-origin
https://www.turtlediary.com
access-control-max-age
3600
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type, Accept, X-Requested-With, remember-me
x-amz-cf-id
KiPmIBt6of0IhnK5aWN8xmdfprfQajvMBMqgvv6ct2KPM-I3de_1fQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 563F 		43 B
978 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=793790479&rnd=606528&dbsaved=false&iiqidtype=2&iiqpcid=a3925b35-2c07-4c41-8b27-2674e680b371&iiqpciddate=1700783564739&tsrnd=764_1700783566572&fbp=1120628899&vrref=https%3A%2F%2Fwww.turtlediary.com%2F&jsver=5.09
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-44.syd62.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:46 GMT
via
1.1 e3f64b5e1795622ac1fd367fad798c10.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
SYD62-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
rrItlyWoHchRRmSaiDuDqZCWuQSr-v9WLwDDipNCgtjdozrxbBBC7g==
expires
Thu, 01 Jan 1970 00:00:00 GMT
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.77.152.198 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-152-198.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.90 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.turtlediary.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.turtlediary.com
access-control-max-age
600
age
0
content-length
0
date
Thu, 23 Nov 2023 23:52:46 GMT
server
ATS/9.1.10.90
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.77.152.198 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-152-198.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.90 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.turtlediary.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.turtlediary.com
access-control-max-age
600
age
0
content-length
0
date
Thu, 23 Nov 2023 23:52:46 GMT
server
ATS/9.1.10.90
auction
s2s.t13.io/openrtb2/ 		0
0
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
117 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.77.152.198 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-152-198.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.90 /
Resource Hash
2830a50f59578e40f2c23948be43205feb3f38f8599796cec040d31dc9812c48

Request headers

Referer
https://www.turtlediary.com/
x-openrtb-version
2.5
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 23 Nov 2023 23:52:46 GMT
content-encoding
gzip
server
ATS/9.1.10.90
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.turtlediary.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
117 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.77.152.198 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-152-198.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.90 /
Resource Hash
ada879ec79ddf4ac22b8d49b886d14f6c31c411888ff68e13c38fc826154a5df

Request headers

Referer
https://www.turtlediary.com/
x-openrtb-version
2.5
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 23 Nov 2023 23:52:46 GMT
content-encoding
gzip
server
ATS/9.1.10.90
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.turtlediary.com
access-control-allow-credentials
true
content-length
84
v1
btlr.sharethrough.com/universal/ 		589 B
717 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.77.24.115 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-24-115.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
66d162758b12fcef80d51555131f5371153da5a81bb89e93ef14d4ccbdccb328

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 23 Nov 2023 23:52:46 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.turtlediary.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
345
v1
btlr.sharethrough.com/universal/ 		925 B
875 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.77.24.115 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-24-115.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
e708928a99052b23253d34e2bbcef265f289eb36a373e23098db65ac88e148dd

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 23 Nov 2023 23:52:46 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.turtlediary.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
503
v1
btlr.sharethrough.com/universal/ 		725 B
782 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.77.24.115 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-24-115.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6744628dc8d472eacdc35266ae7c9b4bb08a2e246d943fe0542cfba853a62fb7

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 23 Nov 2023 23:52:46 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.turtlediary.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
410
prebid
ads.yieldmo.com/exchange/ 		0
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=7.48.0&p=%5B%7B%22placement_id%22%3A%22turtlediary_rightrail_2%22%2C%22callback_id%22%3A%221314883e03ae5a28%22%2C%22sizes%22%3A%5B%5B336%2C280%5D%2C%5B300%2C250%5D%2C%5B250%2C250%5D%2C%5B300%2C100%5D%2C%5B300%2C50%5D%5D%2C%22ym_placement_id%22%3A%223229990568557748911%22%2C%22gpid%22%3A%22%2F15184186%2Fturtlediary_rightrail_2%2Fturtlediary_rightrail_2%22%2C%22tid%22%3A%22589401c5-f752-47cb-bb6b-c411349898a9%22%2C%22auctionId%22%3A%22f0ecfdb6-aeb7-43e1-ae0c-7225e9a73358%22%7D%5D&page_url=https%3A%2F%2Fwww.turtlediary.com%2F&bust=1700783566620&dnt=false&description=1000%2B%20Free%20Educational%20Games%20for%20kids%20in%20Grade%20K%20to%205.%20Play%20Online%20and%20learn%20math%2C%20science%2C%20language%20arts%2C%20geography%20%26%20much%20more%20only%20with%20our%20award%20winning%20educational%20website.&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=&pr=&scrd=1&title=Educational%20Games%20%7C%20Educational%20Games%20For%20Kids%20%7C%20Turtle%20Diary&w=1600&h=1200&pubcid=62d589a0-990d-45cb-9116-6badf0e9dc12&tdid=26f23103-179c-4aa3-bd2c-21572cdcc184&cri_prebid=ewaYKl93dkU1MFhZbCUyQnZjcTV4TDlxV0psdHBwR2FYUXNSeCUyQmY5WXJ2VSUyRmlqM0I4ZW1TckFKUWpWUlFzRFdtQlJ1dU9vJTJCQU94VmEzR2J5djYwbEEwUTV0N0ZRJTNEJTNE&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.com%22%2C%22sid%22%3A%221564%22%2C%22hp%22%3A1%2C%22rid%22%3A%22fe40b62f-0043-413d-af51-4264084eb444%22%7D%5D%7D&eids=%5B%7B%22source%22%3A%22criteo.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22ewaYKl93dkU1MFhZbCUyQnZjcTV4TDlxV0psdHBwR2FYUXNSeCUyQmY5WXJ2VSUyRmlqM0I4ZW1TckFKUWpWUlFzRFdtQlJ1dU9vJTJCQU94VmEzR2J5djYwbEEwUTV0N0ZRJTNEJTNE%22%2C%22atype%22%3A1%7D%5D%7D%2C%7B%22source%22%3A%22audigent.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22060968ie9966h9h7aj8chfld7high6ec6k9604um6600s6s2ew4iso0k2suqs0mi0%22%2C%22atype%22%3A1%7D%5D%7D%2C%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2262d589a0-990d-45cb-9116-6badf0e9dc12%22%2C%22atype%22%3A1%7D%5D%7D%2C%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2226f23103-179c-4aa3-bd2c-21572cdcc184%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%5D%7D%5D
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.0.243.35 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-0-243-35.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.turtlediary.com
pragma
no-cache
date
Thu, 23 Nov 2023 23:52:46 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
imp
g2.gumgum.com/hbid/ 		2 B
333 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1700783566621&to=-480&aun=turtlediary_rightrail_2&criteoId=ewaYKl93dkU1MFhZbCUyQnZjcTV4TDlxV0psdHBwR2FYUXNSeCUyQmY5WXJ2VSUyRmlqM0I4ZW1TckFKUWpWUlFzRFdtQlJ1dU9vJTJCQU94VmEzR2J5djYwbEEwUTV0N0ZRJTNEJTNE&hadronId=060968ie9966h9h7aj8chfld7high6ec6k9604um6600s6s2ew4iso0k2suqs0mi0&pubcid=62d589a0-990d-45cb-9116-6badf0e9dc12&tdid=26f23103-179c-4aa3-bd2c-21572cdcc184&gpid=%2F15184186%2Fturtlediary_rightrail_2%2Fturtlediary_rightrail_2&maxw=336&maxh=280&si=956834&pi=3&bf=336x280%2C300x250%2C250x250%2C300x100%2C300x50&schain=1.0%2C1!freestar.com%2C1564%2C1%2Cfe40b62f-0043-413d-af51-4264084eb444%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.turtlediary.com%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.48.0%22%7D&ogu=null&ns=10240
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.177.11.1 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-177-11-1.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:46 GMT
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.turtlediary.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
content-length
2
expires
0
imp
g2.gumgum.com/hbid/ 		2 B
333 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1700783566621&to=-480&aun=turtlediary_rightrail_2&criteoId=ewaYKl93dkU1MFhZbCUyQnZjcTV4TDlxV0psdHBwR2FYUXNSeCUyQmY5WXJ2VSUyRmlqM0I4ZW1TckFKUWpWUlFzRFdtQlJ1dU9vJTJCQU94VmEzR2J5djYwbEEwUTV0N0ZRJTNEJTNE&hadronId=060968ie9966h9h7aj8chfld7high6ec6k9604um6600s6s2ew4iso0k2suqs0mi0&pubcid=62d589a0-990d-45cb-9116-6badf0e9dc12&tdid=26f23103-179c-4aa3-bd2c-21572cdcc184&gpid=%2F15184186%2Fturtlediary_rightrail_2%2Fturtlediary_rightrail_2&maxw=336&maxh=280&si=956833&pi=3&bf=336x280%2C300x250%2C250x250%2C300x100%2C300x50&schain=1.0%2C1!freestar.com%2C1564%2C1%2Cfe40b62f-0043-413d-af51-4264084eb444%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.turtlediary.com%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.48.0%22%7D&ogu=null&ns=10240
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.177.11.1 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-177-11-1.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:46 GMT
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.turtlediary.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
content-length
2
expires
0
auction
tlx.3lift.com/header/ 		19 B
746 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.48.0&referrer=https%3A%2F%2Fwww.turtlediary.com%2F&tmax=740
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.76.40.2 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-76-40-2.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:46 GMT
accept-ch
sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.turtlediary.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid
prebid.media.net/rtb/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUJ8GUQF
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
4f3a29b00449660f0ffbe741e97b1c03492abcb0e1722b1c0a573612e56e5e99

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:46 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.turtlediary.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
217
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 23 Nov 2023 23:52:46 GMT
bid
ap.lijit.com/rtb/ 		95 B
629 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.48.0
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.191.163.208 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
8fccd1b16e7908e01dcf3dede92dd655790a37ee261daff7fbbb19d2c64a7c24

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 23 Nov 2023 23:52:46 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.turtlediary.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
hbjson
grid.bidswitch.net/ 		25 B
371 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.7.59 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
59.7.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
966269ebdf4b5e678bf7be4ac3aa0ed983362eaac8e5786bc01472daf74a941f

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 23 Nov 2023 23:52:46 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.turtlediary.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
50
prebid
ib.adnxs.com/ut/v3/ 		139 B
821 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.178 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e7eb2f5d386eac7d24d6289e55ae596969a8da2e2202c123c5333301a64f5322
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:46 GMT
an-x-request-uuid
919129f1-5ecb-4f66-895a-925d8aa3ff47
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.turtlediary.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
66.203.112.163; 66.203.112.163; 591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
139
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebidjs
rtb.openx.net/openrtbb/ 		53 B
95 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
1ffdb3fb1f2d046095ef716a8b47e50a07e4554a79f21623c133bc7f19b30d33

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 23 Nov 2023 23:52:46 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.turtlediary.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 563F 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.92.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-92-138.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 0cf8dd8ff8bb60665199a3fb2c2f8e9e.cloudfront.net (CloudFront)
date
Thu, 23 Nov 2023 01:08:17 GMT
x-amz-cf-pop
SYD62-P1
age
81870
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
gvUVFRqy9S1NqkqQvqtIcLzsIA7cR_tv8QI2rzST62ID6KTtVlv_DQ==
css
fonts.googleapis.com/ 		2 KB
683 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto&display=swap
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D31312D32345F30317D7B7331373235363937307D7B4337377D7B53643364334C6E5231636E52735A57527059584A354C6D4E7662513D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593237327D7B66317D7B4C373734387DFEFE&userIpAddr=66.203.112.163&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F119.0.6045.159+Safari%2F537.36&debugInformation=&isWePassGdpr=1&schain=1.0%2C1%21freestar.com%2C1564%2C1&noViewableMidrollPolicy=off&isDoublePreroll=1&autoSkipVideoSec=20&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1700783565&csuuid=655fe5cd86b79&debugInfo=17256970_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17256970&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed3306uhxzrtjs&secondaryContent=&x=400&y=272&pubUrl=https%3A%2F%2Fwww.turtlediary.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=105&impGap=1&flow_width=400&flow_height=225&videoType=sticky&gdpr=0&gdprConsent=&contentFeedId=&geoLati=-33&geoLong=146&vpTemplate=7748&flowMode=seenboth&isRealPreroll=0&playerApiId=freestarPrimisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=&appName=&appBundleId=https%3A%2F%2Fwww.turtlediary.com%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f10.1e100.net
Software
ESF /
Resource Hash
c87b7f745cfb4a994801488584e6e0e78d6c4f0ad567e985a781fc0b86074724
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 23 Nov 2023 23:52:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 23 Nov 2023 23:22:35 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 23 Nov 2023 23:52:46 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2C70 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D31312D32345F30317D7B7331373235363937307D7B4337377D7B53643364334C6E5231636E52735A57527059584A354C6D4E7662513D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593237327D7B66317D7B4C373734387DFEFE&userIpAddr=66.203.112.163&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F119.0.6045.159+Safari%2F537.36&debugInformation=&isWePassGdpr=1&schain=1.0%2C1%21freestar.com%2C1564%2C1&noViewableMidrollPolicy=off&isDoublePreroll=1&autoSkipVideoSec=20&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1700783565&csuuid=655fe5cd86b79&debugInfo=17256970_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17256970&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed3306uhxzrtjs&secondaryContent=&x=400&y=272&pubUrl=https%3A%2F%2Fwww.turtlediary.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=105&impGap=1&flow_width=400&flow_height=225&videoType=sticky&gdpr=0&gdprConsent=&contentFeedId=&geoLati=-33&geoLong=146&vpTemplate=7748&flowMode=seenboth&isRealPreroll=0&playerApiId=freestarPrimisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=&appName=&appBundleId=https%3A%2F%2Fwww.turtlediary.com%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.215.59.10 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-215-59-10.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://www.turtlediary.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=139079
content-encoding
gzip
content-length
5622
content-type
text/html
date
Thu, 23 Nov 2023 23:52:46 GMT
expires
Sat, 25 Nov 2023 14:30:45 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 0B3B
Redirect Chain
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26gdpr%3D0%26gdpr_consent%3D%26adv...
  • https://live.primis.tech/live/liveCS.php?source=external&gdpr=0&gdpr_consent=&advId=98&advUuid=5ae7fe55-3689-4faf-8e44-4f64b5159078
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1486637409&3rdpcid=5ae7fe55-3689-4faf-8e44-4f64b5159078
43 B
881 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1486637409&3rdpcid=5ae7fe55-3689-4faf-8e44-4f64b5159078
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D31312D32345F30317D7B7331373235363937307D7B4337377D7B53643364334C6E5231636E52735A57527059584A354C6D4E7662513D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593237327D7B66317D7B4C373734387DFEFE&userIpAddr=66.203.112.163&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F119.0.6045.159+Safari%2F537.36&debugInformation=&isWePassGdpr=1&schain=1.0%2C1%21freestar.com%2C1564%2C1&noViewableMidrollPolicy=off&isDoublePreroll=1&autoSkipVideoSec=20&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1700783565&csuuid=655fe5cd86b79&debugInfo=17256970_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17256970&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed3306uhxzrtjs&secondaryContent=&x=400&y=272&pubUrl=https%3A%2F%2Fwww.turtlediary.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=105&impGap=1&flow_width=400&flow_height=225&videoType=sticky&gdpr=0&gdprConsent=&contentFeedId=&geoLati=-33&geoLong=146&vpTemplate=7748&flowMode=seenboth&isRealPreroll=0&playerApiId=freestarPrimisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=&appName=&appBundleId=https%3A%2F%2Fwww.turtlediary.com%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.67.93.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-44.syd62.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Referer
https://www.turtlediary.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
date
Thu, 23 Nov 2023 23:52:47 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 e3f64b5e1795622ac1fd367fad798c10.cloudfront.net (CloudFront)
x-amz-cf-id
tObVtlU7pL7Q82M_IUmyyvPwAyg8_IooqoxvcMyjGp0HxKxdX7rLTA==
x-amz-cf-pop
SYD62-P1
x-cache
Miss from cloudfront

Redirect headers

age
0
alt-svc
h3=":443"; ma=86400
cache-control
no-store
content-type
text/html; charset=utf-8
date
Thu, 23 Nov 2023 23:52:46 GMT
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1486637409&3rdpcid=5ae7fe55-3689-4faf-8e44-4f64b5159078
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
pragma
no-cache
server
nginx
via
1.1 fb176da9df72832dd488674f28c0a880.cloudfront.net (CloudFront)
x-amz-cf-id
1iQbw9qrZlZELCryXLajn-csfTLN5ySS376vHtxygs1HlVh_wS4lyg==
x-amz-cf-pop
SIN5-C1
x-cache
Miss from cloudfront
liveView.php
live.primis.tech/live/ Frame 563F 		120 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0jJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMwUyMxZ2nWRyolUlRaVmZXJmJTJGY29hqzVlqGVxJTJGMwQ0ODUyMxZ2nWRyo181ZwFyZzQ5OTJuYWNxMmI1MDE2MDplJTJGqzyxNWYlYWM3YwM1YWY0ZTQmMmI2NTxkNC5gpDQyM0Z0o2fyM0Ryq29aSUNBZ0ygRaNnrUx2SUNKSVV6STFOnUymQ2yBZ0yDQWyxSGk3SWciZ0yepFuWQ0yLZyEhZXqiZ0yDQWqJoWk6Y3yJNxyDSyFwoWk0YVuNnUkBo2qJQ0FaSW5OMVycSTZJQ0y2ZFuCp2IlRzgwrTydYzcJMUjmWaBnR1Z2TDNWrycYSacMMx52Yz5noGNhUzknQmu5TxRRNE5TOTJuV1JfYwE4MVcdRzknoVE1T1RKnFyXTzgNrxxkTURFMx1EY3yMM1cjWxRWoU1gRzcOMxy6TyqGoU5HVTBNrx15TzcVNU1UUXVvWEEjSWy3S0yDQWqJQ0c1WW1ZnU9cQXuOrxF3Tzceq05EQXqMQW9aSUNBZ0ygVwRwQ0x2SURFM01EQTRPRFE1TWcBS2ZRLyFTV0uSnauenGE4OWxgUxkNRDFOTzZYrWRhS2c5WS1yqyBhnwV2UFFNN2pzqzyxX2NioaRyoaRsnWQ9OTM1NTQmJaZcZF9wo250ZW50X2Ryp2M9Q2uupzkcZSgDo25aYXMeV2y0nCgHoG9lnWEeRXN0ZWZuovUlMSZ2nWRsY29hqGVhqF90nXRfZT1DnGFloGyyK0NiozquplgXnXRbK0qfo3JcYSgFp3RyZzFhJTIkJaZcZF9wo250ZW50X2R1pzF0nW9hPTEkNSZjoGFwZW1yoaRTqHJyYW1UrXByPTMzZGVvqWqJozZipz1uqGyiow0zpGkurWkcp3RJZD0kMmA2MvZ4PTQjMCZ5PTIlNSZjqWJVpzj9nHR0pHMyM0EyMxYyMxZ3q3phqHVlqGkyZGyupaxhY29gJTJGJaJcPTZDNwx3NwY1NTM3NDYkNmQ3MmqDNmM2QwMkN0I1NDMjN0Q3QwY0MmImMDMlMmMlRDMkMmElRDMlMmQ1RwMjMmE3RDqCNmMmMTM3MmImNTM2MmxmNmMjN0Q3QwQmMmpmNmqEN0I1MmY0MmM2NDMmNEM2RTUlMmE2MmZFNTI3MmVBNTp1MwpjNTx1ODRBMmU0QmZENEU3NwYlNTEmRDNEN0Q3QwYlNwM2ODplNxY2RDY1N0Q3QwpkNwQ2NTpmNxI3NDZGNmA3RDqCNxY3NmY5NxU2NDZGNmp3MmqEN0I1ODM0MmAmMDqEN0I1OTMlMmpmMwqEN0I2NwMkN0Q3QwRDMmpmNmM0Mmt3REZFRxUzYXBjTzFgZT0znXNBpHA9MCZupHBJZD0zZGyunWQ9JzFjpEJ1ozRfZUyxPWu0qHBmJTNBJTJGJTJGq3q3LaR1paRfZWRcYXJ5LzNioSUlRvZupHBTqG9lZVVloD0zYXBjUHJcqzFwrVBioGywrT0zYXBjSXNQYWyxPSZupHBWZXJmnW9hPSZmZGg2PSZupHBEZXZyoG9jZXI9Jzqyo0kuqGx9LTMmJzqyo0kiozp9MTQ2JaVmZXJJpEFxZHI9NwYhMwAmLwEkMv4kNwMzqXNypyVBPU1irzyfoGEyMxY1LwAeJTI4V2yhZG93plgOVCfkMC4jJTNCK1qcowY0JTNCK3t2NCUlOSgBpHBfZVqyYxgcqCUlRwUmNl4mNvfyMwuLSFRNTCUlQlgfnWgyK0qyY2giJTI5K0Nbpz9gZSUlRwEkOS4jLwYjNDUhMTU5K1NuZzFlnSUlRwUmNl4mNvZmY2uunW49MS4jJTJDMSUlMWZlZWVmqGFlLzNioSUlQmE1NwQyMxMkJaBfYXyypxFjnUyxPWZlZWVmqGFlUHJcoWymUGkurWVlJzF2YWyfQ2FgpGFcZ25mPSZcp0FjpEcmPTAzY3N1qWyxPTY1NWZyNWNxODZvNmxzY2J1p3Rypw0kNmAjNmtmNTY2ODE2
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D31312D32345F30317D7B7331373235363937307D7B4337377D7B53643364334C6E5231636E52735A57527059584A354C6D4E7662513D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593237327D7B66317D7B4C373734387DFEFE&userIpAddr=66.203.112.163&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F119.0.6045.159+Safari%2F537.36&debugInformation=&isWePassGdpr=1&schain=1.0%2C1%21freestar.com%2C1564%2C1&noViewableMidrollPolicy=off&isDoublePreroll=1&autoSkipVideoSec=20&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1700783565&csuuid=655fe5cd86b79&debugInfo=17256970_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17256970&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed3306uhxzrtjs&secondaryContent=&x=400&y=272&pubUrl=https%3A%2F%2Fwww.turtlediary.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=105&impGap=1&flow_width=400&flow_height=225&videoType=sticky&gdpr=0&gdprConsent=&contentFeedId=&geoLati=-33&geoLong=146&vpTemplate=7748&flowMode=seenboth&isRealPreroll=0&playerApiId=freestarPrimisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=&appName=&appBundleId=https%3A%2F%2Fwww.turtlediary.com%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-4.sin5.r.cloudfront.net
Software
nginx /
Resource Hash
71dbd6930e59dcb260c08741ae72261275139765dbe949ca7e98516aa422c1dc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 23:52:46 GMT
content-encoding
gzip
via
1.1 fb176da9df72832dd488674f28c0a880.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN5-C1
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc
h3=":443"; ma=86400
content-length
10695
pragma
no-cache
server
nginx
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.turtlediary.com
cache-control
no-store
access-control-allow-credentials
true
x-amz-cf-id
nusxvllaOFo3qNz4A1AZQZFe4Kc3PdJBRp_Xg6PiGjkvDp3O0zIgfQ==
chunklist_480.m3u8
video.primis.tech/uploads/cn25/video/users/hls/24485/video_5f1efd992aacd325016072/vid5f2ac7b35af4e433265914.mp4/ 		773 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn25/video/users/hls/24485/video_5f1efd992aacd325016072/vid5f2ac7b35af4e433265914.mp4/chunklist_480.m3u8
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.3.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-3-9.lax50.r.cloudfront.net
Software
nginx /
Resource Hash
88ead20839122c0145320cfe2854b19d2e87d2850dfb71977caab6be3813b641

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 23:24:27 GMT
via
1.1 117ba34fde3b271fec940af3fdfd86d4.cloudfront.net (CloudFront), 1.1 ad0709bedfde2db64fca0e2b4d741932.cloudfront.net (CloudFront)
x-amz-cf-pop
LAX3-C4, LAX50-P1
age
4936
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
773
last-modified
Wed, 18 Aug 2021 10:06:33 GMT
server
nginx
etag
"f8ea9ab0641a2fa305bfd5c93f4c8cb2"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
cache-control
max-age=86400
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
HWkBtCrkkg4JZQN9Axs1Mncds_TRU2SKXIgXsUT0g_1Ej5H65oAtpw==
expires
Fri, 24 Nov 2023 22:30:31 GMT
liveView.php
live.primis.tech/live/ 		0
444 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTUjJaNypaZypyRcoWU9MTpjMDp4MmU2NvZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTE0NTY0JaN0YT0jJat9NDAjJax9MwplJaZcZF9jYXNmRG9gYWyhPXq3ql50qXJ0oGVxnWFlrS5wo20zp3VvSWQ9q3q3LaR1paRfZWRcYXJ5LzNioSZxZWJ1Z0yhZz9loWF0nW9hPSZcp0FjpD0jJaNxn3Y9JaJcPTZDNwx3NwY1NTM3NDYkNmQ3MmqDNmM2QwMkN0I1NDMjN0Q3QwY0MmImMDMlMmMlRDMkMmElRDMlMmQ1RwMjMmE3RDqCNmMmMTM3MmImNTM2MmxmNmMjN0Q3QwQmMmpmNmqEN0I1MmY0MmM2NDMmNEM2RTUlMmE2MmZFNTI3MmVBNTp1MwpjNTx1ODRBMmU0QmZENEU3NwYlNTEmRDNEN0Q3QwYlNwM2ODplNxY2RDY1N0Q3QwpkNwQ2NTpmNxI3NDZGNmA3RDqCNxY3NmY5NxU2NDZGNmp3MmqEN0I1ODM0MmAmMDqEN0I1OTMlMmpmMwqEN0I2NwMkN0Q3QwRDMmpmNmM0Mmt3REZFRxUzZGyunWQ9JaVmZXJJpEFxZHI9NwYhMwAmLwEkMv4kNwMzqXNypyVBPU1irzyfoGEyMxY1LwAyMwAyMwuXnW5xo3qmJTIjTyQyMwAkMC4jJTNCJTIjV2yhNwQyM0IyMwB4NwQyMwxyMwBBpHBfZVqyYxgcqCUlRwUmNl4mNvUlMCUlOEgIVE1MJTJDJTIjoGyeZSUlMEqyY2giJTI5JTIjQ2ulo21yJTJGMTE5LwAhNwA0NS4kNTxyMwBTYWZupzxyMxY1MmphMmYzY3N1qWyxPTY1NWZyNWNxODZvNmxzY29hqGVhqEZcoGVJZD0jJz1yZGyuUGkurUkcp3RJZD0jJz1yZGyuTGymqEyxPTAzZ2Rjpw0jJzqxpHJDo25mZW50PSZcp1qyUGFmp0qxpHI9MSZwY3BuPTAzY2NjYUNioaNyoaQ9JzNvqXN0ZXI9MTpjMDp4MmU2Nwp5NlZ1nWQ9U2VenW5xo1NQoGF5ZXI2NTVzZTVwZTImMDI4JaB1YyVloD1bqHRjplUmQSUlRvUlRaq3ql50qXJ0oGVxnWFlrS5wo20yMxYzZzkiYXRTqGF0qXM9qHJ1ZSZynWRmpD1cnXEzpHucZD1yMzMkNmyuMGQjNDY4MzY2YWNzOTx0OTJzMTQkMwU0NA==
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-4.sin5.r.cloudfront.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:46 GMT
content-encoding
gzip
via
1.1 fb176da9df72832dd488674f28c0a880.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SIN5-C1
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
G3G0O7oyB-qABmUiLBWp5kMb6bpmP3tZ47hUHdesNVCQGdyN3Ycsxg==
p-1ZHFxK2kGG5Cz.gif
pixel.quantserve.com/pixel/ Frame 563F 		35 B
211 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel/p-1ZHFxK2kGG5Cz.gif?labels=publisher.27975.space.114564,adsize.400x272
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.180 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 23 Nov 2023 23:52:46 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
sync
x.bidswitch.net/ Frame 563F
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=sekindo&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=sekindo&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sekindo&bsw_param=3cc72092-cbe6-47a1-a4f7-0360898fc560&google_hm=M2NjNzIwOTItY2JlNi00N2ExLWE0ZjctMDM2MDg5OGZjNTYw
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEHc25xBb2AFVZofldoRsqes&google_cver=1&ssp=sekindo&bsw_param=3cc72092-cbe6-47a1-a4f7-0360898fc560
43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEHc25xBb2AFVZofldoRsqes&google_cver=1&ssp=sekindo&bsw_param=3cc72092-cbe6-47a1-a4f7-0360898fc560
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
HTTP/1.1
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 23:52:47 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEHc25xBb2AFVZofldoRsqes&google_cver=1&ssp=sekindo&bsw_param=3cc72092-cbe6-47a1-a4f7-0360898fc560
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
360
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 563F
Redirect Chain
  • https://csync.loopme.me/?pubid=11280&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D93%26advUuid%3D%7Bviewer_token%7D
  • https://live.primis.tech/live/liveCS.php?source=external&advId=93&advUuid=8dbad5b6-2f99-471c-876c-6c700708221d&gdpr_consent=null&gdpr=0
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=417208643&3rdpcid=8dbad5b6-2f99-471c-876c-6c700708221d
43 B
882 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=417208643&3rdpcid=8dbad5b6-2f99-471c-876c-6c700708221d
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H3
Server
18.67.93.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-44.syd62.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:47 GMT
via
1.1 e3f64b5e1795622ac1fd367fad798c10.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
SYD62-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
U9jKN0pVs9kayREAHHKzAPxtp0D3sptRVctlBHMaLPuFlIKAa3qLKg==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:47 GMT
via
1.1 fb176da9df72832dd488674f28c0a880.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SIN5-C1
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=417208643&3rdpcid=8dbad5b6-2f99-471c-876c-6c700708221d
content-type
text/html; charset=utf-8
cache-control
no-store
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
jSuQg7J95Mq_ulFHaC1MMTQZm97pJdaxBJH6j9VEj69yxlyZ5ZKmCg==
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 563F
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191923&gdpr=0&gdpr_consent=&cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D99%26advUuid%3D
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D99%26advUuid%3D&gdpr=0&gdpr_consent=&s=191923&C=1
  • https://live.primis.tech/live/liveCS.php?source=external&advId=99&advUuid=ZV-lzhynmEB9jLIUcQ17wgAA%264705
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=2120880633&3rdpcid=ZV-lzhynmEB9jLIUcQ17wgAA%264705
43 B
881 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=2120880633&3rdpcid=ZV-lzhynmEB9jLIUcQ17wgAA%264705
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H3
Server
18.67.93.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-44.syd62.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:47 GMT
via
1.1 e3f64b5e1795622ac1fd367fad798c10.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
SYD62-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
d507j7-RYeNdpZlQdL4sDXW8ljVsuLIhF-v2N_pqeFSTLSrLq7cy0g==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:46 GMT
via
1.1 fb176da9df72832dd488674f28c0a880.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SIN5-C1
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=2120880633&3rdpcid=ZV-lzhynmEB9jLIUcQ17wgAA%264705
content-type
text/html; charset=utf-8
cache-control
no-store
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
5cIRYtU5qc3czD0bZQPl6nbAXbB5-sKASybICn67CF5v3UWMc_tgLw==
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 563F
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D121%26advUuid%3D%24UID
  • https://live.primis.tech/live/liveCS.php?source=external&advId=121&advUuid=4432233494926843335826
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=259151345&3rdpcid=4432233494926843335826
43 B
883 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=259151345&3rdpcid=4432233494926843335826
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H3
Server
18.67.93.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-44.syd62.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:47 GMT
via
1.1 e3f64b5e1795622ac1fd367fad798c10.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
SYD62-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
Jj0UR0Lobv_qLwVaz0AMR31rGhD8VPBOiIOK4SDk39ZMm3bIN1nWPw==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:46 GMT
via
1.1 fb176da9df72832dd488674f28c0a880.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SIN5-C1
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=259151345&3rdpcid=4432233494926843335826
content-type
text/html; charset=utf-8
cache-control
no-store
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
8dps282kdnCsXi6BNPUkcVo2l6wAo55hkvMKqU0w20lKqe-oQds7RA==
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 563F
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis&gdpr=0&gdpr_consent=
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LPBUMEW9-N-2Z93&gdpr=0
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LPBUMEW9-N-2Z93
43 B
882 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LPBUMEW9-N-2Z93
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H3
Server
18.67.93.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-44.syd62.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:47 GMT
via
1.1 e3f64b5e1795622ac1fd367fad798c10.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
SYD62-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
OWLa1lqiOLeW8sz3kHpv4c7KIqmSnfMHudsRKzs7jfapgZL9qcIOkw==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:46 GMT
via
1.1 fb176da9df72832dd488674f28c0a880.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SIN5-C1
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LPBUMEW9-N-2Z93
content-type
text/html; charset=utf-8
cache-control
no-store
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
b-yiY64AoTJNaET1BF4g18hhFKOJ8yZRD0MzWv7C--NOkKeJ5MuuEw==
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 563F
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58818/sync?redir=true&gdpr=0&gdpr_consent=
  • https://live.primis.tech/live/liveCS.php?source=external&advId=128&advUuid=y-2dFoKitE2uKnZjrS2J7UtwiLvg.jkVfb~A
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1028935272&3rdpcid=y-2dFoKitE2uKnZjrS2J7UtwiLvg.jkVfb~A
43 B
882 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1028935272&3rdpcid=y-2dFoKitE2uKnZjrS2J7UtwiLvg.jkVfb~A
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H3
Server
18.67.93.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-44.syd62.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:47 GMT
via
1.1 e3f64b5e1795622ac1fd367fad798c10.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
SYD62-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
IgDxhZrzYse2O3uviOWCkoCZ5Zhz-zKlua2e1iuYWHXgg6vilt4_Bw==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:46 GMT
via
1.1 fb176da9df72832dd488674f28c0a880.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SIN5-C1
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1028935272&3rdpcid=y-2dFoKitE2uKnZjrS2J7UtwiLvg.jkVfb~A
content-type
text/html; charset=utf-8
cache-control
no-store
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
PVltcSDhhw210cF01obvcpi-XfO0fmK4TG3Q3dPbijPNaCTHHvstMQ==
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 563F
Redirect Chain
  • https://mb9eo.publishers.tremorhub.com/pubsync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D126%26advUuid%3D%5Btvid%5D
  • https://mb9eo.publishers.tremorhub.com/pubsync/verify?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D126%26advUuid%3D%5Btvid%5D
  • https://live.primis.tech/live/liveCS.php?source=external&advId=126&advUuid=490ae67b0c49450a8be7b274506cf215
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=584182936&3rdpcid=490ae67b0c49450a8be7b274506cf215
43 B
881 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=584182936&3rdpcid=490ae67b0c49450a8be7b274506cf215
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H3
Server
18.67.93.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-44.syd62.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:48 GMT
via
1.1 e3f64b5e1795622ac1fd367fad798c10.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
SYD62-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
gjkqF4Jvps5liYPpEefv-8zgiAIaOUCYSEyv71v-xkNuyVo_EfDKGA==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:47 GMT
via
1.1 fb176da9df72832dd488674f28c0a880.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SIN5-C1
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=584182936&3rdpcid=490ae67b0c49450a8be7b274506cf215
content-type
text/html; charset=utf-8
cache-control
no-store
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
FAS_qRnp4kqeUDIzWiWS6YoLJFlkUBXJbKELwCAbMaMPxI1RpP-SUQ==
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 563F
Redirect Chain
  • https://cs.media.net/cksync?gdpr=0&gdpr_consent=&cs=34&type=pri&ovsid=655fe5cd86b79&redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D127%26advUuid%3D%3Cvsid%3E
  • https://live.primis.tech/live/liveCS.php?source=external&advId=127&advUuid=3437851672889994000V10
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1723987475&3rdpcid=3437851672889994000V10
43 B
882 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1723987475&3rdpcid=3437851672889994000V10
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H3
Server
18.67.93.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-44.syd62.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:47 GMT
via
1.1 e3f64b5e1795622ac1fd367fad798c10.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
SYD62-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
cVBrF2IwJbdO88LKfibHCOSeYk7-Zw6nOQB1qFRjFqW6e73zuZDp2g==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:47 GMT
via
1.1 fb176da9df72832dd488674f28c0a880.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SIN5-C1
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1723987475&3rdpcid=3437851672889994000V10
content-type
text/html; charset=utf-8
cache-control
no-store
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
i6mkmk276tih5kTEWg3kLxp2_D3ifGnrLNSsnOlX5nhhpD-da3q7yQ==
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 563F
Redirect Chain
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D130%26advUuid%3D%24UID
  • https://live.primis.tech/live/liveCS.php?source=external&advId=130&advUuid=HtPYCBZHK455dcM8RgS60SKz
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=396218182&3rdpcid=HtPYCBZHK455dcM8RgS60SKz
43 B
879 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=396218182&3rdpcid=HtPYCBZHK455dcM8RgS60SKz
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H3
Server
18.67.93.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-44.syd62.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:47 GMT
via
1.1 e3f64b5e1795622ac1fd367fad798c10.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
SYD62-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
42G_ka_a-tzxg7LNo0C6Od0p72uEQdletajqpeWouQRH9cypB6eT4w==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:46 GMT
via
1.1 fb176da9df72832dd488674f28c0a880.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SIN5-C1
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=396218182&3rdpcid=HtPYCBZHK455dcM8RgS60SKz
content-type
text/html; charset=utf-8
cache-control
no-store
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
QcoxtnaeB15BcjcF9D3CK5ky9GvU1RyK-AbsaiFLDF09cWAV58-AHg==
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 563F
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3586&gdpr=0&gdpr_consent=
  • https://live.primis.tech/live/liveCS.php?source=external&advId=134&advUuid=194134d25b8e7f49e6297c71ab29890&gdpr_consent=&gdpr=0
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=484859127&3rdpcid=194134d25b8e7f49e6297c71ab29890
43 B
880 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=484859127&3rdpcid=194134d25b8e7f49e6297c71ab29890
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H3
Server
18.67.93.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-44.syd62.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:48 GMT
via
1.1 e3f64b5e1795622ac1fd367fad798c10.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
SYD62-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
6ckBGj7MXOb0f1-YsCbShP5QxTfiWw7Yyoo_OD7-d0M-1jyt9ru4cw==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:47 GMT
via
1.1 fb176da9df72832dd488674f28c0a880.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SIN5-C1
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=484859127&3rdpcid=194134d25b8e7f49e6297c71ab29890
content-type
text/html; charset=utf-8
cache-control
no-store
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
4hzkCq0Tx3FkEjPfCWEmD01BpM1qGlL-jfcn3QDWwndKjgL_j50gXg==
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 563F
Redirect Chain
  • https://cs.admanmedia.com/3613a31b6329d1c17d5663d05b080db1.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D138%26advUuid%3D%5BUID%5D
  • https://live.primis.tech/live/liveCS.php?source=external&advId=138&advUuid=31abebff-afd5-4662-a348-a6b399a78fbb
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=2136778551&3rdpcid=31abebff-afd5-4662-a348-a6b399a78fbb
43 B
881 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=2136778551&3rdpcid=31abebff-afd5-4662-a348-a6b399a78fbb
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H3
Server
18.67.93.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-44.syd62.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:48 GMT
via
1.1 e3f64b5e1795622ac1fd367fad798c10.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
SYD62-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
1OzMlX0XNuO2ciWDUh0M_jGmvegemRPr4tU_dGWdXbXzG0TVEei5qQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:47 GMT
via
1.1 fb176da9df72832dd488674f28c0a880.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SIN5-C1
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=2136778551&3rdpcid=31abebff-afd5-4662-a348-a6b399a78fbb
content-type
text/html; charset=utf-8
cache-control
no-store
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
hlgRjcnJKSKT1bKHYrDkYKyGx-bie_42SMGrTcLaij05uOC9CRLLAg==
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 563F
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=21&redirectUri=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D140%26advUuid%3D%5Bssb_sync_pid%5D&gdpr=0&...
  • https://live.primis.tech/live/liveCS.php?source=external&advId=140&advUuid=8367014382429034701
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1881119486&3rdpcid=8367014382429034701
43 B
882 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1881119486&3rdpcid=8367014382429034701
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H3
Server
18.67.93.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-44.syd62.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:48 GMT
via
1.1 e3f64b5e1795622ac1fd367fad798c10.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
SYD62-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
mZ-1WbErdjKCMobbtMCgPzcGpGEIS-3WS-iZuWqUuc-TSnMFYSZ9_w==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:47 GMT
via
1.1 fb176da9df72832dd488674f28c0a880.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SIN5-C1
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1881119486&3rdpcid=8367014382429034701
content-type
text/html; charset=utf-8
cache-control
no-store
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
NKF9VU6bk5LCiApjELLT_7W-copUBg9LfykIsksTCA1ZJIBm_IjUhQ==
cookie
cm.adform.net/ Frame 563F 		43 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D143%26advUuid%3D%24UID
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.230 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 23:52:48 GMT
server
nginx
content-length
43
content-type
image/gif
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 563F
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=Wog2sp89&gdpr=0&gdpr_consent=
  • https://live.primis.tech/live/liveCS.php?source=external&advId=144&advUuid=93b9f0fb-9ff4-4e23-914c-3da2902f1b41&gdpr=0
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=2011327056&3rdpcid=93b9f0fb-9ff4-4e23-914c-3da2902f1b41
43 B
881 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=2011327056&3rdpcid=93b9f0fb-9ff4-4e23-914c-3da2902f1b41
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H3
Server
18.67.93.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-44.syd62.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:48 GMT
via
1.1 e3f64b5e1795622ac1fd367fad798c10.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
SYD62-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
uJLQiGDN1_ZvBZHoSuSJ4r8l0u6P1ifycijaCIzdQLLOYm1NP3GLjg==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:47 GMT
via
1.1 fb176da9df72832dd488674f28c0a880.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SIN5-C1
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=2011327056&3rdpcid=93b9f0fb-9ff4-4e23-914c-3da2902f1b41
content-type
text/html; charset=utf-8
cache-control
no-store
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
ahN-kElNqhETW3eV6I-gW0BmSG-vBzdotcmNCDG4BFF4KRLb80tC3Q==
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 563F
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=primis&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/rmpssp?sub=primis&zcc=1&cb=1700783567847
  • https://ad.turn.com/r/cs?pid=45&rndcb=7006105378
  • https://sync.1rx.io/usersync/turn/3845728713393831377?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-38d097bd-d4ec-4a21-af4c-64c777d98054-004?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D119%26advUuid%3DRX-38...
  • https://live.primis.tech/live/liveCS.php?source=external&advId=119&advUuid=RX-38d097bd-d4ec-4a21-af4c-64c777d98054-004
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=541745869&3rdpcid=RX-38d097bd-d4ec-4a21-af4c-64c777d98054-004
43 B
882 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=541745869&3rdpcid=RX-38d097bd-d4ec-4a21-af4c-64c777d98054-004
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H3
Server
18.67.93.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-44.syd62.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:49 GMT
via
1.1 e3f64b5e1795622ac1fd367fad798c10.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
SYD62-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
OfHiAsz7eglBYrpEh1xL85OMl-wKv9SF380-KA22J49U2WSFMDwWTQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:49 GMT
via
1.1 fb176da9df72832dd488674f28c0a880.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SIN5-C1
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=541745869&3rdpcid=RX-38d097bd-d4ec-4a21-af4c-64c777d98054-004
content-type
text/html; charset=utf-8
cache-control
no-store
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
GaUlLDW4ZsscrBO7KhnP0HRpL8YHtVi3e5fXI60Dl1u32LVpv1z0HA==
vid5f2ac7b35af4e433265914.jpg
video.primis.tech/uploads/cn25/video/users/converted/24485/video_5f1efd992aacd325016072/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn25/video/users/converted/24485/video_5f1efd992aacd325016072/vid5f2ac7b35af4e433265914.jpg?cbuster=1596639157
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.3.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-3-9.lax50.r.cloudfront.net
Software
nginx /
Resource Hash
966f958137fce9d27b6ac2ed207b7288fd830ec8f2f197409bf1996f80e0d94a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 01:10:00 GMT
via
1.1 4c18e6ed879a674305cb5156731cf396.cloudfront.net (CloudFront), 1.1 06fa0f3b57bb062326f863cfef461d62.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C1, LAX50-P1
age
81767
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
23418
last-modified
Tue, 17 Aug 2021 18:12:58 GMT
server
nginx
etag
"c55abd64fac947a05a6d5d556a533ed6"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
LMqMLhAEhZAcpN_3_UvPE2LsOqiKo_wtGjB2JHwvS-QVZ1Lvzrgt5Q==
expires
Fri, 24 Nov 2023 01:10:00 GMT
liveView.php
live.primis.tech/live/ Frame 563F 		102 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMwUyMxZ2nWRyolUlRaVmZXJmJTJGY29hqzVlqGVxJTJGMwQ0ODUyMxZ2nWRyo181ZwFyZzQ5OTJuYWNxMmI1MDE2MDplJTJGqzyxNWYlYWM3YwM1YWY0ZTQmMmI2NTxkNC5gpDQyM0Z0o2fyM0Ryq29aSUNBZ0ygRaNnrUx2SUNKSVV6STFOnUymQ2yBZ0yDQWyxSGk3SWciZ0yepFuWQ0yLZyEhZXqiZ0yDQWqJoWk6Y3yJNxyDSyFwoWk0YVuNnUkBo2qJQ0FaSW5OMVycSTZJQ0y2ZFuCp2IlRzgwrTydYzcJMUjmWaBnR1Z2TDNWrycYSacMMx52Yz5noGNhUzknQmu5TxRRNE5TOTJuV1JfYwE4MVcdRzknoVE1T1RKnFyXTzgNrxxkTURFMx1EY3yMM1cjWxRWoU1gRzcOMxy6TyqGoU5HVTBNrx15TzcVNU1UUXVvWEEjSWy3S0yDQWqJQ0c1WW1ZnU9cQXuOrxF3Tzceq05EQXqMQW9aSUNBZ0ygVwRwQ0x2SURFM01EQTRPRFE1TWcBS2ZRLyFTV0uSnauenGE4OWxgUxkNRDFOTzZYrWRhS2c5WS1yqyBhnwV2UFFNN2pzqzyxX2NioaRyoaRsnWQ9OTM1NTQmJaZcZF9wo250ZW50X2Ryp2M9Q2uupzkcZSgDo25aYXMeV2y0nCgHoG9lnWEeRXN0ZWZuovUlMSZ2nWRsY29hqGVhqF90nXRfZT1DnGFloGyyK0NiozquplgXnXRbK0qfo3JcYSgFp3RyZzFhJTIkJaZcZF9wo250ZW50X2R1pzF0nW9hPTEkNSZjoGFwZW1yoaRTqHJyYW1UrXByPTMzZGVvqWqJozZipz1uqGyiow0zpGkurWkcp3RJZD0kMmA2MvZ4PTQjMCZ5PTIlNSZjqWJVpzj9nHR0pHMyM0EyMxYyMxZ3q3phqHVlqGkyZGyupaxhY29gJTJGJaJcPTZDNwx3NwY1NTM3NDYkNmQ3MmqDNmM2QwMkN0I1NDMjN0Q3QwY0MmImMDMlMmMlRDMkMmElRDMlMmQ1RwMjMmE3RDqCNmMmMTM3MmImNTM2MmxmNmMjN0Q3QwQmMmpmNmqEN0I1MmY0MmM2NDMmNEM2RTUlMmE2MmZFNTI3MmVBNTp1MwpjNTx1ODRBMmU0QmZENEU3NwYlNTEmRDNEN0Q3QwYlNwM2ODplNxY2RDY1N0Q3QwpkNwQ2NTpmNxI3NDZGNmA3RDqCNxY3NmY5NxU2NDZGNmp3MmqEN0I1ODM0MmAmMDqEN0I1OTMlMmpmMwqEN0I2NwMkN0Q3QwRDMmpmNmM0Mmt3REZFRxUzYXBjTzFgZT0znXNBpHA9MCZupHBJZD0zZGyunWQ9JzFjpEJ1ozRfZUyxPWu0qHBmJTNBJTJGJTJGq3q3LaR1paRfZWRcYXJ5LzNioSUlRvZupHBTqG9lZVVloD0zYXBjUHJcqzFwrVBioGywrT0zYXBjSXNQYWyxPSZupHBWZXJmnW9hPSZmZGg2PSZupHBEZXZyoG9jZXI9Jzqyo0kuqGx9LTMmJzqyo0kiozp9MTQ2JaVmZXJJpEFxZHI9NwYhMwAmLwEkMv4kNwMzqXNypyVBPU1irzyfoGEyMxY1LwAeJTI4V2yhZG93plgOVCfkMC4jJTNCK1qcowY0JTNCK3t2NCUlOSgBpHBfZVqyYxgcqCUlRwUmNl4mNvfyMwuLSFRNTCUlQlgfnWgyK0qyY2giJTI5K0Nbpz9gZSUlRwEkOS4jLwYjNDUhMTU5K1NuZzFlnSUlRwUmNl4mNvZmY2uunW49MS4jJTJDMSUlMWZlZWVmqGFlLzNioSUlQmE1NwQyMxMkJaBfYXyypxFjnUyxPWZlZWVmqGFlUHJcoWymUGkurWVlJzF2YWyfQ2FgpGFcZ25mPSZcp0FjpEcmPTAzY3N1qWyxPTY1NWZyNWNxODZvNmxzY2J1p3Rypw0kNmAjNmtmNTY2ODM4
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D31312D32345F30317D7B7331373235363937307D7B4337377D7B53643364334C6E5231636E52735A57527059584A354C6D4E7662513D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593237327D7B66317D7B4C373734387DFEFE&userIpAddr=66.203.112.163&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F119.0.6045.159+Safari%2F537.36&debugInformation=&isWePassGdpr=1&schain=1.0%2C1%21freestar.com%2C1564%2C1&noViewableMidrollPolicy=off&isDoublePreroll=1&autoSkipVideoSec=20&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1700783565&csuuid=655fe5cd86b79&debugInfo=17256970_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17256970&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed3306uhxzrtjs&secondaryContent=&x=400&y=272&pubUrl=https%3A%2F%2Fwww.turtlediary.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=105&impGap=1&flow_width=400&flow_height=225&videoType=sticky&gdpr=0&gdprConsent=&contentFeedId=&geoLati=-33&geoLong=146&vpTemplate=7748&flowMode=seenboth&isRealPreroll=0&playerApiId=freestarPrimisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=&appName=&appBundleId=https%3A%2F%2Fwww.turtlediary.com%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-4.sin5.r.cloudfront.net
Software
nginx /
Resource Hash
0d71b8cb8d3ce6a22b11bc6b34023ba9ff9a00470ab1915f888f243a6d6e782d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 23:52:46 GMT
content-encoding
gzip
via
1.1 fb176da9df72832dd488674f28c0a880.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN5-C1
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc
h3=":443"; ma=86400
content-length
11369
pragma
no-cache
server
nginx
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.turtlediary.com
cache-control
no-store
access-control-allow-credentials
true
x-amz-cf-id
lUHm6FFJwWcsF9SZEStRUMRRKeTobGQZ2_X08MmNKACa7PdDZd6VaQ==
PugMaster
image6.pubmatic.com/AdServer/ Frame 2C70 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=14786769&p=159196&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
a87e670b5f030bdc06abd0237adcde32bc1914705e0a137a4bce997ad91fe610

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 23 Nov 2023 23:52:46 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f3.1e100.net
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.turtlediary.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 20:50:19 GMT
x-content-type-options
nosniff
age
529347
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Nov 2024 20:50:19 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ Frame 563F 		186 B
478 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_18.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.92 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ddde42b838df34e811616678de619c67de435d02f058004fa6a09b4c835a5c1c

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/2.3.0
Content-Type
application/json
access-control-allow-origin
https://www.turtlediary.com
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
176
Expires
0
v1
btlr.sharethrough.com/universal/ Frame 563F 		534 B
678 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_18.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.77.24.115 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-24-115.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
9ce999a407cf24f16d8b3d52923f53505d7153314749794d0d153608e5873716

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 23 Nov 2023 23:52:47 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.turtlediary.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
306
liveInternalSsp.php
rtb.primis.tech/live/ Frame 563F 		25 B
516 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.primis.tech/live/liveInternalSsp.php?sspData=%7B%22enc%22%3Atrue%2C%22comp%22%3Atrue%2C%22data%22%3A%22%5C%22rJmgWygT6mtS%2FwVU7T7tfakL%2FButp5YqDxMNj5mHU7KfJBbplliJBPw105JyS048mJCCU2jgdZQTd9WgVy8%2BXU9zZlqR9EAFPE%2FvRss%2FOjcS%2FR6qj3PL6wNWqhSjKlen5%2BrBjjttiK3VdI5vddJXgO4KUWvLq9171L9iLD0LT2YXgtbeyS1OuzdUeTr2tStC5XSuoDCuy1Y1rKomMJ0Nruide08NqT3D0btj5AqWUa5TQZ0geZWeF3qx1tkfWRZEYRjtFAUbA7IVfKn8o3fGerbvXDUoHH2usOBq3A31S%2FeACFVDQ7ZYPndLPYdcLO8VNmc0Fuq8Jm0axY3tW1PqxLxpKN9YXULqtQTls3oU3R61U%2BbeL2x11PGx%2FxnFZNm6EJ4bDMAuY15pglgMVCf89sodaIP8n9mcO6n30KaFGujjxL7lZ1ZV%2BCRncedg8B9Du8LeX%2BFuVItu5xItZEa39mFL%2Ftx%2Fv6nc6Dqn%2FMRA3wKNZ0GpnRE%2F%2FsiXe1rzjoBv96BG%2BIWSr65Zmd0uyjwyQRuxYZIGKM2BpbgXWDBPwyW5jx7Z09wFQ%2BXoKXH1pqNM9k0IXiAOkUkCN0ncBBXP2edf%2FFwsKNVI83pJ391hF4AHIONKufVTQPwWEFkLg4bLrvpziAmEG8ErMHz64RUwT9OKluipt8ArCnKXVelZ8w5otR8PCk8z5Cuyt9T1rT%2F4ufdCedwjj%2B1Vkzwj2wawVZmefeFgWvV1jTzicR%2B%2Fau%2B%2F0Rff5ZrBSjsGQCnxfpnkjaTBajbe%2BRYmZ4cJRW3VHS0xU66Lhd6x9mdLRiUxJZCmFa4HSLiyeSCO%2BsLGKploPY3o1thJLE1XNCXyPCgzxD49oyWp3J8JXJp9BdVaJ6xFridb7vD%2FL32nGU3xWAxvqvWcynvCzwbAu8o3%2BTk10yyM0aI%2BR6TERVmGBQaDJAQHmEvCfwKN83tOKuq5fSdSYy7voJWWYZlxWTSagCRrZA64wPQQBpc3A9WUcx1oEFYGXKm%2FcccyGbZuxnHTrVFEc0z8jdrtpavnbBAGf1WnmDI3bx2e0ygmKlBDF1XFq3Q8Wcr0nNrX9YdLLVnTCnXwcppWuMAGvU2VgdvY3GtX2TFeyf%2F6jZqfXEQrTCKQN05A0AEf9kFcQ62GIWHsLytC3FbBK0GcVFvMQ9nmHDJnWfLGAdYkS%2B8oX1jw2JoJQFFvZuYH0zmHcfQNDgsAf%2Fogq3ag%2Bbv3DWoehh%2BSUWArb7xR2upbtpz9P4coedWt%2Fm3HmUy8AVZLblU8f54Gcb8ieKTMmGzvRWxK0SkKfmR08qEIWeDlWfezfv7c4ltIPM7Btii8JpX9%2BNDFdskFFRqDbZUxheKcbQgIgkSePqJtPVV80%2BRDPd%2Biuzn765NhAX5GrQZDyYPnWyFR4%2BdfsnLvozdpbzAXskAWopEIekiBs6qEwYIMyk0b9RGsmrlUfCBThuqY0zXFhsUdCzkgADssyt0WdiYTRM9fu%2FHf4XnDrllGZkwxXgYTM7a2wAdTbNuk%2B8zevXEr5Y76mGhsvgA8mJCs%2Bp%2F0h58HbZiQ6LyZ7RhgSlJiIJVlk4VwiyerkXzSR9s%2F8q1r%2FKyTmDuOnmrHg7ADQolnfCvTSj5tr1yLJSt2DbfXK1kJ0PD%2FFZH%2BYuVwlWTexZka5xzhZ7citU%2BqcEN8laPxoHIEPb34Pj4%2Bqq19R3jCYsXwS7CUJxzsLW8JS%2Fa8RVRldkcnyj2Hsx2AjkGJD61%2BJi4PTsl58pZoJL6WNJX4vVieHJX4Hi9HSamq3XqMsBCtZ%2BaxcqmP4POd3Lqmdo%2FKsWsjdqk3IX6Q%2B7BIutvdJWlNqI1Oek66VEymF924iK24x5NA5JiqinNABNy83xpR2%2FgPFHy7FMasDEW0cCxUSZ3Dw0IRw%2F8wbYwh7whvvA623YoS6tUYQsMf6jHwLWEEkS6MJ3CxG3vz1vnj6IPHmOUZzMH3Z44vM1f9AuefZO0TGX4QMdSjlHjoZOtxHSBDFbn5W6z%2BHuaG%2FB8HGoehihsGk%2BZJoonQrC8hLfLQcfoo7axtgmE8NpNjn49%2BuaEae915uA1fCdq4cmKSARKPAYOwgvW8jHNiq6IX8n%2F2QED7CinyU%2F8Y9xh3W2wZpsMK9tUE71ECFF77r0LcLIh9tXRvYhndHAGi%2FQoZ5%2FLgB8FeHL8ViBcJE%2FCnrzi9Y%2BDV5%2F9A8Gd6%2B7%2B4e6l3uP%2Fz%2FOh9qcZTBIsimdi7f7pQwf5Sa3y%2FZ9xgL3%2F8maJi1BFCrTnqkCty2x%2BIObAb26pcvDIvri6zZm0sjui6DdqzvmPTrH9hOY11iYvaAdBgS9WG9%2FdaZ9aAh25G3y%2Fr%2FPLVXOXbwwD1rs5375w8h29rJa%2FrjaxcUXD1QsUacf7wNX5tn72qpYXeqrgsGrvhNA1XCVmlTiYOjECBDQ5ebVOXShZ1kAoRAJgApO%2FdN1l1Q%2BjYT2%2FZ1t8zn0Db7oZkMQLXJjDI7HHi8apMV5%2BIYM3r9SqgIybYzjlalHBPbBXrOoF19kY%2FwfhHG1lCSddhWE3ugbllfmVLdfnyVuSAb%2BKEV64TzdD10bCbq7V1UhbqLa2gSz8Nz50qsWc1waQVOBLb1S3t4xvsvOzZXhnupCDvcf8J18TMzsv%2Bi%2BNy9qIFrAWI35VnZDDqh4XxVHBHCb%2F7c3PWL7ok%2FjsfraSe%5C%22%22%7D
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_18.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-4.sin5.r.cloudfront.net
Software
nginx /
Resource Hash
1d16d42e33c80a00df5f4c6a514edbfaa985a2cdf0d33b4f76f90a6625b773b7

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 23 Nov 2023 23:52:47 GMT
content-encoding
gzip
via
1.1 fb176da9df72832dd488674f28c0a880.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN5-C1
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc
h3=":443"; ma=86400
pragma
no-cache
server
nginx
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.turtlediary.com
cache-control
no-store
access-control-allow-credentials
true
x-amz-cf-id
ZiE1FpQhMPnQ3IFXuI4dPUXGeVzoe4Hdau4AhjemdaKpoVBx7y1HkQ==
translator
hbopenbid.pubmatic.com/ Frame 563F 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_18.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.87 Singapore, Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.turtlediary.com
date
Thu, 23 Nov 2023 23:52:47 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ Frame 563F 		0
117 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_18.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.87 Singapore, Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.turtlediary.com
date
Thu, 23 Nov 2023 23:52:47 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
pbjs
htlb.casalemedia.com/openrtb/ Frame 563F 		37 B
400 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=491831&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2210f4176cfc2543e%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.turtlediary.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.16.0%22%2C%22userIds%22%3A%5B%22pubProvidedId%22%5D%2C%22url%22%3A%22https%3A%2F%2Fwww.turtlediary.com%2F%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22pbadslot%22%3A%22%2FPRM%2F114564%2Fwww_turtlediary_com%22%2C%22adunitcode%22%3A%22adUnit_6%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2211e39c5a2abb43f%22%2C%22ext%22%3A%7B%22siteID%22%3A%22491831%22%2C%22tid%22%3A%223dc27122-9207-48a1-881d-747183eb668c%22%2C%22sid%22%3A%22400x225%22%2C%22fl%22%3A%22x%22%2C%22gpid%22%3A%22%2FPRM%2F114564%2Fwww_turtlediary_com%22%7D%2C%22video%22%3A%7B%22playerSize%22%3A%5B%5B400%2C225%5D%5D%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22application%2Fjavascript%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A200%2C%22protocols%22%3A%5B1%2C2%2C3%2C4%2C5%2C6%2C7%2C8%2C11%2C12%2C13%2C14%5D%2C%22linearity%22%3A1%2C%22api%22%3A%5B1%2C2%2C7%5D%2C%22placement%22%3A3%2C%22plcmt%22%3A2%2C%22startdelay%22%3A0%2C%22skip%22%3A1%2C%22playbackmethod%22%3A%5B6%5D%2C%22w%22%3A400%2C%22h%22%3A225%7D%2C%22bidfloor%22%3A1.3%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.com%22%2C%22sid%22%3A%221564%22%2C%22hp%22%3A1%7D%2C%7B%22asi%22%3A%22primis.tech%22%2C%22sid%22%3A%2227975%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22crwdcntrl.net%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22573c5d881cdab3d3bc00402217c416d53938655b9bfb4b8da6f5d0345628eedc%22%7D%5D%7D%2C%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22d5000b61-8bb2-43fa-81c0-410805f54767%22%7D%5D%7D%5D%7D%7D
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_18.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
737b9926931d3e5f92d3b99d96c322adb6195eefeb84fd1fcf2dd5a4c3de70a0

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:47 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7n5J9ThJEDTHj4kYDg0BIgWA9iLtRbSaWnF9AR9%2BAgnE7V8K49kZT0jLQhIlP%2BG00Dr6DGHaqGwqD%2ByTwnvn9UM3HpE3HX4e0F%2Bvt%2BuAEvi1Riv6KYs%2FBNieD9e7dtdKClFblG2p"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.turtlediary.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
82ad53ee4f8aa955-SYD
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
c
c.pub.network/v2/ 		36 B
53 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/analytics/1.2.5/analytics.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
270fd5ef990d8cdcc91e68e2ddb14b00d9403ea70a146d60622c246161374c0b

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 23 Nov 2023 23:52:47 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://www.turtlediary.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
c
c.pub.network/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.turtlediary.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.turtlediary.com
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 23 Nov 2023 23:52:47 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
via
1.1 google
ads
securepubads.g.doubleclick.net/gampad/ 		316 B
223 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4037120793813158&correlator=3834674502831778&eid=31079673%2C31079694%2C31079527&output=ldjh&gdfp_req=1&vrg=202311130101&ptt=17&impl=fifs&iu_parts=15184186%3A5358318%2Cturtlediary_rightrail_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x50%7C300x100%7C250x250%7C300x250%7C336x280&ifi=3&sfv=1-0-40&rcs=1&eri=1&sc=1&cookie=ID%3De347db05c2ac62f4%3AT%3D1700783565%3ART%3D1700783565%3AS%3DALNI_Ma-_ba_RBniICdMN8quouTnphtmsw&gpic=UID%3D00000c9604f894fc%3AT%3D1700783565%3ART%3D1700783565%3AS%3DALNI_MY5ERMDBpNW1GcFVla3NrQypbOWOg&abxe=1&dt=1700783567087&lmt=1700783567&adxs=1240&adys=183&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.turtlediary.com%2F&vis=1&psz=400x-1&msz=400x-1&fws=516&ohw=1600&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=1678017089.1700783564&ga_sid=1700783566&ga_hid=1170208718&ga_fc=true&ga_cid=1184689771.1700783564&a3p=EhsKDGlkNS1zeW5jLmNvbRiI2-b0vzFIAFICCGoSWgoNY3J3ZGNudHJsLm5ldBJANTczYzVkODgxY2RhYjNkM2JjMDA0MDIyMTdjNDE2ZDUzOTM4NjU1YjliZmI0YjhkYTZmNWQwMzQ1NjI4ZWVkYxie1Ob0vzFIABIZCgpwdWJjaWQub3JnGLHU5vS_MUgAUgIIahIXCghydGJob3VzZRjr0-b0vzFIAFICCGoSPgoFb3BlbngSLGV5SnBJam9pWm5VMGJuWk9Ua2xUUzNWUk9YaEhkbEJZY21kclFUMDlJbjA9GLXU5vS_MUgA&dlt=1700783562511&idt=2166&prev_scp=fsrefresh%3D0%26fsrebid%3D1%26fs_uuid%3Dbe4040b3-1215-407b-a036-6b97ebb92186%26fs_placementName%3Dturtlediary_rightrail_1%26fs_ad_product%3Dbanner%26fsbid%3Dtimeout&cust_params=user-agent%3DChrome%26fs_session_id%3D8c363077-3a1e-458f-82b0-67ed9265b43d%26fs_pageview_id%3D41dd9f03604084fd52d200f3ad1731c1%26fs_iiq_enabled%3Dtrue%26floors_user%3D1%26floors_rtt%3D2%26fs_clientservermask%3D220232331212212102112%26fs_testgroup%3Doptimised&adks=469835515&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079694
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
57c93e86e7b10612f05de7652b2bce658199b0c60eb9ec6c71feb50ad52edc58
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 23:52:47 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
134
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.turtlediary.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
img
sync.mathtag.com/sync/ Frame AADC 		0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 53CD
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4572801297682017392&gdpr=0&gdpr_consent=
42 B
219 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4572801297682017392&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.86 Singapore, Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 23 Nov 2023 23:52:47 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
f160a319-603f-4788-8e3d-fa0ad0abf85a
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Thu, 23 Nov 2023 23:52:47 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4572801297682017392&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.23.4
x-proxy-origin
66.203.112.163; 66.203.112.163; 591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
x-xss-protection
0
sync
x.bidswitch.net/ Frame 30B4
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=f958b8ca-fc9a-4181-9fe9-ebc3226aedb7&ssp=pubmatic
43 B
235 B 		Document
General
Check archive.org
Download Go to
Full URL
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=f958b8ca-fc9a-4181-9fe9-ebc3226aedb7&ssp=pubmatic
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 23 Nov 2023 23:52:48 GMT
Server
nginx

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Thu, 23 Nov 2023 23:52:48 GMT
location
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=f958b8ca-fc9a-4181-9fe9-ebc3226aedb7&ssp=pubmatic
via
1.1 google
Pug%3Fvcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&s=2
b1sync.zemanta.com/usersync/pubmatic/gdpr=0&gdpr_consent=&https:/simage2.pubmatic.com/AdServer/ Frame 21B9
Redirect Chain
  • https://b1sync.zemanta.com/usersync/pubmatic/?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://b1sync.zemanta.com/usersync/pubmatic/?gdpr=0&gdpr_consent=&https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid%3A%24UID&s=2
  • https://b1sync.zemanta.com/usersync/pubmatic/gdpr=0&gdpr_consent=&https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid%3A%24UID&s...
  • https://b1sync.zemanta.com/usersync/pubmatic/gdpr=0&gdpr_consent=&https:/simage2.pubmatic.com/AdServer/Pug%3Fvcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&s=2?gdpr=0
19 B
176 B 		Document
General
Check archive.org
Download Go to
Full URL
https://b1sync.zemanta.com/usersync/pubmatic/gdpr=0&gdpr_consent=&https:/simage2.pubmatic.com/AdServer/Pug%3Fvcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&s=2?gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.31.142.191 Hickory Hills, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
chi.outbrain.com
Software
/
Resource Hash
b16e15764b8bc06c5c3f9f19bc8b99fa48e7894aa5a6ccdad65da49bbf564793
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Content-Length
19
Content-Type
text/plain; charset=utf-8
Date
Thu, 23 Nov 2023 23:52:48 GMT
X-Content-Type-Options
nosniff

Redirect headers

Content-Length
216
Content-Type
text/html; charset=utf-8
Date
Thu, 23 Nov 2023 23:52:48 GMT
Location
/usersync/pubmatic/gdpr=0&gdpr_consent=&https:/simage2.pubmatic.com/AdServer/Pug%3Fvcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&s=2?gdpr=0
b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame 6F42
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...
85 B
236 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZV-lzwAB4Qvx7QBd
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Thu, 23 Nov 2023 23:52:47 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-bfi-krnt7300056-BFI
x-timer
S1700783568.774374,VS0,VE67

Redirect headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
0
date
Thu, 23 Nov 2023 23:52:47 GMT
location
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZV-lzwAB4Qvx7QBd
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-bfi-krnt7300056-BFI
x-timer
S1700783568.547501,VS0,VE69
Pug
image2.pubmatic.com/AdServer/ Frame BB47
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=R1656BRe7-tcW-65Rw6h60Ff77pcCbS5Elm7vgzj
42 B
433 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=R1656BRe7-tcW-65Rw6h60Ff77pcCbS5Elm7vgzj
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 23 Nov 2023 23:52:47 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Thu, 23 Nov 2023 23:52:47 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=R1656BRe7-tcW-65Rw6h60Ff77pcCbS5Elm7vgzj
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 331A
Redirect Chain
  • https://cm.ambientdsp.com/cm/send?vc=pmj
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=12ga5di2cane
1 B
168 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=12ga5di2cane
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.86 Singapore, Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Thu, 23 Nov 2023 23:52:47 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-encoding
utf-8
cache-control
no-store
content-length
0
date
Thu, 23 Nov 2023 23:52:47 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=12ga5di2cane
lws
127.0.0.1
strict-transport-security
max-age=31536000; includeSubDomains
time-ms
0
Pug
simage2.pubmatic.com/AdServer/ Frame BDD4
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=VvsKSL_3W_1J1MHeEqGRKkLLcKM&gdpr=0&gdpr_consent=
42 B
380 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=VvsKSL_3W_1J1MHeEqGRKkLLcKM&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.86 Singapore, Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 23 Nov 2023 23:52:48 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Thu, 23 Nov 2023 23:52:47 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=VvsKSL_3W_1J1MHeEqGRKkLLcKM&gdpr=0&gdpr_consent=
usersyncsupply
cm-supply-web.gammaplatform.com/adx/ Frame D449 		0
0
usersync.aspx
dis.criteo.com/dis/ Frame 62EB 		43 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.146 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Thu, 23 Nov 2023 23:52:46 GMT
expires
Thu, 23 Nov 2023 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
419907
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
cm
ipac.ctnsnet.com/int/ Frame 2C74 		43 B
362 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Thu, 23 Nov 2023 23:52:46 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
Pug
simage2.pubmatic.com/AdServer/ Frame D11E
Redirect Chain
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=ff1ad6d7302d4690986ab88eaa6f6463
42 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=ff1ad6d7302d4690986ab88eaa6f6463
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.86 Singapore, Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 23 Nov 2023 23:52:47 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html;charset=UTF-8
date
Thu, 23 Nov 2023 23:52:46 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=ff1ad6d7302d4690986ab88eaa6f6463
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
status
302
via
1.1 google
x-xss-protection
1; mode=block
Pug
image2.pubmatic.com/AdServer/ Frame E713
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU1d80bda0d2304619906361725033a9c6
42 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU1d80bda0d2304619906361725033a9c6
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 23 Nov 2023 23:52:47 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
166
content-type
text/html; charset=utf-8
date
Thu, 23 Nov 2023 23:52:47 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU1d80bda0d2304619906361725033a9c6
pragma
no-cache
server
Tengine
Pug
image2.pubmatic.com/AdServer/ Frame 123E
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=HHqbwVdtDV6mwmv-z-VfZQ
42 B
280 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=HHqbwVdtDV6mwmv-z-VfZQ
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 23 Nov 2023 21:37:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
cache-control
no-store
content-length
153
content-type
text/html; charset=utf-8
date
Thu, 23 Nov 2023 23:52:47 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=HHqbwVdtDV6mwmv-z-VfZQ
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame 62E7
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=680f874e-8a5b-11ee-b797-8b289c061b88
42 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=680f874e-8a5b-11ee-b797-8b289c061b88
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.86 Singapore, Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 23 Nov 2023 23:52:48 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
0
content-type
image/gif
date
Thu, 23 Nov 2023 23:52:48 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=680f874e-8a5b-11ee-b797-8b289c061b88
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
aws-apsoutheast1b-delivery-2
send
sync-dsp.ad-m.asia/dsp/api/sync/ Frame A76B 		43 B
243 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
220.150.223.50 , Japan, ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP),
Reverse DNS
50.223.150.220.in-addr.arpa
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
no-store,no-cache
Connection
close
Content-Length
43
Content-Type
image/gif
Date
Thu, 23 Nov 2023 23:52:49 GMT
Pragma
no-cache
Server
nginx
expires
-1
pxd
dps.jp.cinarra.com/ Frame 4DE4 		0
39 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=0A657C5F-D245-45A8-9BC1-CB8389B02520
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.196.135.209 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-196-135-209.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
0
date
Thu, 23 Nov 2023 23:52:47 GMT
i.match
s.tribalfusion.com/z/ Frame A2DC
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
447 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
82ad53f35df7aaf0-SYD
content-length
43
content-type
image/gif; charset=utf-8
date
Thu, 23 Nov 2023 23:52:48 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
82ad53f10a7caaf0-SYD
content-type
text/html
date
Thu, 23 Nov 2023 23:52:47 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
509
141
match.deepintent.com/usersync/ Frame 9F40 		0
45 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
0
date
Thu, 23 Nov 2023 23:52:46 GMT
server
c
cookiesync
core.iprom.net/ Frame 39A8 		43 B
277 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Thu, 23 Nov 2023 23:52:48 GMT
Vary
Accept-Encoding
X-adserver-worker
komodo-df37695fb009@version_1.576
X-core-time
0ms
X-server-arch
v2
Pug
simage2.pubmatic.com/AdServer/ Frame EE42
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
75 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.86 Singapore, Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 23 Nov 2023 23:52:47 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Thu, 23 Nov 2023 23:52:47 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 9030
Redirect Chain
  • https://live.primis.tech/live/liveCS.php?source=external&advId=91&advUuid=0A657C5F-D245-45A8-9BC1-CB8389B02520
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1402230080&3rdpcid=0A657C5F-D245-45A8-9BC1-CB8389B02520
43 B
881 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1402230080&3rdpcid=0A657C5F-D245-45A8-9BC1-CB8389B02520
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.67.93.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-44.syd62.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
date
Thu, 23 Nov 2023 23:52:47 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 e3f64b5e1795622ac1fd367fad798c10.cloudfront.net (CloudFront)
x-amz-cf-id
goEDwL2L7zz7waplfI8elthY9Jba_kOxT3ANJgKYEOqPtds_mNXwMQ==
x-amz-cf-pop
SYD62-P1
x-cache
Miss from cloudfront

Redirect headers

age
0
alt-svc
h3=":443"; ma=86400
cache-control
no-store
content-type
text/html; charset=utf-8
date
Thu, 23 Nov 2023 23:52:46 GMT
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1402230080&3rdpcid=0A657C5F-D245-45A8-9BC1-CB8389B02520
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
pragma
no-cache
server
nginx
via
1.1 fb176da9df72832dd488674f28c0a880.cloudfront.net (CloudFront)
x-amz-cf-id
_T6LLicCzoKdK3DnnQNaPJyAUQuNeGf3lbl0fuW9XrwuTYGgv-OOhg==
x-amz-cf-pop
SIN5-C1
x-cache
Miss from cloudfront
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2C70
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=CmV8X9JFRaibwcuDibAlIA%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Server
23.215.59.10 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-215-59-10.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 23:52:47 GMT
content-encoding
gzip
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=139078
accept-ranges
bytes
content-length
5622
expires
Sat, 25 Nov 2023 14:30:45 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame 2C70
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=0A657C5F-D245-45A8-9BC1-CB8389B02520
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D2fd0d5b5-50bf-4118-9d4e-7d8d4331eb19%252C%252C
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=4572801297682017392&pt=2fd0d5b5-50bf-4118-9d4e-7d8d4331eb19%2C%2C
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=4572801297682017392&pt=2fd0d5b5-50bf-4118-9d4e-7d8d4331eb19%2C%2C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 23:52:47 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:47 GMT
an-x-request-uuid
648f4b0f-a3bf-4e89-89ae-1424bab18aac
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=4572801297682017392&pt=2fd0d5b5-50bf-4118-9d4e-7d8d4331eb19%2C%2C
x-proxy-origin
66.203.112.163; 66.203.112.163; 591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame 2C70 		49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=0A657C5F-D245-45A8-9BC1-CB8389B02520&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.140.225.254 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-140-225-254.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:47 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.42.12.45
content-length
49
expires
0
info2
uipglob.semasio.net/pubmatic/1/ Frame 2C70
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=0A657C5F-D245-45A8-9BC1-CB8389B02520&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=0A657C5F-D245-45A8-9BC1-CB8389B02520&sInitiator=external&gdpr=0&gdpr_consent=
42 B
570 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=0A657C5F-D245-45A8-9BC1-CB8389B02520&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
HTTP/1.1
Server
119.9.108.191 , Hong Kong, ASN45187 (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong, HK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:31 GMT
frontend-id
0
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
42
routing-server-id
1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:31 GMT
frontend-id
0
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=0A657C5F-D245-45A8-9BC1-CB8389B02520&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
1
expires
Sat, 01 Jan 2011 12:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 2C70
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MEE2NTdDNUYtRDI0NS00NUE4LTlCQzEtQ0I4Mzg5QjAyNTIw&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 23 Nov 2023 23:52:47 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 2C70
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHZEqQEqOHomDxQiwRVfEkA&google_cver=1
42 B
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHZEqQEqOHomDxQiwRVfEkA&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 23 Nov 2023 21:50:30 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHZEqQEqOHomDxQiwRVfEkA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 2C70 		43 B
611 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.124.209.251 Singapore, Singapore, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
251.209.124.34.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 23:52:47 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Wed, 22 Nov 2023 23:52:47 GMT
0A657C5F-D245-45A8-9BC1-CB8389B02520
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 2C70 		43 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/0A657C5F-D245-45A8-9BC1-CB8389B02520?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.229.188.244 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-229-188-244.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 23:52:47 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame 2C70
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=26f23103-179c-4aa3-bd2c-21572cdcc184&gdpr=0&gdpr_consent=
42 B
312 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=26f23103-179c-4aa3-bd2c-21572cdcc184&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Server
67.199.150.86 Singapore, Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 23 Nov 2023 23:52:47 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=26f23103-179c-4aa3-bd2c-21572cdcc184&gdpr=0&gdpr_consent=
date
Thu, 23 Nov 2023 23:52:47 GMT
server
Kestrel
content-length
355
SPug
image4.pubmatic.com/AdServer/ Frame 2C70
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=0A657C5F-D245-45A8-9BC1-CB8389B02520&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Oy3DkWFE2uVqTGFmDF.xEFKjdLvtKSk-~A&gdpr=0
0
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Oy3DkWFE2uVqTGFmDF.xEFKjdLvtKSk-~A&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Server
207.65.33.76 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 21:33:36 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Oy3DkWFE2uVqTGFmDF.xEFKjdLvtKSk-~A&gdpr=0
date
Thu, 23 Nov 2023 23:52:47 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 2C70
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3917786307431759313&gdpr=0&gdpr_consent=&us_privacy=
1 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3917786307431759313&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Server
67.199.150.86 Singapore, Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Thu, 23 Nov 2023 23:52:48 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3917786307431759313&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Thu, 23 Nov 2023 23:52:47 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 2C70
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8162966499268527634
42 B
322 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8162966499268527634
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Server
67.199.150.86 Singapore, Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 23 Nov 2023 21:39:27 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8162966499268527634
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 2C70
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=0A657C5F-D245-45A8-9BC1-CB8389B02520&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=651c137dd9e9228f&is_secure=true&networkId=17100&version=1&nuid=0A657C5F-D245-45A8-9BC1-CB8389B02520&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMRxyfTNiCQwMUWD68AAAAAAA&expiration=1700869968&nuid=0A657C5F-D245-45A8-9BC1-CB8389B02520&...
42 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMRxyfTNiCQwMUWD68AAAAAAA&expiration=1700869968&nuid=0A657C5F-D245-45A8-9BC1-CB8389B02520&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Server
67.199.150.86 Singapore, Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 23 Nov 2023 23:52:48 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:48 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMRxyfTNiCQwMUWD68AAAAAAA&expiration=1700869968&nuid=0A657C5F-D245-45A8-9BC1-CB8389B02520&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
ads
securepubads.g.doubleclick.net/gampad/ 		316 B
212 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4037120793813158&correlator=3834674502831778&eid=31079673%2C31079694%2C31079527&output=ldjh&gdfp_req=1&vrg=202311130101&ptt=17&impl=fifs&iu_parts=15184186%3A5358318%2Cturtlediary_rightrail_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x50%7C300x100%7C250x250%7C300x250%7C336x280&ifi=4&sfv=1-0-40&rcs=1&eri=1&sc=1&cookie=ID%3De347db05c2ac62f4%3AT%3D1700783565%3ART%3D1700783565%3AS%3DALNI_Ma-_ba_RBniICdMN8quouTnphtmsw&gpic=UID%3D00000c9604f894fc%3AT%3D1700783565%3ART%3D1700783565%3AS%3DALNI_MY5ERMDBpNW1GcFVla3NrQypbOWOg&abxe=1&dt=1700783567372&lmt=1700783567&adxs=1240&adys=515&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.turtlediary.com%2F&vis=1&psz=400x-1&msz=400x-1&fws=516&ohw=1600&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=1678017089.1700783564&ga_sid=1700783566&ga_hid=1170208718&ga_fc=true&ga_cid=1184689771.1700783564&a3p=EhsKDGlkNS1zeW5jLmNvbRiI2-b0vzFIAFICCGoSWgoNY3J3ZGNudHJsLm5ldBJANTczYzVkODgxY2RhYjNkM2JjMDA0MDIyMTdjNDE2ZDUzOTM4NjU1YjliZmI0YjhkYTZmNWQwMzQ1NjI4ZWVkYxie1Ob0vzFIABIZCgpwdWJjaWQub3JnGLHU5vS_MUgAUgIIahIXCghydGJob3VzZRjr0-b0vzFIAFICCGoSPgoFb3BlbngSLGV5SnBJam9pWm5VMGJuWk9Ua2xUUzNWUk9YaEhkbEJZY21kclFUMDlJbjA9GLXU5vS_MUgA&dlt=1700783562511&idt=2166&prev_scp=fsrefresh%3D0%26fsrebid%3D1%26fs_uuid%3D29193551-28ba-40f3-922a-d13563846d63%26fs_placementName%3Dturtlediary_rightrail_2%26fs_ad_product%3Dbanner%26fsbid%3D0&cust_params=user-agent%3DChrome%26fs_session_id%3D8c363077-3a1e-458f-82b0-67ed9265b43d%26fs_pageview_id%3D41dd9f03604084fd52d200f3ad1731c1%26fs_iiq_enabled%3Dtrue%26floors_user%3D1%26floors_rtt%3D2%26fs_clientservermask%3D220232331212212102112%26fs_testgroup%3Doptimised&adks=1327134113&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079694
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
49147fd978355944f2cb567e8579ba6b81affc569aa0e386c7e53bc8808de9b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 23:52:47 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
135
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.turtlediary.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
w_480_00000.ts
video.primis.tech/uploads/cn25/video/users/hls/24485/video_5f1efd992aacd325016072/vid5f2ac7b35af4e433265914.mp4/ 		364 KB
365 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn25/video/users/hls/24485/video_5f1efd992aacd325016072/vid5f2ac7b35af4e433265914.mp4/w_480_00000.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.3.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-3-9.lax50.r.cloudfront.net
Software
nginx /
Resource Hash
ff13096e02f6534f37880161972d56fd39cd83bb11998dab5af22a9c49ef1e78

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 00:37:15 GMT
via
1.1 1260542438eca30108fbd1ad5f992372.cloudfront.net (CloudFront), 1.1 ad0709bedfde2db64fca0e2b4d741932.cloudfront.net (CloudFront)
x-amz-cf-pop
LAX3-C4, LAX50-P1
age
170132
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
372428
last-modified
Wed, 18 Aug 2021 10:06:33 GMT
server
nginx
etag
"5f5e90823edca7487e98eafed3e8023e"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
ZCYiLsxGV9RIEVt0dN8J-KqdJzQ3kSeg8WFoZJZ--4mmdMz8fqqEfw==
expires
Wed, 06 Dec 2023 00:37:15 GMT
ebb77f46-3049-48fe-8f3a-30c53d3efd08
https://www.turtlediary.com/ 		67 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.turtlediary.com/ebb77f46-3049-48fe-8f3a-30c53d3efd08
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b3e57eb372e8b405c816875571e184854b2846261c7477c6c9bdb7782faa1a30

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Length
68465
Content-Type
text/javascript
usermatch
ssum-sec.casalemedia.com/ Frame 9724 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&cb=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
473917246f8e1778e0c1ac249327e64dbd220621bbe1fb1ebac58cb915fb124f

Request headers

Referer
https://www.turtlediary.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
82ad53f2d867ab05-SYD
content-encoding
br
content-type
text/html
date
Thu, 23 Nov 2023 23:52:47 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EnCjB8TMF2naQzvkttZWlnOtIeXBKYlVN7nBViA4mrHDWQdcP9b6swJMpszkvH3Qv%2FpB1zYLYojAEBYGMNlofnGK90mT8Qy09dDSgDPcubBXZ7n9SsKT1HamHwAxIOX7oDFL2Zvigoncgg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
rum
dsum-sec.casalemedia.com/ Frame 9724
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=26f23103-179c-4aa3-bd2c-21572cdcc184&expiration=1703375567&gdpr=0&gdpr_consent=
43 B
334 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=26f23103-179c-4aa3-bd2c-21572cdcc184&expiration=1703375567&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&cb=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:48 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UXRsIc4KqxD4GhxE8X0EkYz8hPC77TjNMAMCnw3L8X91yTl5YEqbEX4Bolpj8j6m65hz3UCIaoiktSoNX4mUBCUFqyihPodF9bEIIq3XYmBlGht1EMEg%2B6y0h7s5Ve1FuBNiik746idroA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82ad53f3bebca955-SYD
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=26f23103-179c-4aa3-bd2c-21572cdcc184&expiration=1703375567&gdpr=0&gdpr_consent=
date
Thu, 23 Nov 2023 23:52:47 GMT
server
Kestrel
content-length
323
crum
dsum-sec.casalemedia.com/ Frame 9724
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZV-lzhynmEB9jLIUcQ17wgAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEM26JBjvhHgHfigS0TNQwfM&google_cver=1
43 B
738 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEM26JBjvhHgHfigS0TNQwfM&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&cb=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:48 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cSd1VUAstcfcdxdKwlzrXPGN%2FEqmjXdH2FTm2gCWXhhZ8jb8hi%2BkH%2BKUwe0CVOn6WxdHMH%2B36Q6S0amIN8SS029dVixViM%2F15iSEiTV%2FyndkL38busSMbJrvZOxidYR0cvhXLMJKcbjTVw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82ad53f51c07ab05-SYD
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:48 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEM26JBjvhHgHfigS0TNQwfM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 9724
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZV_lzhynmEB9jLIUcQ17wgAAEmEAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESECNkwQohI6FuesB2sO3KDqk&google_cver=1
43 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESECNkwQohI6FuesB2sO3KDqk&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&cb=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:48 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lc34DPH8EBHziP3JA461nKpKAdEoFpglIpO%2BRvu6CRbIY2W6eEAY9CE1EU3Y7bJ5FHANLHhWfda%2BySHoUFFvVkhl%2BJ3u%2By1dB9szhmbqgO0hihrLzUCzju3%2B77bMd0kEoqvi3ZzxD6rBNA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82ad53f45a91ab05-SYD
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:48 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESECNkwQohI6FuesB2sO3KDqk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 9724
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZV_lzhynmEB9jLIUcQ17wgAAEmEAAAIB&gpp=&gpp_sid=
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZV_lzhynmEB9jLIUcQ17wgAAEmEAAAIB&gpp=&gpp_sid=&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZV_lzhynmEB9jLIUcQ17wgAAEmEAAAIB&gpp=&gpp_sid=&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&cb=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 23:52:48 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
1V9FAAX6RDVSMMZ2NGZN
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 23:52:48 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
QDGX6AEZ6WH06MQVET1N
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZV_lzhynmEB9jLIUcQ17wgAAEmEAAAIB&gpp=&gpp_sid=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 9724
Redirect Chain
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=8dbad5b6-2f99-471c-876c-6c700708221d&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
43 B
738 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=8dbad5b6-2f99-471c-876c-6c700708221d&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&cb=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:48 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9ODt4PUzEZDJ0h8juD1vrYYIY7dMDo2StxJP3OLW%2B6eX4pEf3E3QOyvTAP7LSI1kCSJpP6XiDXrGa%2BKDnItkI2Eilt2V4F4PeD%2BRLlY7lXzv%2FFKNXBvSxh5ZhES8e2TcYoWeiOFMpJg%2B9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82ad53f54c5aab05-SYD
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=8dbad5b6-2f99-471c-876c-6c700708221d&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
date
Thu, 23 Nov 2023 23:52:48 GMT
server
_
content-length
0
rum
dsum-sec.casalemedia.com/ Frame 9724
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3989843901469687249
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3989843901469687249
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&cb=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:48 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=evpYFMXa0ZRS%2FM0i6Ab4yKUBlZLr41QWF9TcWKKlylUIoU%2B8nAC3ybz86%2BP0TPKGCMEZ8V06ZdzyxJOkmjThMaUDIyGnKpguQVmMFjZiHJxA4Hzplq42FP98iqU9en11OkIhruwEJIdB1g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82ad53f80809ab05-SYD
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3989843901469687249
pragma
no-cache
date
Thu, 23 Nov 2023 23:52:47 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
rum
dsum-sec.casalemedia.com/ Frame 9724
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZV-lzwAB4Qvx7QBd
43 B
742 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZV-lzwAB4Qvx7QBd
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&cb=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:48 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=djhcNbuYJaQ8WZ92lQplTEl3OXetlwXf%2F%2BHvfWjKX3iRdxF%2F9Ogpc0IYOrNVDZY7%2FKNlbDZo9s8Mri8KOcyyXF4HDbU2KNswL5QfxzDppzZavGplAyYIdXzqop3E1bLUG79A%2F%2FRpEv%2FC%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82ad53f4ab6cab05-SYD
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

x-served-by
cache-bfi-krnt7300056-BFI
pragma
no-cache
date
Thu, 23 Nov 2023 23:52:48 GMT
via
1.1 varnish
server
Varnish
x-timer
S1700783568.023509,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZV-lzwAB4Qvx7QBd
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
tp_out
d.adroll.com/cm/index/ Frame 9724 		42 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&cb=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.77.160.240 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-160-240.ap-southeast-1.compute.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 23:52:48 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.1
content-length
42
vary
Cookie
content-type
image/gif
setuid
s2s.t13.io/ Frame 9724 		0
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2s.t13.io/setuid?gpp=&gpp_sid=&bidder=ix&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=b&uid=ZV-lzhynmEB9jLIUcQ17wgAA%264705
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&cb=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:50 GMT
via
1.1 google
content-type
text/html
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0
c
c.pub.network/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.turtlediary.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.turtlediary.com
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 23 Nov 2023 23:52:48 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
via
1.1 google
c
c.pub.network/v2/ 		36 B
53 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/analytics/1.2.5/analytics.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
270fd5ef990d8cdcc91e68e2ddb14b00d9403ea70a146d60622c246161374c0b

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 23 Nov 2023 23:52:48 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://www.turtlediary.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
w_480_00001.ts
video.primis.tech/uploads/cn25/video/users/hls/24485/video_5f1efd992aacd325016072/vid5f2ac7b35af4e433265914.mp4/ 		496 KB
498 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn25/video/users/hls/24485/video_5f1efd992aacd325016072/vid5f2ac7b35af4e433265914.mp4/w_480_00001.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.3.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-3-9.lax50.r.cloudfront.net
Software
nginx /
Resource Hash
f7309abef3c5197717e4ba4263728c9aafeb57fc12dbef8d499ac3047099ff60

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 00:37:16 GMT
via
1.1 95a7b3c60127f88f316c1c042cf353c2.cloudfront.net (CloudFront), 1.1 ad0709bedfde2db64fca0e2b4d741932.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C1, LAX50-P1
age
170132
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
508352
last-modified
Wed, 18 Aug 2021 10:06:33 GMT
server
nginx
etag
"9d4b079d8426b36c9a279c5d0fdf5ec7"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
had8ww-UrQN851HHckSC3X4GJ1XtiBvVkuYWprbV7I5UpwwtQ7qIOg==
expires
Wed, 06 Dec 2023 00:37:16 GMT
c
c.pub.network/v2/ 		36 B
53 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/analytics/1.2.5/analytics.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
270fd5ef990d8cdcc91e68e2ddb14b00d9403ea70a146d60622c246161374c0b

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 23 Nov 2023 23:52:48 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://www.turtlediary.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
c
c.pub.network/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.turtlediary.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.turtlediary.com
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 23 Nov 2023 23:52:48 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
via
1.1 google
w_480_00002.ts
video.primis.tech/uploads/cn25/video/users/hls/24485/video_5f1efd992aacd325016072/vid5f2ac7b35af4e433265914.mp4/ 		454 KB
455 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn25/video/users/hls/24485/video_5f1efd992aacd325016072/vid5f2ac7b35af4e433265914.mp4/w_480_00002.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.3.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-3-9.lax50.r.cloudfront.net
Software
nginx /
Resource Hash
2dcf6590a49e6d2fc6ff060c1192937e40b56b81591fe48eb8baf78800b16d2d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 20:45:19 GMT
via
1.1 d252968c504ffe8fc53a565195348068.cloudfront.net (CloudFront), 1.1 ad0709bedfde2db64fca0e2b4d741932.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P3, LAX50-P1
age
11249
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
464736
last-modified
Wed, 18 Aug 2021 10:06:33 GMT
server
nginx
etag
"66e39636a1a2b453ef911e28b43d5382"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
gF647tbxT1eATIAZP7iNVkPEHDfx4kRInyzgpvLtmbv3jtoKVOBDMA==
expires
Thu, 07 Dec 2023 20:45:19 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 2822 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.77.149.36 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-77-149-36.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.turtlediary.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 23 Nov 2023 23:52:48 GMT
ETag
"623de86a-cf34"
Expires
Fri, 24 Nov 2023 23:52:50 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
X-Akamai-EW-Subworker
8096267
sync
eb2.3lift.com/ Frame 5D79 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
b063c5ca505fa3b9c7ce150c672ad8b750914ee5f3f9886057324ca8c368c6b3

Request headers

Referer
https://www.turtlediary.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1343
content-type
text/html; charset=utf-8
date
Thu, 23 Nov 2023 23:52:48 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pd
freestar-d.openx.net/w/1.0/ Frame 66B5 		761 B
756 B 		Document
General
Check archive.org
Download Go to
Full URL
https://freestar-d.openx.net/w/1.0/pd
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
2b886f05bfca2b066fb718afcc815ec322d7df55c18dcbcac57cfe2f1c9a10bb

Request headers

Referer
https://www.turtlediary.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
442
content-type
text/html
date
Thu, 23 Nov 2023 23:52:48 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
beacon
ce.lijit.com/ Frame D06E
Redirect Chain
  • https://ap.lijit.com/beacon?informer=13388523
  • https://ce.lijit.com/beacon?informer=13388523
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/beacon?informer=13388523
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.191.163.208 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
6bc56823812bdc9e3273e44103fb1da56c554204decc8b182f877daeac6788be

Request headers

Referer
https://www.turtlediary.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Encoding
gzip
Content-Length
1101
Content-Type
text/html
Date
Thu, 23 Nov 2023 23:52:49 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
Vary
Accept-Encoding, User-Agent
X-Sovrn-Pod
ad_ap2sfo1

Redirect headers

Content-length
0
Location
https://ce.lijit.com/beacon?informer=13388523
pbcas
ads.yieldmo.com/ Frame 0DF3 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.0.243.35 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-0-243-35.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
90dc1dd41adb18dfda3418fbe783597c70aa93bfc41ac100f8ba5c3bccf9bf3e

Request headers

Referer
https://www.turtlediary.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html;charset=utf-8
date
Thu, 23 Nov 2023 23:52:48 GMT
pragma
no-cache
vary
accept-encoding
v1
match.sharethrough.com/sync/
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=s&redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DxTFJbLbs37tyhbKsPP9VC2cm%26source_user_id%3D%24UID&gpp=&gpp_sid=
  • https://match.sharethrough.com/sync/v1?source_id=xTFJbLbs37tyhbKsPP9VC2cm&source_user_id=dd89a05fcd
68 B
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=xTFJbLbs37tyhbKsPP9VC2cm&source_user_id=dd89a05fcd
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Server
54.254.195.29 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-254-195-29.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 23:52:49 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

date
Thu, 23 Nov 2023 23:51:59 GMT
via
1.1 1c8c09a2d2295d49b2248ce893dbb6c6.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
SYD1-C1
age
50
x-cache
Hit from cloudfront
location
https://match.sharethrough.com/sync/v1?source_id=xTFJbLbs37tyhbKsPP9VC2cm&source_user_id=dd89a05fcd
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
uep_ZO9VVxXd-41fkaCnNGN67o3seyL5fjHJxCgRSMsdCF2y6PhNbA==
sync
x.bidswitch.net/ 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=themediagrid
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 23:52:48 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
v1
match.sharethrough.com/sync/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=&gpp=&gpp_sid=
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=26f23103-179c-4aa3-bd2c-21572cdcc184&gdpr=0&gdpr_consent=
68 B
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=26f23103-179c-4aa3-bd2c-21572cdcc184&gdpr=0&gdpr_consent=
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Server
54.254.195.29 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-254-195-29.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 23:52:48 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=26f23103-179c-4aa3-bd2c-21572cdcc184&gdpr=0&gdpr_consent=
date
Thu, 23 Nov 2023 23:52:48 GMT
server
Kestrel
content-length
323
cookiesyncredir
bttrack.com/pixel/ 		35 B
305 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/pixel/cookiesyncredir?rurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DFGhqNjC2WnFmmvNpTL32LMME%26source_user_id%3D%7Bglobalid%7D%26gdpr%3D0%26gdpr_consent%3D&gpp=&gpp_sid=
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.38.119.44 , United States, ASN19151 (BBO-1, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-servername
track007-sjc
pragma
no-cache
date
Thu, 23 Nov 2023 23:52:04 GMT
strict-transport-security
max-age=31536000;
content-type
image/gif
cache-control
private,no-cache
content-length
35
expires
-1
async_usersync
ib.adnxs.com/ Frame 2822 		0
597 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.178 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:48 GMT
an-x-request-uuid
52e28212-84f7-4589-af24-2618fe0f71fb
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
66.203.112.163; 66.203.112.163; 591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
s2s.t13.io/
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-triple13&gdpr=&gdpr_consent=&us_privacy=
  • https://s2s.t13.io/setuid?bidder=rubicon&uid=LPBUMEW9-N-2Z93
86 B
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2s.t13.io/setuid?bidder=rubicon&uid=LPBUMEW9-N-2Z93
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H3
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:48 GMT
content-encoding
gzip
via
1.1 google
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s2s.t13.io/setuid?bidder=rubicon&uid=LPBUMEW9-N-2Z93
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
d335433bbbe0efeac67146df47932f6f
Expires
0
liveView.php
live.primis.tech/live/ 		0
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTM2JaNypaZypyRcoWU9MTpjMDp4MmU2NvZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTE0NTY0JaN0YT0jJat9NDAjJax9MwplJaZcZF9jYXNmRG9gYWyhPXq3ql50qXJ0oGVxnWFlrS5wo20zp3VvSWQ9q3q3LaR1paRfZWRcYXJ5LzNioSZxZWJ1Z0yhZz9loWF0nW9hPSZcp0FjpD0jJaNxn3Y9JaVmZXJJpEFxZHI9NwYhMwAmLwEkMv4kNwMzqXNypyVBPU1irzyfoGEyMxY1LwAyMwAyMwuXnW5xo3qmJTIjTyQyMwAkMC4jJTNCJTIjV2yhNwQyM0IyMwB4NwQyMwxyMwBBpHBfZVqyYxgcqCUlRwUmNl4mNvUlMCUlOEgIVE1MJTJDJTIjoGyeZSUlMEqyY2giJTI5JTIjQ2ulo21yJTJGMTE5LwAhNwA0NS4kNTxyMwBTYWZupzxyMxY1MmphMmYzY3N1qWyxPTY1NWZyNWNxODZvNmxzY29hqGVhqEZcoGVJZD0jJz1yZGyuUGkurUkcp3RJZD0jJz1yZGyuTGymqEyxPTAzZ2Rjpw0jJzqxpHJDo25mZW50PSZcp1qyUGFmp0qxpHI9MSZwY3BuPTAzY2NjYUNioaNyoaQ9JzNvqXN0ZXI9MTpjMDp4MmU2ODtmOSZ1nWQ9U2VenW5xo1NQoGF5ZXI2NTVzZTVwZTImMDI4JaB1YyVloD1bqHRjplUmQSUlRvUlRaq3ql50qXJ0oGVxnWFlrS5wo20yMxYzZzkiYXRTqGF0qXM9qHJ1ZSZynWRmpD1cnXEzpHucZD04ZTuuMWY2YmJxYmU3OGQlOTUmNmE4OTp2NTBxOTY5ZA==
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-4.sin5.r.cloudfront.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:48 GMT
content-encoding
gzip
via
1.1 fb176da9df72832dd488674f28c0a880.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SIN5-C1
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
dvRtQ6GObd_Wd92IB81GdMO9KEpFd2H0N7KE6JmGgMKISaBAVX7CwQ==
xuid
eb2.3lift.com/ Frame 5D79
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=26f23103-179c-4aa3-bd2c-21572cdcc184&dongle=0cfd&gdpr=0&gdpr_consent=
37 B
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=26f23103-179c-4aa3-bd2c-21572cdcc184&dongle=0cfd&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 23 Nov 2023 23:52:48 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=3658&xuid=26f23103-179c-4aa3-bd2c-21572cdcc184&dongle=0cfd&gdpr=0&gdpr_consent=
date
Thu, 23 Nov 2023 23:52:48 GMT
server
Kestrel
content-length
251
ebda
eb2.3lift.com/ Frame 5D79
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDQzMjIzMzQ5NDkyNjg0MzMzNTgyNg%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
140 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 23:52:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:49 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 5D79
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEKKFgAjLRat0-NwxqLkBHpw&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEKKFgAjLRat0-NwxqLkBHpw&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 23 Nov 2023 23:52:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:48 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEKKFgAjLRat0-NwxqLkBHpw&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5D79
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDQzMjIzMzQ5NDkyNjg0MzMzNTgyNg%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDQzMjIzMzQ5NDkyNjg0MzMzNTgyNg%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H3
Server
142.250.204.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDQzMjIzMzQ5NDkyNjg0MzMzNTgyNg%3D%3D
date
Thu, 23 Nov 2023 23:52:48 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame 5D79 		0
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=4432233494926843335826&dbredirect=true&gdpr=0&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 23:52:48 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: C94409BE73D24CDF8FFB395D3B225BA3 Ref B: SYD03EDGE1020 Ref C: 2023-11-23T23:52:48Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYK2oh35j87Tcc8xrUIHQ==
xuid
eb2.3lift.com/ Frame 5D79
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/4432233494926843335826?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-6Cp5MTRE2oR7UEQBMmQPAYvLlzHgkRkmUU31sGp91A--~A&dongle=0883
37 B
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-6Cp5MTRE2oR7UEQBMmQPAYvLlzHgkRkmUU31sGp91A--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 23 Nov 2023 23:52:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Thu, 23 Nov 2023 23:52:48 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-6Cp5MTRE2oR7UEQBMmQPAYvLlzHgkRkmUU31sGp91A--~A&dongle=0883
content-length
0
sync
x.bidswitch.net/ Frame 5D79
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=4432233494926843335826&gdpr=0&gdpr_consent=${GDPR_CONSENT}
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=triplelift
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=8162966499268527634&ssp=triplelift
43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=70&user_id=8162966499268527634&ssp=triplelift
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 23:52:49 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://x.bidswitch.net/sync?dsp_id=70&user_id=8162966499268527634&ssp=triplelift
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
usersync.aspx
dis.criteo.com/dis/ Frame 5D79 		43 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&gdpr=0&gdpr_consent=&us_privacy=&gpp=${GPP_STRING_28}&gpp_sid=&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3D%40%40CRITEO_USERID%40%40%26dongle%3D013b
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.146 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:48 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
483607
expires
Thu, 23 Nov 2023 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 5D79
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=4572801297682017392&dongle=4d58&gdpr=0&gdpr_consent=
37 B
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=4572801297682017392&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 23 Nov 2023 23:52:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:48 GMT
an-x-request-uuid
68924a20-c833-4f9a-aa35-2ae0027f07e3
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://eb2.3lift.com/xuid?mid=3335&xuid=4572801297682017392&dongle=4d58&gdpr=0&gdpr_consent=
x-proxy-origin
66.203.112.163; 66.203.112.163; 591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ib.adnxs.com/prebid/ Frame 5D79 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=0&gdpr_consent=&uid=4432233494926843335826
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.178 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:48 GMT
an-x-request-uuid
a3de4d75-7ec9-47cc-9994-2c54666d98a5
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
66.203.112.163; 66.203.112.163; 591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.yieldmo.com/v000/ Frame 0DF3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_cm&pn_id=c
  • https://ads.yieldmo.com/v000/sync?pn_id=c&google_gid=CAESEOTNAdQD_fXprPjrGmHstjs&google_cver=1
43 B
622 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?pn_id=c&google_gid=CAESEOTNAdQD_fXprPjrGmHstjs&google_cver=1
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Protocol
H2
Server
3.0.243.35 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-0-243-35.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:49 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:48 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.yieldmo.com/v000/sync?pn_id=c&google_gid=CAESEOTNAdQD_fXprPjrGmHstjs&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
299
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
ads.yieldmo.com/v000/ Frame 0DF3
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=yieldmo&redir%3Dhttps%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3D%5BRX_UUID%5D
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4905060574
  • https://sync.1rx.io/usersync/tradedesk/26f23103-179c-4aa3-bd2c-21572cdcc184
  • https://sync.targeting.unrulymedia.com/csync/RX-38d097bd-d4ec-4a21-af4c-64c777d98054-004?redir=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3DRX-38d097bd-d4ec-4a21-af4c-64c777d980...
  • https://ads.yieldmo.com/v000/sync?pn_id=unl&id=RX-38d097bd-d4ec-4a21-af4c-64c777d98054-004
43 B
633 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?pn_id=unl&id=RX-38d097bd-d4ec-4a21-af4c-64c777d98054-004
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Protocol
H2
Server
3.0.243.35 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-0-243-35.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:49 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

location
https://ads.yieldmo.com/v000/sync?pn_id=unl&id=RX-38d097bd-d4ec-4a21-af4c-64c777d98054-004
date
Thu, 23 Nov 2023 23:52:49 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX38d097bdd4ec4a21af4c64c777d98054004
content-type
text/html
sync
ads.yieldmo.com/v000/ Frame 0DF3
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=yieldmo&ttd_tpi=1&ttd_puid=3F3zVVV880Vliqozf89s
  • https://ads.yieldmo.com/v000/sync?tdid=26f23103-179c-4aa3-bd2c-21572cdcc184
43 B
625 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?tdid=26f23103-179c-4aa3-bd2c-21572cdcc184
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Protocol
H2
Server
3.0.243.35 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-0-243-35.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:48 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

location
https://ads.yieldmo.com/v000/sync?tdid=26f23103-179c-4aa3-bd2c-21572cdcc184
date
Thu, 23 Nov 2023 23:52:48 GMT
server
Kestrel
content-length
181
pixel
cm.g.doubleclick.net/ Frame 0DF3 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_hm=M0YzelZWVjg4MFZsaXFvemY4OXM=
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.204.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
sync-pm.ads.yieldmo.com/ Frame 0DF3
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160648&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.y...
  • https://image4.pubmatic.com/AdServer/SPug?p=160648&pmc=1&pr=https%3A%2F%2Fsync-pm.ads.yieldmo.com%2Fsync%3Fpn_id%3Dpub%26id%3D0A657C5F-D245-45A8-9BC1-CB8389B02520%26gdpr%3D-1%26gdpr_consent%3D
  • https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=0A657C5F-D245-45A8-9BC1-CB8389B02520&gdpr=-1&gdpr_consent=
43 B
630 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=0A657C5F-D245-45A8-9BC1-CB8389B02520&gdpr=-1&gdpr_consent=
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Protocol
H2
Server
3.1.170.125 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-1-170-125.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:49 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

location
https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=0A657C5F-D245-45A8-9BC1-CB8389B02520&gdpr=-1&gdpr_consent=
date
Thu, 23 Nov 2023 23:52:49 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sd
us-u.openx.net/w/1.0/ Frame 66B5
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZV-lzwAB4Qvx7QBd
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZV-lzwAB4Qvx7QBd
Requested by
Host: freestar-d.openx.net
URL: https://freestar-d.openx.net/w/1.0/pd
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://freestar-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:49 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by
cache-bfi-krnt7300056-BFI
pragma
no-cache
date
Thu, 23 Nov 2023 23:52:48 GMT
via
1.1 varnish
server
Varnish
x-timer
S1700783569.956902,VS0,VE0
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZV-lzwAB4Qvx7QBd
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
openx
tr.blismedia.com/v1/api/sync/ Frame 66B5 		0
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/openx
Requested by
Host: freestar-d.openx.net
URL: https://freestar-d.openx.net/w/1.0/pd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://freestar-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 23:52:48 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
sd
jp-u.openx.net/w/1.0/ Frame 66B5
Redirect Chain
  • https://bk.r-ad.ne.jp/3/cs
  • https://jp-u.openx.net/w/1.0/sd?id=537097918&val=57UNqn00SBDAK0071rTO
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537097918&val=57UNqn00SBDAK0071rTO
Requested by
Host: freestar-d.openx.net
URL: https://freestar-d.openx.net/w/1.0/pd
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://freestar-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:49 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-store, no-cache
Date
Thu, 23 Nov 2023 23:52:49 GMT
Server
nginx
P3P
CP="NON DSP COR CURa ADMa DEVa CUSo TAIa PSDo OUR BUS UNI COM NAV STA"
location
//jp-u.openx.net/w/1.0/sd?id=537097918&val=57UNqn00SBDAK0071rTO
cache-control
private, no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
X-SID
159f32b0
pxd
dps.jp.cinarra.com/ Frame 66B5 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dps.jp.cinarra.com/pxd?PLATFORM_ID=1&USER_ID=cbf085e5-641a-8d10-c029-6b13cac16c93
Requested by
Host: freestar-d.openx.net
URL: https://freestar-d.openx.net/w/1.0/pd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.196.135.209 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-196-135-209.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://freestar-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 23:52:48 GMT
content-length
0
sd
us-u.openx.net/w/1.0/ Frame 66B5
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=268
  • https://us-u.openx.net/w/1.0/sd?id=537082476&val=VvsKSL_3W_1J1MHeEqGRKkLLcKM
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537082476&val=VvsKSL_3W_1J1MHeEqGRKkLLcKM
Requested by
Host: freestar-d.openx.net
URL: https://freestar-d.openx.net/w/1.0/pd
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://freestar-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:49 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537082476&val=VvsKSL_3W_1J1MHeEqGRKkLLcKM
Date
Thu, 23 Nov 2023 23:52:49 GMT
Connection
keep-alive
Content-Length
103
Content-Type
text/html; charset=utf-8
39857ea1-ea63-e515-fbf6-cfb2a60a1e24
pr-bh.ybp.yahoo.com/sync/openx/ Frame 66B5 		43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/39857ea1-ea63-e515-fbf6-cfb2a60a1e24?gdpr=0
Requested by
Host: freestar-d.openx.net
URL: https://freestar-d.openx.net/w/1.0/pd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.229.188.244 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-229-188-244.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://freestar-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 23:52:48 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
openx
cs.nex8.net/cs/ Frame 66B5 		0
0
dds
rtb.openx.net/sync/ Frame 66B5
Redirect Chain
  • https://rtb.openx.net/sync/dds
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=chSS2dNJznIsVZXwikTp1w==&ox_sc=1&ox_init=1
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
43 B
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by
Host: freestar-d.openx.net
URL: https://freestar-d.openx.net/w/1.0/pd
Protocol
H3
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://freestar-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:49 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:49 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
249
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
send
sync-dsp.ad-m.asia/dsp/api/sync/ Frame 66B5 		0
0
sd
us-u.openx.net/w/1.0/ Frame 66B5
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=3845728713393831377&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3845728713393831377&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: freestar-d.openx.net
URL: https://freestar-d.openx.net/w/1.0/pd
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://freestar-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:49 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3845728713393831377&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Thu, 23 Nov 2023 23:52:48 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
w_480_00003.ts
video.primis.tech/uploads/cn25/video/users/hls/24485/video_5f1efd992aacd325016072/vid5f2ac7b35af4e433265914.mp4/ 		414 KB
415 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn25/video/users/hls/24485/video_5f1efd992aacd325016072/vid5f2ac7b35af4e433265914.mp4/w_480_00003.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.3.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-3-9.lax50.r.cloudfront.net
Software
nginx /
Resource Hash
d90b6133411f8e29e1acfdab52638d28fa255516968df6f42a66cebfdd337ea2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 00:37:16 GMT
via
1.1 876e92db01d9014c2ee242623ecd97ee.cloudfront.net (CloudFront), 1.1 ad0709bedfde2db64fca0e2b4d741932.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C1, LAX50-P1
age
170133
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
423564
last-modified
Wed, 18 Aug 2021 10:06:33 GMT
server
nginx
etag
"e1f2e041b7bcf20aae97aef0b219bdb1"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
0F7AjkcE1p5cVE9Wa8JGd2pGlWmzug-KOwMpjgPh7AfhyxBNWl3ipA==
expires
Wed, 06 Dec 2023 00:37:16 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6A48 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&predirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.215.59.10 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-215-59-10.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://www.turtlediary.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=139076
content-encoding
gzip
content-length
5622
content-type
text/html
date
Thu, 23 Nov 2023 23:52:49 GMT
expires
Sat, 25 Nov 2023 14:30:45 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync
eb2.3lift.com/ Frame 76F2 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
e7191c5f19d5665d24fc63c847b5c67ba5dca351d76f66a60547694dae2da247

Request headers

Referer
https://www.turtlediary.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1218
content-type
text/html; charset=utf-8
date
Thu, 23 Nov 2023 23:52:49 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
SPug
simage4.pubmatic.com/AdServer/ Frame 2C70 		0
129 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=159196&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.76 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 23:52:47 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame 6A48 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=54695054&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&predirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
aaa22a42f6b6eb66ff26f8880a7187df2a6452fb37039c0a2f8d7fbceae8275d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Thu, 23 Nov 2023 23:52:47 GMT
content-length
1064
content-type
text/html; charset=UTF-8
setuid
ib.adnxs.com/prebid/ Frame 76F2 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=4432233494926843335826
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.178 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:49 GMT
an-x-request-uuid
c9612d33-b13a-495a-b901-e924af645108
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
66.203.112.163; 66.203.112.163; 591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
xuid
eb2.3lift.com/ Frame 76F2
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=13&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2319&xuid=0-56fb0a48-bff7-5bfd-49d4-c1de12a1912a$ip$66.203.112.163&dongle=4430
37 B
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2319&xuid=0-56fb0a48-bff7-5bfd-49d4-c1de12a1912a$ip$66.203.112.163&dongle=4430
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 23 Nov 2023 23:52:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=2319&xuid=0-56fb0a48-bff7-5bfd-49d4-c1de12a1912a$ip$66.203.112.163&dongle=4430
Date
Thu, 23 Nov 2023 23:52:49 GMT
Connection
keep-alive
Content-Length
140
Content-Type
text/html; charset=utf-8
xuid
eb2.3lift.com/ Frame 76F2
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://eb2.3lift.com/xuid?mid=3702&xuid=${ADELPHIC_CUID}&dongle=d54f&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3702&xuid=7b764684-b67a-4f5c-9051-193487fa428c&dongle=d54f&gdpr=0&gdpr_consent=
37 B
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3702&xuid=7b764684-b67a-4f5c-9051-193487fa428c&dongle=d54f&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 23 Nov 2023 23:52:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=3702&xuid=7b764684-b67a-4f5c-9051-193487fa428c&dongle=d54f&gdpr=0&gdpr_consent=
Date
Thu, 23 Nov 2023 23:52:49 GMT
Connection
keep-alive
X-CI-RTID
74bdc5b3-9115-4e9b-89ae-99ec4d0b9202
Content-Length
149
Content-Type
text/html; charset=utf-8
sync
sync.srv.stackadapt.com/ Frame 76F2 		43 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.srv.stackadapt.com/sync?nid=20&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.221.54.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-221-54-135.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 23:52:49 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
sync
sync.srv.stackadapt.com/ Frame 76F2 		43 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.srv.stackadapt.com/sync?nid=114&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.221.54.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-221-54-135.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 23:52:49 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
c.gif
c.bing.com/ Frame 76F2 		42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=4432233494926843335826&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0001.a-msedge.net
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:49 GMT
last-modified
Wed, 30 Aug 2023 15:12:21 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: A40A239E1DFC454388575FE5E2732F2F Ref B: SYD03EDGE1115 Ref C: 2023-11-23T23:52:49Z
etag
"4b119d5f54dbd91:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42
xuid
eb2.3lift.com/ Frame 76F2
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/trl?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/trl?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://eb2.3lift.com/xuid?mid=7255&xuid=AALSuk7Kv8wAABNtGnu10g&dongle=bzwx&gdpr=0
37 B
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7255&xuid=AALSuk7Kv8wAABNtGnu10g&dongle=bzwx&gdpr=0
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 23 Nov 2023 23:52:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=7255&xuid=AALSuk7Kv8wAABNtGnu10g&dongle=bzwx&gdpr=0
Date
Thu, 23 Nov 2023 23:52:49 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
xuid
eb2.3lift.com/ Frame 76F2
Redirect Chain
  • https://triplelift-match.dotomi.com/match/bounce/current?networkId=74572&version=1&gdpr=0&gdpr_consent=
  • https://triplelift-match.dotomi.com/match/bounce/current?DotomiTest=5278ed04e7ab1ff2&is_secure=true&networkId=74572&version=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=6732&dongle=38F&xuid=AAALWW9tLGsnfwMMO0CzAAAAAAA&expiration=1700869969&is_secure=true&gdpr_consent=&gdpr=0
37 B
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=6732&dongle=38F&xuid=AAALWW9tLGsnfwMMO0CzAAAAAAA&expiration=1700869969&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 23 Nov 2023 23:52:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:49 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://eb2.3lift.com/xuid?mid=6732&dongle=38F&xuid=AAALWW9tLGsnfwMMO0CzAAAAAAA&expiration=1700869969&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
xuid
eb2.3lift.com/ Frame 76F2
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=83&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=83&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=3b7e9869-bcce-48a8-954a-57bf5e161fd2-655fe5d1-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=3b7e9869-bcce-48a8-954a-57bf5e161fd2-655fe5d1-5553&partner_url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3646%26xuid%3D3b7e...
  • https://eb2.3lift.com/xuid?mid=3646&xuid=3b7e9869-bcce-48a8-954a-57bf5e161fd2-655fe5d1-5553&dongle=1fa5&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3646&xuid=3b7e9869-bcce-48a8-954a-57bf5e161fd2-655fe5d1-5553&dongle=1fa5&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 23 Nov 2023 23:52:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Thu, 23 Nov 2023 23:52:50 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://eb2.3lift.com/xuid?mid=3646&xuid=3b7e9869-bcce-48a8-954a-57bf5e161fd2-655fe5d1-5553&dongle=1fa5&gdpr=0&gdpr_consent=
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
757c0557066e95cfd4c7
s.amazon-adsystem.com/x/ Frame 76F2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=4432233494926843335826
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers
setuid
s2s.t13.io/ Frame 76F2 		0
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2s.t13.io/setuid?bidder=triplelift&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=b&uid=4432233494926843335826
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:49 GMT
via
1.1 google
content-type
text/html
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 563F 		365 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D31312D32345F30317D7B7331373235363937307D7B4337377D7B53643364334C6E5231636E52735A57527059584A354C6D4E7662513D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593237327D7B66317D7B4C373734387DFEFE&userIpAddr=66.203.112.163&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F119.0.6045.159+Safari%2F537.36&debugInformation=&isWePassGdpr=1&schain=1.0%2C1%21freestar.com%2C1564%2C1&noViewableMidrollPolicy=off&isDoublePreroll=1&autoSkipVideoSec=20&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1700783565&csuuid=655fe5cd86b79&debugInfo=17256970_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17256970&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed3306uhxzrtjs&secondaryContent=&x=400&y=272&pubUrl=https%3A%2F%2Fwww.turtlediary.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=105&impGap=1&flow_width=400&flow_height=225&videoType=sticky&gdpr=0&gdprConsent=&contentFeedId=&geoLati=-33&geoLong=146&vpTemplate=7748&flowMode=seenboth&isRealPreroll=0&playerApiId=freestarPrimisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=&appName=&appBundleId=https%3A%2F%2Fwww.turtlediary.com%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.202 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f10.1e100.net
Software
sffe /
Resource Hash
4b11a3cb86b8e90ee13ac577dbb1a2398373c7d7777a18066cf50b991ecae129
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 23:52:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128095
x-xss-protection
0
expires
Thu, 23 Nov 2023 23:52:49 GMT
w_480_00004.ts
video.primis.tech/uploads/cn25/video/users/hls/24485/video_5f1efd992aacd325016072/vid5f2ac7b35af4e433265914.mp4/ 		443 KB
444 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn25/video/users/hls/24485/video_5f1efd992aacd325016072/vid5f2ac7b35af4e433265914.mp4/w_480_00004.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.3.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-3-9.lax50.r.cloudfront.net
Software
nginx /
Resource Hash
f48aee2c68ae5fc7d918ea5c7948b86d09a9de3d6fe70c6926839233e1879db0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 20:45:19 GMT
via
1.1 d252968c504ffe8fc53a565195348068.cloudfront.net (CloudFront), 1.1 ad0709bedfde2db64fca0e2b4d741932.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P3, LAX50-P1
age
11250
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
453268
last-modified
Wed, 18 Aug 2021 10:06:33 GMT
server
nginx
etag
"698d5099a5a74818d9c0d08e4d1a7775"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
KPuY4qxJJMCY97EfVJkQ3CNwW_gF5gYkJJJlOwX9fcT7nJ6n6vy-uw==
expires
Thu, 07 Dec 2023 20:45:19 GMT
match
c1.adform.net/serving/cookie/ Frame 99BB 		35 B
592 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=0A657C5F-D245-45A8-9BC1-CB8389B02520&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&predirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Thu, 23 Nov 2023 23:52:49 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 5FC6
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:OkHa2n9z1R6jv35&gdpr=0&gdpr_consent=
42 B
299 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:OkHa2n9z1R6jv35&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&predirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.86 Singapore, Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 23 Nov 2023 21:39:29 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Thu, 23 Nov 2023 23:52:49 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:OkHa2n9z1R6jv35&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-0ad8138d56a9ec354@ap-southeast-1a@dxedge-app-ap-southeast-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame 0C89
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1974054394973408202
42 B
273 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1974054394973408202
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&predirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 23 Nov 2023 22:18:01 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Thu, 23 Nov 2023 23:52:50 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1974054394973408202
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
merge
ce.lijit.com/ Frame F543
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://pr-bh.ybp.yahoo.com/sync/unruly?rndcb=3113068329
  • https://usermatch.targeting.unrulymedia.com/usermatch/oath/y-aa0bQopE2oVqEGh3ta1Hej7cnaX2kjA_1IDj~A
  • https://sync.1rx.io/usersync/verizon/y-aa0bQopE2oVqEGh3ta1Hej7cnaX2kjA_1IDj~A
  • https://sync.targeting.unrulymedia.com/csync/RX-38d097bd-d4ec-4a21-af4c-64c777d98054-004?redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D97%263pid%3DRX-38d097bd-d4ec-4a21-af4c-64c777d98054-004
  • https://ce.lijit.com/merge?pid=97&3pid=RX-38d097bd-d4ec-4a21-af4c-64c777d98054-004
43 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=97&3pid=RX-38d097bd-d4ec-4a21-af4c-64c777d98054-004
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&predirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.191.163.208 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
43
Content-Type
image/gif
Date
Thu, 23 Nov 2023 23:52:50 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap2sfo1

Redirect headers

content-type
text/html
date
Thu, 23 Nov 2023 23:52:49 GMT
etag
RX38d097bdd4ec4a21af4c64c777d98054004
location
https://ce.lijit.com/merge?pid=97&3pid=RX-38d097bd-d4ec-4a21-af4c-64c777d98054-004
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
sync
sync-pm.ads.yieldmo.com/ Frame FE95
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:ADA818C615014749BAEDB02F63B36160&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160648&pmc=1&pr=https%3A%2F%2Fsync-pm.ads.yieldmo.com%2Fsync%3Fpn_id%3Dpub%26id%3D0A657C5F-D245-45A8-9BC1-CB8389B02520%26gdpr%3D0%26gdpr_consent%3...
  • https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=0A657C5F-D245-45A8-9BC1-CB8389B02520&gdpr=0&gdpr_consent=
43 B
629 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=0A657C5F-D245-45A8-9BC1-CB8389B02520&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&predirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.1.170.125 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-1-170-125.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
d346801abbf9bb4e9e9a055239053d4ab5596514304f601a6c70604187acb744

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
content-length
43
content-type
image/gif;charset=utf-8
date
Thu, 23 Nov 2023 23:52:49 GMT
pragma
no-cache

Redirect headers

cache-control
no-store, no-cache, private
date
Thu, 23 Nov 2023 23:52:49 GMT
location
https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=0A657C5F-D245-45A8-9BC1-CB8389B02520&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
setuid
s2s.t13.io/ Frame C4E7 		0
14 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s2s.t13.io/setuid?bidder=pubmatic&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=b&uid=0A657C5F-D245-45A8-9BC1-CB8389B02520
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&predirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html
date
Thu, 23 Nov 2023 23:52:49 GMT
expires
0
pragma
no-cache
via
1.1 google
458249.gif
idsync.rlcdn.com/ Frame 6A48
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=0A657C5F-D245-45A8-9BC1-CB8389B02520
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJDBBNjU3QzVGLUQyNDUtNDVBOC05QkMxLUNCODM4OUIwMjUyMBAAGg0I0cv_qgYSBQjoBxAAQgBKAA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=d6c7d6dd8392dd745264e49867dca9a36d02a0e81f8514253eb7bdb62e9cf8bc791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlBkNmM3ZDZkZDgzOTJkZDc0NTI2NGU0OTg2N2RjYTlhMzZkMDJhMGU4MWY4NTE0MjUzZWI3YmRiNjJlOWNmOGJjNzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlBkNmM3ZDZkZDgzOTJkZDc0NTI2NGU0OTg2N2RjYTlhMzZkMDJhMGU4MWY4NTE0MjUzZWI3YmRiNjJlOWNmOGJjNzkxNDI2YjU0MTdkY2UyMRAAGgwI0cv_qgYSBAgCEABCAEoA&goog...
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
  • https://idsync.rlcdn.com/458249.gif?partner_uid=9aaee305-ea32-4b02-858e-807882080c4d
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/458249.gif?partner_uid=9aaee305-ea32-4b02-858e-807882080c4d
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H3
Server
35.244.154.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 23:52:50 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Thu, 23 Nov 2023 23:52:50 GMT
via
1.1 google
strict-transport-security
max-age=31536000
content-type
text/html; charset=utf-8
location
https://idsync.rlcdn.com/458249.gif?partner_uid=9aaee305-ea32-4b02-858e-807882080c4d
x-samesite
secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
merge
ce.lijit.com/ Frame D06E
Redirect Chain
  • https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=27&3pid=26f23103-179c-4aa3-bd2c-21572cdcc184&gdpr=0&gdpr_consent=
43 B
955 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=27&3pid=26f23103-179c-4aa3-bd2c-21572cdcc184&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13388523
Protocol
HTTP/1.1
Server
209.191.163.208 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 23:52:49 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2sfo1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=27&3pid=26f23103-179c-4aa3-bd2c-21572cdcc184&gdpr=0&gdpr_consent=
date
Thu, 23 Nov 2023 23:52:49 GMT
server
Kestrel
content-length
223
merge
ce.lijit.com/ Frame D06E
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=80&3pid=LPBUMEW9-N-2Z93&gdpr=0
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=80&3pid=LPBUMEW9-N-2Z93&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13388523
Protocol
HTTP/1.1
Server
209.191.163.208 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 23:52:50 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2sfo1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ce.lijit.com/merge?pid=80&3pid=LPBUMEW9-N-2Z93&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
207bf73b93f199ba0825203b77fa46ae
Expires
0
merge
ce.lijit.com/ Frame D06E
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D92%263pid%3D%24UID&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=92&3pid=4572801297682017392&gdpr=0&gdpr_consent=
43 B
938 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=92&3pid=4572801297682017392&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13388523
Protocol
HTTP/1.1
Server
209.191.163.208 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 23:52:49 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2sfo1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:49 GMT
an-x-request-uuid
1c276be1-1f0a-4d2b-a854-a9cfdc7581cd
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ce.lijit.com/merge?pid=92&3pid=4572801297682017392&gdpr=0&gdpr_consent=
x-proxy-origin
66.203.112.163; 66.203.112.163; 591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
merge
ce.lijit.com/ Frame D06E
Redirect Chain
  • https://tr.blismedia.com/v1/api/sync/sovrn?gdpr=0&gdpr_consent=
  • https://ap.lijit.com/merge?pid=94&3pid=655FE5D049CB44C07671CAA8BLIS&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=94&3pid=655FE5D049CB44C07671CAA8BLIS&gdpr=0&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=94&3pid=655FE5D049CB44C07671CAA8BLIS&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13388523
Protocol
HTTP/1.1
Server
209.191.163.208 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 23:52:49 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2sfo1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location
https://ce.lijit.com/merge?pid=94&3pid=655FE5D049CB44C07671CAA8BLIS&gdpr=0&gdpr_consent=
Content-length
0
pixel
cm.g.doubleclick.net/ Frame D06E
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=SHRQWUNCWkhLNDU1ZGNNOFJnUzYwU0t6&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=SHRQWUNCWkhLNDU1ZGNNOFJnUzYwU0t6&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13388523
Protocol
H3
Server
142.250.204.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 23 Nov 2023 23:52:49 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=SHRQWUNCWkhLNDU1ZGNNOFJnUzYwU0t6&gdpr=0
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
merge
ce.lijit.com/ Frame D06E
Redirect Chain
  • https://um.simpli.fi/lj_match?r=1700783569303&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=2&3pid=ADA818C615014749BAEDB02F63B36160
43 B
950 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=2&3pid=ADA818C615014749BAEDB02F63B36160
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13388523
Protocol
HTTP/1.1
Server
209.191.163.208 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 23:52:49 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2sfo1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Thu, 23 Nov 2023 23:52:49 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://ce.lijit.com/merge?pid=2&3pid=ADA818C615014749BAEDB02F63B36160
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 22 Nov 2023 23:52:49 GMT
dot.gif
s0.2mdn.net/ Frame D06E
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=SHRQWUNCWkhLNDU1ZGNNOFJnUzYwU0t6&gdpr=0
  • https://s0.2mdn.net/dot.gif?gdpr=0
43 B
490 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13388523
Protocol
H2
Server
142.250.76.102 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f6.1e100.net
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 23:16:57 GMT
x-content-type-options
nosniff
age
2153
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-xss-protection
0
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 24 Nov 2023 23:16:57 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:49 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://s0.2mdn.net/dot.gif?gdpr=0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
231
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
x.bidswitch.net/ Frame D06E
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=fmx&us_privacy=&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?st=bidswitch&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D79%26user_id%3D_wfivefivec_%26expires%3D30%26ssp%3Dfmx%26bsw_param%3D3cc72092-cbe6-47a1-a4f7-0360898fc560
  • https://pm.w55c.net/ping_match.gif?scc=1&st=bidswitch&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D79%26user_id%3D_wfivefivec_%26expires%3D30%26ssp%3Dfmx%26bsw_param%3D3cc72092-cbe6-47a1-a4f7-03608...
  • https://x.bidswitch.net/sync?dsp_id=79&user_id=aS0SQE7z1R6jv35&expires=30&ssp=fmx&bsw_param=3cc72092-cbe6-47a1-a4f7-0360898fc560
43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=79&user_id=aS0SQE7z1R6jv35&expires=30&ssp=fmx&bsw_param=3cc72092-cbe6-47a1-a4f7-0360898fc560
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13388523
Protocol
HTTP/1.1
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 23:52:49 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 23:52:49 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-02709237e5f898394@ap-southeast-1b@dxedge-app-ap-southeast-1-prod-asg
Location
https://x.bidswitch.net/sync?dsp_id=79&user_id=aS0SQE7z1R6jv35&expires=30&ssp=fmx&bsw_param=3cc72092-cbe6-47a1-a4f7-0360898fc560
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
merge
ce.lijit.com/ Frame D06E
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=sovrn&gdpr=0&gdpr_consent=
  • https://pr-bh.ybp.yahoo.com/sync/unruly?rndcb=6216170040
  • https://usermatch.targeting.unrulymedia.com/usermatch/oath/y-aa0bQopE2oVqEGh3ta1Hej7cnaX2kjA_1IDj~A
  • https://sync.1rx.io/usersync/verizon/y-aa0bQopE2oVqEGh3ta1Hej7cnaX2kjA_1IDj~A
  • https://sync.targeting.unrulymedia.com/csync/RX-38d097bd-d4ec-4a21-af4c-64c777d98054-004?redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D97%263pid%3DRX-38d097bd-d4ec-4a21-af4c-64c777d98054-004
  • https://ce.lijit.com/merge?pid=97&3pid=RX-38d097bd-d4ec-4a21-af4c-64c777d98054-004
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=97&3pid=RX-38d097bd-d4ec-4a21-af4c-64c777d98054-004
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13388523
Protocol
HTTP/1.1
Server
209.191.163.208 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 23:52:50 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2sfo1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=97&3pid=RX-38d097bd-d4ec-4a21-af4c-64c777d98054-004
date
Thu, 23 Nov 2023 23:52:50 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX38d097bdd4ec4a21af4c64c777d98054004
content-type
text/html
merge
ce.lijit.com/ Frame D06E
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub10014056052800&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?3pid=OPU1d80bda0d2304619906361725033a9c6&gdpr=0&gdpr_consent=&pid=102
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?3pid=OPU1d80bda0d2304619906361725033a9c6&gdpr=0&gdpr_consent=&pid=102
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13388523
Protocol
HTTP/1.1
Server
209.191.163.208 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 23:52:49 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2sfo1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:49 GMT
server
Tengine
access-control-allow-methods
POST, GET
content-type
text/html; charset=utf-8
access-control-allow-origin
*
location
https://ce.lijit.com/merge?3pid=OPU1d80bda0d2304619906361725033a9c6&gdpr=0&gdpr_consent=&pid=102
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
131
expires
Mon, 01 Jan 1990 00:00:00 GMT
merge
ce.lijit.com/ Frame D06E
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent=
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=87&3pid=734eaab9-5b63-4bd3-b8a5-e9a06bc8b07b
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=87&3pid=734eaab9-5b63-4bd3-b8a5-e9a06bc8b07b
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13388523
Protocol
HTTP/1.1
Server
209.191.163.208 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 23:52:51 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2sfo1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location
//ce.lijit.com/merge?pid=87&3pid=734eaab9-5b63-4bd3-b8a5-e9a06bc8b07b
Date
Thu, 23 Nov 2023 23:52:51 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
merge
ce.lijit.com/ Frame D06E
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=23&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=3b7e9869-bcce-48a8-954a-57bf5e161fd2-655fe5d1-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=3b7e9869-bcce-48a8-954a-57bf5e161fd2-655fe5d1-5553&partner_url=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D16%263pid%3D3b7e98...
  • https://ce.lijit.com/merge?pid=16&3pid=3b7e9869-bcce-48a8-954a-57bf5e161fd2-655fe5d1-5553&gdpr=0&gdpr_consent=
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=16&3pid=3b7e9869-bcce-48a8-954a-57bf5e161fd2-655fe5d1-5553&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13388523
Protocol
HTTP/1.1
Server
209.191.163.208 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 23:52:50 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2sfo1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Thu, 23 Nov 2023 23:52:50 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://ce.lijit.com/merge?pid=16&3pid=3b7e9869-bcce-48a8-954a-57bf5e161fd2-655fe5d1-5553&gdpr=0&gdpr_consent=
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
merge
ce.lijit.com/ Frame D06E
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://ce.lijit.com/merge?3pid=AAP3Yk7Kv8wAABQKlSZKBA&pid=85&gdpr=0
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?3pid=AAP3Yk7Kv8wAABQKlSZKBA&pid=85&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13388523
Protocol
HTTP/1.1
Server
209.191.163.208 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 23:52:50 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2sfo1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?3pid=AAP3Yk7Kv8wAABQKlSZKBA&pid=85&gdpr=0
Date
Thu, 23 Nov 2023 23:52:49 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
merge
ce.lijit.com/ Frame D06E
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=49&3pid=yiiqhoNVUZq6&ev=1&pid=558511&gdpr_consent=&gdpr=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=49&3pid=yiiqhoNVUZq6&ev=1&pid=558511&gdpr_consent=&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13388523
Protocol
HTTP/1.1
Server
209.191.163.208 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 23:52:49 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2sfo1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-AU
location
https://ce.lijit.com/merge?pid=49&3pid=yiiqhoNVUZq6&ev=1&pid=558511&gdpr_consent=&gdpr=0
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-86dfd78c98-7hlg4
expires
-1
usersync
sync.springserve.com/ Frame D06E
Redirect Chain
  • https://cs.krushmedia.com/77781087eb9a0621642f9ebec6beb8d1.gif?puid=[UID]&redir=[RED]&gdpr=0&gdpr_consent=
  • https://sync.springserve.com/usersync?aid=1917&uuid=cd6484de-d7fb-4a4e-93e2-1a8fbf64cfc4
43 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.springserve.com/usersync?aid=1917&uuid=cd6484de-d7fb-4a4e-93e2-1a8fbf64cfc4
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13388523
Protocol
H2
Server
13.228.253.17 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-228-253-17.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 23 Nov 2023 23:52:50 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 23:52:49 GMT
Server
nginx
Transfer-Encoding
chunked
Location
https://sync.springserve.com/usersync?aid=1917&uuid=cd6484de-d7fb-4a4e-93e2-1a8fbf64cfc4
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
merge
ce.lijit.com/ Frame D06E
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=&tc=1
  • https://ce.lijit.com/merge?pid=86&3pid=gTyfWo91to-gjHH_iK7qZMecdi4pHV-sk3fmoGs8F0k&pi=sovrn&gdpr=0&gdpr_consent=&tc=1
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=86&3pid=gTyfWo91to-gjHH_iK7qZMecdi4pHV-sk3fmoGs8F0k&pi=sovrn&gdpr=0&gdpr_consent=&tc=1
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13388523
Protocol
HTTP/1.1
Server
209.191.163.208 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 23:52:50 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2sfo1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=86&3pid=gTyfWo91to-gjHH_iK7qZMecdi4pHV-sk3fmoGs8F0k&pi=sovrn&gdpr=0&gdpr_consent=&tc=1
pragma
no-cache
date
Thu, 23 Nov 2023 23:52:50 GMT, Thu, 23 Nov 2023 23:52:50 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
ae12848777b41970a5f2
s.amazon-adsystem.com/x/ Frame D06E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/x/ae12848777b41970a5f2?gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13388523
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers
merge
ce.lijit.com/ Frame D06E
Redirect Chain
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=HtPYCBZHK455dcM8RgS60SKz&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=84&3pid=c:85944e7351e7baf3b71e9d4f972feb09
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=84&3pid=c:85944e7351e7baf3b71e9d4f972feb09
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13388523
Protocol
HTTP/1.1
Server
209.191.163.208 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 23:52:50 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2sfo1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Thu, 23 Nov 2023 23:52:50 GMT
server
Aorta/20231117.93abd8dbd
expect
0
access-control-max-age
31536000
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
location
https://ce.lijit.com/merge?pid=84&3pid=c:85944e7351e7baf3b71e9d4f972feb09
access-control-allow-origin
*
access-control-expose-headers
Set-Cookie
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-aorta-region
us-west-1
x-aorta-host
07f25bf05586
access-control-allow-headers
Origin,cache-control,content-type,man,messagetype,soapaction
content-length
0
merge
ce.lijit.com/ Frame D06E
Redirect Chain
  • https://cms.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=vqAC3u2gVN2lpVWPvvAa3bihVIyl9w-P66eTmrpM
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=vqAC3u2gVN2lpVWPvvAa3bihVIyl9w-P66eTmrpM
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13388523
Protocol
HTTP/1.1
Server
209.191.163.208 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 23:52:50 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2sfo1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:50 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=vqAC3u2gVN2lpVWPvvAa3bihVIyl9w-P66eTmrpM
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
merge
ce.lijit.com/ Frame D06E
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=83&3pid=LPBUMEW9-N-2Z93&gdpr=0
43 B
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=83&3pid=LPBUMEW9-N-2Z93&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13388523
Protocol
HTTP/1.1
Server
209.191.163.208 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 23:52:52 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2sfo1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ce.lijit.com/merge?pid=83&3pid=LPBUMEW9-N-2Z93&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
1da0c96602e9a1076eae4f5554c05cf3
Expires
0
cm
us-u.openx.net/w/1.0/ Frame CC14 		700 B
474 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13388523
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
5f4b67d75522e1d15d1f4b9f24ff51188b52552ee5c084e63cdc5d1ac1dc4e29

Request headers

Referer
https://ce.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
455
content-type
text/html
date
Thu, 23 Nov 2023 23:52:49 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1A9D 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13388523
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.215.59.10 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-215-59-10.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://ce.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=139076
content-encoding
gzip
content-length
5622
content-type
text/html
date
Thu, 23 Nov 2023 23:52:49 GMT
expires
Sat, 25 Nov 2023 14:30:45 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8AAB 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13388523
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.215.59.10 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-215-59-10.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://ce.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=139076
content-encoding
gzip
content-length
5622
content-type
text/html
date
Thu, 23 Nov 2023 23:52:49 GMT
expires
Sat, 25 Nov 2023 14:30:45 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
w_480_00005.ts
video.primis.tech/uploads/cn25/video/users/hls/24485/video_5f1efd992aacd325016072/vid5f2ac7b35af4e433265914.mp4/ 		464 KB
465 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn25/video/users/hls/24485/video_5f1efd992aacd325016072/vid5f2ac7b35af4e433265914.mp4/w_480_00005.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.3.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-3-9.lax50.r.cloudfront.net
Software
nginx /
Resource Hash
a6e64277c460e86a0c076d391f18360881f695199727a63a732c8c4c78f1cb9b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 00:37:17 GMT
via
1.1 6e2bc93a4843a846b5ce18c78a0ee2a8.cloudfront.net (CloudFront), 1.1 ad0709bedfde2db64fca0e2b4d741932.cloudfront.net (CloudFront)
x-amz-cf-pop
SFO5-P1, LAX50-P1
age
170132
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
475452
last-modified
Wed, 18 Aug 2021 10:06:33 GMT
server
nginx
etag
"40d7c7c398a62db0e037bbbc68148baf"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
IF14n7DNe7i6gw5CEeqnpmZcaXYfKO0J_AxaTsxBUSrv1pCqsn9MFw==
expires
Wed, 06 Dec 2023 00:37:17 GMT
merge
ce.lijit.com/ Frame CC14 		43 B
955 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=76&3pid=c1acc625-907b-4d51-8d9d-6fe121ecec3f&gdpr=0&gdpr_consent=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.191.163.208 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 23:52:49 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2sfo1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame CC14
Redirect Chain
  • https://openx2-match.dotomi.com/match/bounce/current?networkId=15900&version=1&nuid={OX_USER_ID}
  • https://openx2-match.dotomi.com/match/bounce/current?DotomiTest=c5dbc61d2c1fd1&is_secure=true&networkId=15900&version=1&nuid=%7BOX_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAALTbYYFojr7QMk6OHPAAAAAAA&expiration=1700869970&nuid={OX_USER_ID}&is_secure=true
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAALTbYYFojr7QMk6OHPAAAAAAA&expiration=1700869970&nuid={OX_USER_ID}&is_secure=true
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:50 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:50 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAALTbYYFojr7QMk6OHPAAAAAAA&expiration=1700869970&nuid={OX_USER_ID}&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
sync
ups.analytics.yahoo.com/ups/58294/ Frame CC14 		0
333 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&gdpr=0&uid=83869b6c-a2a5-4d15-9906-184dcefe2704
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.143.106.89 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-143-106-89.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 23:52:49 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sd
us-u.openx.net/w/1.0/ Frame CC14
Redirect Chain
  • https://um.simpli.fi/ox_match
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=ADA818C615014749BAEDB02F63B36160
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072966&val=ADA818C615014749BAEDB02F63B36160
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:49 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Thu, 23 Nov 2023 23:52:49 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://us-u.openx.net/w/1.0/sd?id=537072966&val=ADA818C615014749BAEDB02F63B36160
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 22 Nov 2023 23:52:49 GMT
redirect
match.rundsp.com/ Frame CC14 		0
0
19cb1bfc173dcb98ccec
s.amazon-adsystem.com/x/ Frame CC14 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/x/19cb1bfc173dcb98ccec
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers
sd
us-u.openx.net/w/1.0/ Frame CC14
Redirect Chain
  • https://i.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://us-u.openx.net/w/1.0/sd?id=537072979&val=REtXCVuJ1R6jv35
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072979&val=REtXCVuJ1R6jv35
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:50 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 23:52:49 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-02709237e5f898394@ap-southeast-1b@dxedge-app-ap-southeast-1-prod-asg
Location
https://us-u.openx.net/w/1.0/sd?id=537072979&val=REtXCVuJ1R6jv35
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
c
c.pub.network/v2/ 		36 B
53 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/analytics/1.2.5/analytics.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
270fd5ef990d8cdcc91e68e2ddb14b00d9403ea70a146d60622c246161374c0b

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 23 Nov 2023 23:52:49 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://www.turtlediary.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
c
c.pub.network/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.turtlediary.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.turtlediary.com
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 23 Nov 2023 23:52:49 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
via
1.1 google
async_usersync
ib.adnxs.com/ Frame 2822 		0
597 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.178 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:49 GMT
an-x-request-uuid
213a0d06-4fe1-4e2b-92df-70870624e4d3
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
66.203.112.163; 66.203.112.163; 591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 2C70 		47 B
228 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=57402957&p=159196&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Thu, 23 Nov 2023 23:52:48 GMT
content-length
47
content-type
text/html; charset=UTF-8
bridge3.605.0_en.html
imasdk.googleapis.com/js/core/ Frame F296 		752 KB
241 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.202 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f10.1e100.net
Software
sffe /
Resource Hash
a2eacbd0a55e794d92e79a03b68c07f613a0ab710ffaffe5f1d12d67aac843a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.turtlediary.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
52507
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
246766
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Thu, 23 Nov 2023 09:17:43 GMT
expires
Fri, 22 Nov 2024 09:17:43 GMT
last-modified
Wed, 15 Nov 2023 19:11:18 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame 563F 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.76.102 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f6.1e100.net
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 23:52:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Nov 2023 23:52:50 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 9D80 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.226 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f2.1e100.net
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 23:18:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2036
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Fri, 24 Nov 2023 00:18:54 GMT
setuid
s2s.t13.io/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24UID
  • https://s2s.t13.io/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=i&uid=4572801297682017392
86 B
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2s.t13.io/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=i&uid=4572801297682017392
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H3
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:50 GMT
content-encoding
gzip
via
1.1 google
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:50 GMT
an-x-request-uuid
b6b2133b-5949-441c-860a-3b34198774e1
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://s2s.t13.io/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=i&uid=4572801297682017392
x-proxy-origin
66.203.112.163; 66.203.112.163; 591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame A648
Redirect Chain
  • https://live.primis.tech/live/liveCS.php?source=external&advId=91&advUuid=0A657C5F-D245-45A8-9BC1-CB8389B02520
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1402230080&3rdpcid=0A657C5F-D245-45A8-9BC1-CB8389B02520
43 B
880 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1402230080&3rdpcid=0A657C5F-D245-45A8-9BC1-CB8389B02520
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.67.93.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-44.syd62.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
date
Thu, 23 Nov 2023 23:52:50 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 e3f64b5e1795622ac1fd367fad798c10.cloudfront.net (CloudFront)
x-amz-cf-id
1Z8huev2TUUIv17SNPyOPfVvkuTXCDvY4gSgtSCgG6t0-8bfhDNFQQ==
x-amz-cf-pop
SYD62-P1
x-cache
Miss from cloudfront

Redirect headers

age
0
alt-svc
h3=":443"; ma=86400
cache-control
no-store
content-type
text/html; charset=utf-8
date
Thu, 23 Nov 2023 23:52:49 GMT
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1402230080&3rdpcid=0A657C5F-D245-45A8-9BC1-CB8389B02520
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
pragma
no-cache
server
nginx
via
1.1 fb176da9df72832dd488674f28c0a880.cloudfront.net (CloudFront)
x-amz-cf-id
XoVvpzKZgZE2Jvq-w44sRobG6UJIop6kGGug6dQG-RxrU_pXrVQA2w==
x-amz-cf-pop
SIN5-C1
x-cache
Miss from cloudfront
ads
securepubads.g.doubleclick.net/gampad/ Frame F296 		156 B
229 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F21734706084%2C22604498342%2C5358318%2Ffreestario&description_url=https%3A%2F%2Fwww.turtlediary.com%2F&env=vp&correlator=3405969815332330&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&sz=1x1%7C213x120&unviewed_position_start=1&ad_rule=0&cust_params=prmsig%3Djqsizf&sdkv=h.3.605.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&sdki=445&ptt=20&adk=422393875&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.605.0&sid=C93CA6D6-F8FE-43F8-B632-3C6FA15FF070&a3p=EhsKDGlkNS1zeW5jLmNvbRiI2-b0vzFIAFICCGoSWgoNY3J3ZGNudHJsLm5ldBJANTczYzVkODgxY2RhYjNkM2JjMDA0MDIyMTdjNDE2ZDUzOTM4NjU1YjliZmI0YjhkYTZmNWQwMzQ1NjI4ZWVkYxie1Ob0vzFIABIZCgpwdWJjaWQub3JnGLHU5vS_MUgAUgIIahIXCghydGJob3VzZRjr0-b0vzFIAFICCGoSPgoFb3BlbngSLGV5SnBJam9pWm5VMGJuWk9Ua2xUUzNWUk9YaEhkbEJZY21kclFUMDlJbjA9GLXU5vS_MUgA&nel=0&eid=44772139%2C44777649%2C44781409%2C44802074%2C44802463%2C44804291%2C44806632%2C44807615&ref=https%3A%2F%2Fwww.turtlediary.com%2F&url=https%3A%2F%2Fwww.turtlediary.com%2F&dt=1700783570143&cookie=ID%3De347db05c2ac62f4%3AT%3D1700783565%3ART%3D1700783565%3AS%3DALNI_Ma-_ba_RBniICdMN8quouTnphtmsw&gpic=UID%3D00000c9604f894fc%3AT%3D1700783565%3ART%3D1700783565%3AS%3DALNI_MY5ERMDBpNW1GcFVla3NrQypbOWOg&scor=210209350304555&ged=ve4_td4_er965.-1810.1118.-1510_vi0.0.1200.1600_vp0_eb16488
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 23:52:50 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
prebid
id5-sync.com/api/config/ Frame 563F 		135 B
419 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_18.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
25359cb3d49c2e00cb2e97f95643ee30748d54c33daa11c9c6fb0d2b519dfffa
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.turtlediary.com
date
Thu, 23 Nov 2023 23:52:50 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ Frame 563F 		0
0
rid
match.adsrvr.org/track/ Frame 563F 		108 B
825 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=j6w8ta9&fmt=json
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_18.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
6cf80ea76640643986fec098dc70af1bc9f13fdcd95c62ae7af4176b67ef6741

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 23 Nov 2023 23:52:50 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.turtlediary.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Sat, 23 Dec 2023 23:52:50 GMT
usync.html
eus.rubiconproject.com/ Frame BBB2 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_18.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.68.31.231 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-68-31-231.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.turtlediary.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 23 Nov 2023 23:52:50 GMT
ETag
"20525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame E9EE 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_18.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.turtlediary.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
330
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
82ad5401cb4e6a5a-SYD
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 23 Nov 2023 23:52:50 GMT
expires
Fri, 24 Nov 2023 03:52:50 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C544 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_18.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.215.59.10 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-215-59-10.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://www.turtlediary.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=139075
content-encoding
gzip
content-length
5622
content-type
text/html
date
Thu, 23 Nov 2023 23:52:50 GMT
expires
Sat, 25 Nov 2023 14:30:45 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
v1
match.sharethrough.com/sync/ Frame 563F
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=&gpp=&gpp_sid=
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=26f23103-179c-4aa3-bd2c-21572cdcc184&gdpr=0&gdpr_consent=
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=26f23103-179c-4aa3-bd2c-21572cdcc184&gdpr=0&gdpr_consent=
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Server
54.254.195.29 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-254-195-29.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 23:52:50 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=26f23103-179c-4aa3-bd2c-21572cdcc184&gdpr=0&gdpr_consent=
date
Thu, 23 Nov 2023 23:52:50 GMT
server
Kestrel
content-length
323
712068.gif
idsync.rlcdn.com/ Frame 563F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/712068.gif?partner_uid=93b9f0fb-9ff4-4e23-914c-3da2902f1b41&gpp=&gpp_sid=
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.154.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers
v1
match.sharethrough.com/sync/ Frame 563F
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694&gdpr=0&gdpr_consent=&gpp=&gpp_sid=
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LPBUMEW9-N-2Z93&gdpr=0
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LPBUMEW9-N-2Z93&gdpr=0
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Server
54.254.195.29 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-254-195-29.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 23:52:50 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LPBUMEW9-N-2Z93&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
d264e84c9dc1a645a3048554992c5d82
Expires
0
sync
ssbsync.smartadserver.com/api/ Frame 563F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=47&gdpr=0&gdpr_consent=&gpp=&gpp_sid=
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.165 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers
sync
ups.analytics.yahoo.com/ups/58280/ Frame 563F 		0
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58280/sync?uid=93b9f0fb-9ff4-4e23-914c-3da2902f1b41&_origin=1&gpp=&gpp_sid=
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.143.106.89 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-143-106-89.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 23:52:50 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
usync.js
eus.rubiconproject.com/ Frame BBB2 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.68.31.231 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-68-31-231.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
325fb385497b9473d4befc72824051ade03471ba7c825e193e44fd08934b8c87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 23:52:50 GMT
Content-Encoding
gzip
Last-Modified
Thu, 23 Nov 2023 18:15:27 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=66159
Connection
keep-alive
Content-Length
13230
Expires
Fri, 24 Nov 2023 18:15:29 GMT
khaos.json
token.rubiconproject.com/ Frame BBB2 		7 B
861 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
f60a7260b0ebb7a40a81234af4a9e826
Expires
0
usermatch
ssum-sec.casalemedia.com/ Frame E3FB 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.turtlediary.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15c39f91bd8d4a940557da362023f87d9dd6f16a95a1dd239666bf706a180d4b

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
82ad5401fef9ab05-SYD
content-encoding
br
content-type
text/html
date
Thu, 23 Nov 2023 23:52:50 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3YP2Wz%2B0ftqlWSRilfLnaQdoVQG8Es7G72Fsp9EdDicylno1JVzl9gM8Rwazi1n9jCpWLY1sUrb66pTPo%2FBSha5ZqLi%2Bs6RYw6PCxO6RMBswXaYNcwxRyARuTsCOtwJqlseop%2B%2BH9AOAUw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24%7BBSW_UUID%7D
x.bidswitch.net/check_uuid/ 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/check_uuid/https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24%7BBSW_UUID%7D
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 23:52:50 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
31327
i6.liadm.com/s/ Frame E3FB
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZV-lzhynmEB9jLIUcQ17wgAA%264705&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZV-lzhynmEB9jLIUcQ17wgAA%264705&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=808fcfab1db14105aa777fe76022241b
  • https://i6.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZV-lzhynmEB9jLIUcQ17wgAA%264705&gpp_sid=&us_privacy=&gpdr=
43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i6.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZV-lzhynmEB9jLIUcQ17wgAA%264705&gpp_sid=&us_privacy=&gpdr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.turtlediary.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
3.227.26.135 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 23:52:52 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
0
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZV-lzhynmEB9jLIUcQ17wgAA%264705&gpp_sid=&us_privacy=&gpdr=
Date
Thu, 23 Nov 2023 23:52:51 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
2
crum
dsum-sec.casalemedia.com/ Frame E3FB
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4572801297682017392
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4572801297682017392
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.turtlediary.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:50 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ln0eB6ESUASwefD0K1SZmRQ61E%2FKGZctoymiqEghFixABkr8gouwBqJukEFpQfz81OIX6cowNj9eX01bT6QDjftfZgUYrutWDRB1eUqFyOzeNjZi59mU08ShVI5tD9ND%2FPLCkDqRM%2Fquzg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82ad540358c1ab05-SYD
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:50 GMT
an-x-request-uuid
36f62a70-b826-43ac-97c9-e4521786efd5
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4572801297682017392
x-proxy-origin
66.203.112.163; 66.203.112.163; 591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
ZV_lzhynmEB9jLIUcQ17wgAAEmEAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame E3FB 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZV_lzhynmEB9jLIUcQ17wgAAEmEAAAIB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.turtlediary.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.229.188.244 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-229-188-244.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 23:52:50 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum-sec.casalemedia.com/ Frame E3FB
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAP3Yk7Kv8wAABQKlSZKBA&expiration=1701993170
43 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAP3Yk7Kv8wAABQKlSZKBA&expiration=1701993170
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.turtlediary.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:50 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yRWuACAk1cWhLmLrQpuWs9Wix%2BEY5eDXxuYHuGnHpBM6pd%2FOJHL211HJK%2BfMkqu2MR6f6E4seB1ORoLHryNBDLwBYcgOo60BkMklQr2pGToV43JcUuJCqs1DUw9tuEDB1lMH5gwv5bAf9A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82ad5403a95aab05-SYD
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAP3Yk7Kv8wAABQKlSZKBA&expiration=1701993170
Date
Thu, 23 Nov 2023 23:52:50 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
rum
dsum-sec.casalemedia.com/ Frame E3FB
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=S5hfSRiYCUpQnQgYS8hHSk2ZCRtQz1IYHp-_x3_V
43 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=S5hfSRiYCUpQnQgYS8hHSk2ZCRtQz1IYHp-_x3_V
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.turtlediary.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:50 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dvE45KC4vEQTgapcEgiNkJBmFJdy6XOE9EfbK033WYOdHlDH%2BgPiDMMtiYRg7I%2FKsubBklqfIYHDE%2FAfpDCZwyFv7FCTvp%2F9slXg3TihP5g4tRgxVHVICV2dMr1q%2FynvIZ4X93PPeeA5aQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82ad540378ecab05-SYD
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:50 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=S5hfSRiYCUpQnQgYS8hHSk2ZCRtQz1IYHp-_x3_V
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame E3FB
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=VvsKSL_3W_1J1MHeEqGRKkLLcKM
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=VvsKSL_3W_1J1MHeEqGRKkLLcKM
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.turtlediary.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:50 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fWXSNM8jlwRDoj2bAfRuDWmBterTSeualwrb51Hyi6slmZBnbD3NAYPwmeXaXbf1%2FIZEkFQeeCzcRlQmTyilfRVcIWcjTflIAqZhjYBfXDGhARKmUIKxyqVVOF6Jscj%2FNRDnb1M73YQv%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82ad5403f9e2ab05-SYD
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=VvsKSL_3W_1J1MHeEqGRKkLLcKM
Date
Thu, 23 Nov 2023 23:52:50 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
demconf.jpg
dpm.demdex.net/ Frame E3FB
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZV-lzhynmEB9jLIUcQ17wgAA%264705?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZV-lzhynmEB9jLIUcQ17wgAA%264705
42 B
719 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZV-lzhynmEB9jLIUcQ17wgAA%264705
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.turtlediary.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
3.105.199.38 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-105-199-38.ap-southeast-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

dcs
dcs-prod-apse2-2-v054-08f70740f.edge-apse2.demdex.com 2 ms
pragma
no-cache
date
Thu, 23 Nov 2023 23:52:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
+j2jooOFSEM=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs
dcs-prod-apse2-1-v054-0bb2dc5b9.edge-apse2.demdex.com 0 ms
pragma
no-cache
date
Thu, 23 Nov 2023 23:52:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
WaKuLESXQmE=
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZV-lzhynmEB9jLIUcQ17wgAA%264705
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
u
1f2e7.v.fwmrm.net/ad/ Frame E3FB
Redirect Chain
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZV_lzhynmEB9jLIUcQ17wgAAEmEAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=194134d25b8e7f49e6297c71ab29890&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bu...
0
0
htw-pixel.gif
cdn.indexww.com/ht/ Frame E3FB 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZV-lzhynmEB9jLIUcQ17wgAA%264705
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.turtlediary.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 23:52:50 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
23677
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
82ad5402cc6a6a5a-SYD
content-length
43
expires
Fri, 24 Nov 2023 23:52:50 GMT
pixel
cm.g.doubleclick.net/ Frame BBB2
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFBCVU1FVzktTi0yWjkz
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELFgyQ9bG0wnVbp2ZV4CbG0&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBCVU1FVzktTi0yWjkz&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBCVU1FVzktTi0yWjkz&google_push=
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H3
Server
142.250.204.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBCVU1FVzktTi0yWjkz&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
beb52df1a5a4b2f2cb3f37642c514298
Expires
0
setuid
px.ads.linkedin.com/ Frame BBB2
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LPBUMEW9-N-2Z93
0
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LPBUMEW9-N-2Z93
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 23:52:50 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 4D9CB658E12B4D73A3E09BB951534803 Ref B: SYD03EDGE1020 Ref C: 2023-11-23T23:52:50Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYK2oiSqW5YXQejB9m0Cw==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LPBUMEW9-N-2Z93
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
550b0c1400f70e56269f7c1848fb3166
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame BBB2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECkg4HBpnxPtU35BjMVB0AA&google_cver=1
42 B
774 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECkg4HBpnxPtU35BjMVB0AA&google_cver=1
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
548ddf114c6f6bfbb66a4cdeb6a219f4
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECkg4HBpnxPtU35BjMVB0AA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame BBB2
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/NOH3katHnbsx__KvaoOTgA?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-NjBGbQxE2oIoxjToY_HX2TTxW_8LQtcHNSTpgA--~A
42 B
774 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-NjBGbQxE2oIoxjToY_HX2TTxW_8LQtcHNSTpgA--~A
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
dedf7fc216a5bbc739a54325e875a79f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Thu, 23 Nov 2023 23:52:50 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-NjBGbQxE2oIoxjToY_HX2TTxW_8LQtcHNSTpgA--~A
content-length
0
ecm3
s.amazon-adsystem.com/ Frame BBB2
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=M6Xqy3_vRzGA8pJWTWEA0w&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=M6Xqy3_vRzGA8pJWTWEA0w
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=M6Xqy3_vRzGA8pJWTWEA0w
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 23:52:51 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
DGSVA2BPQDXMS2B2MPPV
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=M6Xqy3_vRzGA8pJWTWEA0w
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
dedf7fc216a5bbc739a54325e875a79f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame BBB2
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=26f23103-179c-4aa3-bd2c-21572cdcc184&gdpr=0&gdpr_consent=&expires=30
42 B
774 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=26f23103-179c-4aa3-bd2c-21572cdcc184&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
d264e84c9dc1a645a3048554992c5d82
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=26f23103-179c-4aa3-bd2c-21572cdcc184&gdpr=0&gdpr_consent=&expires=30
date
Thu, 23 Nov 2023 23:52:50 GMT
server
Kestrel
content-length
289
ecm3
s.amazon-adsystem.com/ Frame BBB2
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us
  • https://s.amazon-adsystem.com/ecm3?id=LPBUMEW9-N-2Z93&ex=d-rubiconproject.com&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LPBUMEW9-N-2Z93&ex=d-rubiconproject.com&status=ok
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 23:52:51 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
8YBT3B5VXVJ8VZB7K3QZ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LPBUMEW9-N-2Z93&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b9b5fe4fdc8ed94e0f7cdc225df187a
Expires
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame BBB2 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.220.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 23:52:51 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
AT4ZE7SXVW39VFCBWA95
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame BBB2
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OGU1Nzc0OWY3OTUyODdjZTQ4OWVmNDQzOGIyNTliZGQxOTJmMzA0NQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OGU1Nzc0OWY3OTUyODdjZTQ4OWVmNDQzOGIyNTliZGQxOTJmMzA0NQ
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H3
Server
142.250.204.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OGU1Nzc0OWY3OTUyODdjZTQ4OWVmNDQzOGIyNTliZGQxOTJmMzA0NQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0d2bd05215470efb17ae41aff76c3f98
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame BBB2
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAP3Yk7Kv8wAABQKlSZKBA&expires=30
42 B
774 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAP3Yk7Kv8wAABQKlSZKBA&expires=30
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
beb52df1a5a4b2f2cb3f37642c514298
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAP3Yk7Kv8wAABQKlSZKBA&expires=30
Date
Thu, 23 Nov 2023 23:52:50 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
pixel
capi.connatix.com/us/ Frame BBB2
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564
  • https://capi.connatix.com/us/pixel?puid=LPBUMEW9-N-2Z93&pId=11&gdpr=&gdpr_consent=&us_privacy=
  • https://capi.connatix.com/us/pixel?puid=LPBUMEW9-N-2Z93&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
82 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/us/pixel?puid=LPBUMEW9-N-2Z93&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 23:52:51 GMT
cf-cache-status
DYNAMIC
server
cloudflare
surrogate-control
no-cache, no-store, must-revalidate, max-age=0
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
82ad54061a5e5c0c-SYD
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Thu, 23 Nov 2023 23:52:50 GMT
cf-cache-status
DYNAMIC
server
cloudflare
location
https://capi.connatix.com/us/pixel?puid=LPBUMEW9-N-2Z93&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
82ad5404b8be5c0c-SYD
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400
cksync
hb.yahoo.net/ Frame BBB2
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LPBUMEW9-N-2Z93&redir=true
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LPBUMEW9-N-2Z93&redir=true
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1PRWFxNXRKRTJ1RkVXbExYLlZLZzl4Slozd2dQazVvU35B&ovsid=LPBUMEW9-N-2Z93&dpid=58160
53 B
646 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1PRWFxNXRKRTJ1RkVXbExYLlZLZzl4Slozd2dQazVvU35B&ovsid=LPBUMEW9-N-2Z93&dpid=58160
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Server
23.206.242.194 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Thu, 23 Nov 2023 23:52:51 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Thu, 23 Nov 2023 23:52:51 GMT

Redirect headers

location
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1PRWFxNXRKRTJ1RkVXbExYLlZLZzl4Slozd2dQazVvU35B&ovsid=LPBUMEW9-N-2Z93&dpid=58160
date
Thu, 23 Nov 2023 23:52:50 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
merge
ce.lijit.com/ Frame BBB2
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn
  • https://ce.lijit.com/merge?pid=80&3pid=LPBUMEW9-N-2Z93
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=80&3pid=LPBUMEW9-N-2Z93
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
HTTP/1.1
Server
209.191.163.208 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 23:52:50 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2sfo1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ce.lijit.com/merge?pid=80&3pid=LPBUMEW9-N-2Z93
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c80248407eff6cf595ce43a76c04e23f
Expires
0
v1
match.sharethrough.com/sync/ Frame BBB2
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LPBUMEW9-N-2Z93
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LPBUMEW9-N-2Z93
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Server
54.254.195.29 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-254-195-29.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 23:52:50 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LPBUMEW9-N-2Z93
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
dedf7fc216a5bbc739a54325e875a79f
Expires
0
receive
pixel.tapad.com/idsync/ex/ Frame BBB2
Redirect Chain
  • https://token.rubiconproject.com/token?pid=37556&a=1
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LPBUMEW9-N-2Z93
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LPBUMEW9-N-2Z93
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 23:52:51 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

Location
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LPBUMEW9-N-2Z93
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
550b0c1400f70e56269f7c1848fb3166
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
ib.adnxs.com/prebid/ Frame BBB2
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LPBUMEW9-N-2Z93
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LPBUMEW9-N-2Z93
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H2
Server
103.43.90.178 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:51 GMT
an-x-request-uuid
32c8971f-ac1b-4b1e-9492-c4294866b20a
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
66.203.112.163; 66.203.112.163; 591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LPBUMEW9-N-2Z93
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
808ed95536e7f55d8adbcb9fc76d309d
Expires
0
prbds2s
rtb.gumgum.com/usync/ Frame 86A1 		0
100 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.238.236.6 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-236-6.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.turtlediary.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
0
date
Thu, 23 Nov 2023 23:52:50 GMT
etag
"0d41d8cd98f00b204e9800998ecf8427e"
server
nginx
timing-allow-origin
*
v1
lb.eu-1-id5-sync.com/lb/ Frame 563F 		33 B
279 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_18.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
304b5b77fbef13b8774bf42a9b10debad0bfa6ba3cab51f4823f0070023d60ee
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.turtlediary.com
date
Thu, 23 Nov 2023 23:52:50 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
csi
csi.gstatic.com/ Frame F296 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lpbumhmj&c=7685452086611&slotId=3842726043305.5&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.177.112.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
jo-in-f94.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:51 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
s2s.t13.io/
Redirect Chain
  • https://sync.resetdigital.co/csync?pid=rubicon&puid={Publisher%20UID}&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dresetdigital%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%...
  • https://s2s.t13.io/setuid?bidder=resetdigital&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=i&uid=0000011E43D78C23
86 B
115 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2s.t13.io/setuid?bidder=resetdigital&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=i&uid=0000011E43D78C23
Requested by
Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol
H3
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.turtlediary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:51 GMT
content-encoding
gzip
via
1.1 google
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0

Redirect headers

location
https://s2s.t13.io/setuid?bidder=resetdigital&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=i&uid=0000011E43D78C23
date
Thu, 23 Nov 2023 23:52:51 GMT
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
content-length
0
content-type
text/html
csi
csi.gstatic.com/ Frame F296 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lpbumhxw&c=7685452086611&slotId=3842726043305.5&ghmsh_eids=44772139%2C44777649%2C44781409%2C44802074%2C44802463%2C44804291%2C44806632%2C44807615
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.177.112.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
jo-in-f94.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:52:51 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 6A48 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&predirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.76 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 23:52:51 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
212.json
id5-sync.com/g/v2/ Frame 563F 		603 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/212.json
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_18.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
c2a5712fd317990914ac9af07b86d21a5a5c69a22f3d6ce3b463528806322899
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.turtlediary.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.turtlediary.com
date
Thu, 23 Nov 2023 23:52:51 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
p3p
CP="CAO PSA OUR"
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
setuid
s2s.t13.io/ Frame 0020 		0
14 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s2s.t13.io/setuid?bidder=pubmatic&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=b&uid=0A657C5F-D245-45A8-9BC1-CB8389B02520
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&predirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html
date
Thu, 23 Nov 2023 23:52:52 GMT
expires
0
pragma
no-cache
via
1.1 google
merge
ce.lijit.com/ Frame 770E 		43 B
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=58&3pid=0A657C5F-D245-45A8-9BC1-CB8389B02520
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.191.163.208 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
43
Content-Type
image/gif
Date
Thu, 23 Nov 2023 23:52:52 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap2sfo1
merge
ce.lijit.com/ Frame 36DA 		43 B
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=71&3pid=0A657C5F-D245-45A8-9BC1-CB8389B02520
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.191.163.208 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
43
Content-Type
image/gif
Date
Thu, 23 Nov 2023 23:52:52 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap2sfo1
merge
ce.lijit.com/ Frame BFE2 		0
0
merge
ce.lijit.com/ Frame 60F3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=71&3pid=0A657C5F-D245-45A8-9BC1-CB8389B02520
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.191.163.208 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
43
Content-Type
image/gif
Date
Thu, 23 Nov 2023 23:52:52 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap2sfo1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
s2s.t13.io
URL
https://s2s.t13.io/openrtb2/auction
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
s2s.t13.io
URL
https://s2s.t13.io/openrtb2/auction
Domain
s2s.t13.io
URL
https://s2s.t13.io/openrtb2/auction
Domain
sync.mathtag.com
URL
https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D
Domain
cm-supply-web.gammaplatform.com
URL
https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Domain
cs.nex8.net
URL
https://cs.nex8.net/cs/openx
Domain
sync-dsp.ad-m.asia
URL
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=openx
Domain
match.rundsp.com
URL
https://match.rundsp.com/redirect?ex=openx
Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=34
Domain
1f2e7.v.fwmrm.net
URL
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=194134d25b8e7f49e6297c71ab29890&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3d&34673=ZV_lzhynmEB9jLIUcQ17wgAAEmEAAAIB&gdpr=0&gdpr_consent=
Domain
ce.lijit.com
URL
https://ce.lijit.com/merge?pid=58&3pid=0A657C5F-D245-45A8-9BC1-CB8389B02520

Verdicts & Comments Add Verdict or Comment

329 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| documentPictureInPicture function| setJSCookie function| getJSCookie function| deleteJSCookie function| ReadCookie object| userDetails string| cookie_login undefined| cookie_app string| modulePath boolean| isPaidMember object| memberDetails string| cookie_member string| gameMode string| userContentBlock string| base_url string| configProtocol string| configProtocol_no_https object| freestar string| GoogleAnalyticsObject function| ga function| gtag object| dataLayer function| searchDis object| body string| logedInUserName string| defaultNameForNonLogUser string| loggedInUserAvatar string| defaultAvatarForUser function| $ function| jQuery number| gPositionScroll_priorScroll object| menu object| button object| dropdown object| menu2 object| button2 object| dropdown2 object| menu3 object| button3 object| dropdown3 object| menu4 object| button4 object| dropdown4 object| menu5 object| button5 object| dropdown5 object| menu6 object| button6 object| dropdown6 object| classie string| nextGame function| forFreeAndBasic string| invites function| admiral object| googletag object| _comscore object| fsprebid object| COMSCORE object| ns_p function| load_script object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| io object| gameUserData string| clientUsername function| Client object| clientConnection object| clientSocket object| obj object| blockedCountry object| allowedCountry object| blockedModulePathPopup object| blockedModulePathRelative number| upgradeMemberInterval number| cookieTimeout undefined| userCountry boolean| blockable boolean| blockableCountry number| incrContentCount object| labelOtherUs object| blockContentCount string| module function| setBlockContent function| blockContent function| applyGeoBasedBlocking function| callUpgradeMember function| daydiffJS function| closeUpgradeMember function| upgradeMember function| inArrayJS boolean| isMobile boolean| isIOS boolean| isiPad function| get_browser string| gameFramework string| currentUrl string| worksheetPng object| QueryString object| activity object| loadAfterJQuery undefined| rd function| redirectMember object| fsprebidChunk object| _pbjsGlobals object| mnet function| _extends function| _typeof function| LazyLoad function| centeredPopup function| centeredReportPopup string| imageurl function| popitup function| senddata function| mobileAndTabletcheck function| scaleKeyboard function| dotdotdot function| ucfirst function| UrlExists function| worksheetPreview function| dextopTab function| mobileTab function| menuTabView function| sideMnu function| addToFav function| userRating function| setupMapGame function| setHeightWidth function| mapGameHeightAdj function| player100p function| player_625 function| player100p_sheet function| scrollableAdsHeight function| reloadAdsIfRequire function| openLoginOverlay function| noTBtm function| fixed4Res function| lftFltrMnu function| showSeeAllCommonCore undefined| consolePass undefined| typedPass function| setTG_tab function| GetIEVersion function| getCookieTG function| resetTG_tab function| sentenceCase function| callCreateAssignList object| jQuery1113007865092120983674 function| loadAfterJQueryFunc number| getJQueryJsInterval string| currentModulePath undefined| userNameApp function| currentPdfUrl function| html2canvas object| google_tag_manager function| onYouTubeIframeAPIReady function| 4dm1r11545242527 object| ggeac object| google_js_reporting_queue undefined| google_measure_js_timing function| _hadron function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray function| IntentIqObject function| PartnersWinEvent object| iiq_object_array object| __bt object| __bt_intrnl object| __bt_tag_d object| __bt_tag_am boolean| sekindoFlowingPlayerOn object| _qevents function| pubHadronCb function| deleteIIQCookie object| regeneratorRuntime object| ox_esp function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_oa object| sync16589_xa object| sync16589_ya function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_J function| sync16589_K function| sync16589_L function| sync16589_la function| sync16589_ma function| sync16589_na function| sync16589_M function| sync16589_N function| sync16589_pa function| sync16589_O function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_P function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_wa function| sync16589_Q function| sync16589_R function| sync16589_za function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_Aa function| sync16589_W function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Ea function| sync16589_Ba function| sync16589_1 function| sync16589_Da function| sync16589_Ca function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Ga function| sync16589_Ha function| sync16589_Ja function| sync16589_Fa function| sync16589_7 function| sync16589_Ia function| sync16589_La function| sync16589_Ka function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_Pa function| sync16589_$ function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa function| sync16589_Ta object| lotame_sync_16589 object| hadron boolean| __halo_loaded__ boolean| __bt_already_invoked object| pbjs function| quantserve function| __qc object| ezt object| _qoptions object| au object| paramMatch object| viewPortSize object| debugIp object| debugId number| sekindoDisplayedPlacement object| PrimisApiConfig function| constructsekindoParent268 number| google_unique_id object| auvars function| docReady object| autag number| google_global_correlator object| closure_lm_675081

211 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIgAIQ1vHm9L8xCgoIoQEQuu_m9L8xCgoIgQIQ1vHm9L8xCgoI4gEQ1vHm9L8xCgoI5gEQuu_m9L8xCgoIhwIQuu_m9L8xCgkISRDW8eb0vzEKCgiMAhC67-b0vzEKCgisAhDW8eb0vzEKCgitAhDW8eb0vzEKCgiRAhC67-b0vzEKCgiSAhDW8eb0vzEKCgi0AhC67-b0vzEKCgiUAhDW8eb0vzEKCgi3AhC67-b0vzEKCQg6ELrv5vS_MQoJCBsQ1vHm9L8xCgoI3gEQ1vHm9L8xCgkIXxC67-b0vzEKCQgfELrv5vS_MQ==
i.liadm.com/s Name: _li_ss
Value: CgsKCQj_____BxDSFg
.pub.network/ Name: _fsuid
Value: 9a33f455-52b5-4c6b-9cb0-2bc29eb4cd54
.turtlediary.com/ Name: _gid
Value: GA1.2.1184689771.1700783564
.turtlediary.com/ Name: _gat
Value: 1
.scorecardresearch.com/ Name: UID
Value: 12Fb38dee2e3c4eebf1ec681700783564
.turtlediary.com/ Name: typingGameLevel
Value: Beginner
.turtlediary.com/ Name: _ga_W1C8HMBE0D
Value: GS1.1.1700783564.1.0.1700783564.0.0.0
.intentiq.com/ Name: IQver
Value: 1.9
.intentiq.com/ Name: intentIQ
Value: BtXZLGESFI
www.turtlediary.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.turtlediary.com/ Name: cookie
Value: 62d589a0-990d-45cb-9116-6badf0e9dc12
.adsrvr.org/ Name: TDID
Value: 26f23103-179c-4aa3-bd2c-21572cdcc184
.turtlediary.com/ Name: lotame_domain_check
Value: turtlediary.com
.openx.net/ Name: i
Value: 7eee27bc-d348-48ab-90f7-11af3d7ae090|1700783565
.openx.net/ Name: receive-cookie-deprecation
Value: 1
.crwdcntrl.net/ Name: _cc_dc
Value: 2
.crwdcntrl.net/ Name: _cc_id
Value: 95b5885bf966d67b8de586b0c0dda661
.turtlediary.com/ Name: _cc_id
Value: 95b5885bf966d67b8de586b0c0dda661
.turtlediary.com/ Name: panoramaId_expiry
Value: 1701388365254
.turtlediary.com/ Name: panoramaId
Value: 573c5d881cdab3d3bc00402217c416d53938655b9bfb4b8da6f5d0345628eedc
.turtlediary.com/ Name: panoramaIdType
Value: panoIndiv
.gumgum.com/ Name: cs
Value: true
.adnxs.com/ Name: icu
Value: ChgIodc0EAoYASABKAEwzcv_qgY4AUABSAEQzcv_qgYYAA..
.adnxs.com/ Name: uuid2
Value: 4572801297682017392
.3lift.com/ Name: tluid
Value: 4432233494926843335826
.intentiq.com/ Name: intentIQCDate
Value: 1700783565455
.intentiq.com/ Name: ASDT
Value: 0
.sharethrough.com/ Name: stx_user_id
Value: 93b9f0fb-9ff4-4e23-914c-3da2902f1b41
.openx.net/ Name: univ_id
Value: 537072971|26f23103-179c-4aa3-bd2c-21572cdcc184|1700783565538728
.ladsp.com/ Name: cr
Value: 1
.primis.tech/ Name: csuuid
Value: 655fe5cd86b79
.lijit.com/ Name: ljt_reader
Value: HtPYCBZHK455dcM8RgS60SKz
.yahoo.com/ Name: A3
Value: d=AQABBM3lX2UCEC2Jq0TD9kY68A_g5OJBr78FEgEBAQE3YWVpZdxV0iMA_eMAAA&S=AQAAAr8VJEkKuN1_PRiRsX-E9mQ
.ladsp.com/ Name: smn_uid
Value: kwUM6kTdRzbv-5MsrqQ-zQ-zDxZg-i8
.ladsp.com/ Name: lum
Value: CNTW5vS_MRIFCAMQ0AU
.turtlediary.com/ Name: _au_1d
Value: AU1D-0100-001700783566-T2QATTFP-8DA1
.turtlediary.com/ Name: _au_last_seen_pixels
Value: eyJhcG4iOjE3MDA3ODM1NjYsInR0ZCI6MTcwMDc4MzU2NiwicHViIjoxNzAwNzgzNTY2LCJydWIiOjE3MDA3ODM1NjYsInRhcGFkIjoxNzAwNzgzNTY2LCJhZHgiOjE3MDA3ODM1NjYsImdvbyI6MTcwMDc4MzU2NiwiaW5kZXgiOjE3MDA3ODM1NjYsInNtYXJ0IjoxNzAwNzgzNTY2LCJzb24iOjE3MDA3ODM1NjZ9
.turtlediary.com/ Name: _awl
Value: 2.1700783565.5-daf8cd75d8632240fec8ee1b8174af70-6763652d617369612d6561737431-0
.socdm.com/ Name: SOSYNC
Value: anNvbjp7Im9wZW54IjoxNzAwNzgzNTY2fQ
.quantserve.com/ Name: mc
Value: 655fe5ce-0b76e-e04c4-b87c2
.turtlediary.com/ Name: __qca
Value: P0-773952562-1700783565642
.tapad.com/ Name: TapAd_TS
Value: 1700783566126
.tapad.com/ Name: TapAd_DID
Value: 2fd0d5b5-50bf-4118-9d4e-7d8d4331eb19
.doubleclick.net/ Name: IDE
Value: AHWqTUmF0uyRC9xsVVis4VIOIzugTLDfRV8WGA57FgHuqRj5YSMnv-qpH8OkZQwYVBI
.turtlediary.com/ Name: __gads
Value: ID=e347db05c2ac62f4:T=1700783565:RT=1700783565:S=ALNI_Ma-_ba_RBniICdMN8quouTnphtmsw
.turtlediary.com/ Name: __gpi
Value: UID=00000c9604f894fc:T=1700783565:RT=1700783565:S=ALNI_MY5ERMDBpNW1GcFVla3NrQypbOWOg
.turtlediary.com/ Name: cto_bundle
Value: e5LchF90MUltdWxEY05sYVRvd1pyRkkxY1ZDdiUyQjJkdmlVRno0UEtLV1dHZFJuMFdIdlU1JTJGTjdMalhLNzZnZlNMdzAlMkZ3RGs5JTJCZ0JLeUNFUGFIZnNRdEY1Z1dIekNLRVNhTXhoemlobDElMkJqRzlOaHhRa1Z6a2xITGpseGxqcG1obFM0dDE
.turtlediary.com/ Name: cto_bidid
Value: ewaYKl93dkU1MFhZbCUyQnZjcTV4TDlxV0psdHBwR2FYUXNSeCUyQmY5WXJ2VSUyRmlqM0I4ZW1TckFKUWpWUlFzRFdtQlJ1dU9vJTJCQU94VmEzR2J5djYwbEEwUTV0N0ZRJTNEJTNE
.turtlediary.com/ Name: _ga
Value: GA1.2.1678017089.1700783564
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 0A657C5F-D245-45A8-9BC1-CB8389B02520
.rubiconproject.com/ Name: khaos
Value: LPBUMEW9-N-2Z93
.go.sonobi.com/ Name: __uis
Value: 3424a288-8de4-49d9-b442-47038e9ba8a0
.casalemedia.com/ Name: CMID
Value: ZV-lzhynmEB9jLIUcQ17wgAA
.casalemedia.com/ Name: CMPS
Value: 4705
.casalemedia.com/ Name: CMPRO
Value: 4705
.bidswitch.net/ Name: tuuid
Value: 3cc72092-cbe6-47a1-a4f7-0360898fc560
.bidswitch.net/ Name: c
Value: 1700783567
.bidswitch.net/ Name: tuuid_lu
Value: 1700783567
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: pbw
Value: %24b%3d16999%3b%24o%3d11100
.ctnsnet.com/ Name: cid_ab6bd95e6773415a94d7b2af61dd306d
Value: 1
.ctnsnet.com/ Name: cid_ff1ad6d7302d4690986ab88eaa6f6463
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-R1656BRe7-tcW-65Rw6h60Ff77pcCbS5Elm7vgzj&KRTB&19420-R1656BRe7-tcW-65Rw6h60Ff77pcCbS5Elm7vgzj&KRTB&22979-R1656BRe7-tcW-65Rw6h60Ff77pcCbS5Elm7vgzj&KRTB&23462-R1656BRe7-tcW-65Rw6h60Ff77pcCbS5Elm7vgzj
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEHZEqQEqOHomDxQiwRVfEkA&KRTB&23025-CAESEHZEqQEqOHomDxQiwRVfEkA&KRTB&23386-CAESEHZEqQEqOHomDxQiwRVfEkA
.smartadserver.com/ Name: pid
Value: 8367014382429034701
.ambientdsp.com/ Name: _aGeoIp
Value: AU-Sydney
.ambientdsp.com/ Name: _aUID
Value: 12ga5di2cane
.simpli.fi/ Name: suid
Value: ADA818C615014749BAEDB02F63B36160
.c.appier.net/ Name: _auid
Value: HHqbwVdtDV6mwmv-z-VfZQ
.pubmatic.com/ Name: KRTBCOOKIE_1159
Value: 23138-ff1ad6d7302d4690986ab88eaa6f6463&KRTB&23328-ff1ad6d7302d4690986ab88eaa6f6463&KRTB&23427-ff1ad6d7302d4690986ab88eaa6f6463&KRTB&23445-ff1ad6d7302d4690986ab88eaa6f6463
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-4572801297682017392&KRTB&23339-4572801297682017392
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-26f23103-179c-4aa3-bd2c-21572cdcc184&KRTB&22918-26f23103-179c-4aa3-bd2c-21572cdcc184&KRTB&22926-26f23103-179c-4aa3-bd2c-21572cdcc184&KRTB&23031-26f23103-179c-4aa3-bd2c-21572cdcc184
.pubmatic.com/ Name: KRTBCOOKIE_1290
Value: 23368-12ga5di2cane
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!7871-2!7871
.pubmatic.com/ Name: KRTBCOOKIE_904
Value: 16787-HHqbwVdtDV6mwmv-z-VfZQ
.csync.loopme.me/ Name: viewer_token
Value: 8dbad5b6-2f99-471c-876c-6c700708221d
.adform.net/ Name: C
Value: 1
.media.net/ Name: visitor-id
Value: 3437851672889994000V10
.media.net/ Name: data-pri
Value: 655fe5cd86b79~~34
.semasio.net/ Name: SEUNCY
Value: 725D83764FD3803F
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZV-lzwAB4Qvx7QBd
.tremorhub.com/ Name: tvid
Value: 490ae67b0c49450a8be7b274506cf215
.adform.net/ Name: uid
Value: 8162966499268527634
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-8162966499268527634&KRTB&23263-8162966499268527634&KRTB&23481-8162966499268527634
.tremorhub.com/ Name: tvssa
Value: 1700783567799
.ads.stickyadstv.com/ Name: UID
Value: 194134d25b8e7f49e6297c71ab29890
.adx.opera.com/ Name: UID
Value: OPU1d80bda0d2304619906361725033a9c6
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-56fb0a48-bff7-5bfd-49d4-c1de12a1912a.DAAhdU3i%2F4UTt58rfqjraIBWX5bM6c92LQ8Yt7fgnIY
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-56fb0a48-bff7-5bfd-49d4-c1de12a1912a.DAAhdU3i%2F4UTt58rfqjraIBWX5bM6c92LQ8Yt7fgnIY
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AVvsKSL_3W_1J1MHeEqGRKkLLcKM.z1G8An9qcnpXMQzy6STyVc8%2FOZFgRSVu%2F%2Bqc7hN1nOc
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AVvsKSL_3W_1J1MHeEqGRKkLLcKM.z1G8An9qcnpXMQzy6STyVc8%2FOZFgRSVu%2F%2Bqc7hN1nOc
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIACJTjfKtZTEMi-Kw-uyeoeOpw1iQ8srx7YQS1NrwhUmEHwYBCDPy_-qBjABOgRyABfNQgSRZQEl.uSV4SqscG6WDU1kEQN5zZyjsfVW19wjLjoZNzQ6HvLk
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIACJTjfKtZTEMi-Kw-uyeoeOpw1iQ8srx7YQS1NrwhUmEHwYBCDPy_-qBjABOgRyABfNQgSRZQEl.uSV4SqscG6WDU1kEQN5zZyjsfVW19wjLjoZNzQ6HvLk
.sportradarserving.com/ Name: zuuid
Value: f958b8ca-fc9a-4181-9fe9-ebc3226aedb7
.sportradarserving.com/ Name: c
Value: 1700783567
.pubmatic.com/ Name: KRTBCOOKIE_1323
Value: 23480-OPU1d80bda0d2304619906361725033a9c6&KRTB&23485-OPU1d80bda0d2304619906361725033a9c6&KRTB&23524-OPU1d80bda0d2304619906361725033a9c6
.admanmedia.com/ Name: admtr
Value: 31abebff-afd5-4662-a348-a6b399a78fbb
.admanmedia.com/ Name: ac_r
Value: CS116
.tribalfusion.com/ Name: ANON_ID
Value: axntuJsKBRhFmDqU69u8QyfWMFeqEAi3QWZdp6R3ZbUTwFJ55treXEMZc5oDfhTpkumyZaEi3lajPd5bZcqIGt109mPhL
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-VvsKSL_3W_1J1MHeEqGRKkLLcKM&KRTB&23334-VvsKSL_3W_1J1MHeEqGRKkLLcKM&KRTB&23417-VvsKSL_3W_1J1MHeEqGRKkLLcKM&KRTB&23426-VvsKSL_3W_1J1MHeEqGRKkLLcKM
.zemanta.com/ Name: zuid
Value: MxYfymGhIFkJNKenQoJO
.sportradarserving.com/ Name: zuuid_lu
Value: 1700783568
.sportradarserving.com/ Name: zuuid_k
Value: 1
.sportradarserving.com/ Name: zuuid_k_lu
Value: 1700783568
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAAMRxyfTNiCQwMUWD68AAAAAAA&KRTB&22713-AAAMRxyfTNiCQwMUWD68AAAAAAA&KRTB&22715-AAAMRxyfTNiCQwMUWD68AAAAAAA&KRTB&23519-AAAMRxyfTNiCQwMUWD68AAAAAAA
.turn.com/ Name: uid
Value: 3845728713393831377
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-3917786307431759313&KRTB&23150-3917786307431759313&KRTB&23527-3917786307431759313
.amazon-adsystem.com/ Name: ad-id
Value: A1Z2nnZXP04hucpgz1Xp3y0
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.adgrx.com/ Name: ADGRX_UID
Value: 680f874e-8a5b-11ee-b797-8b289c061b88
.yieldmo.com/ Name: yieldmo_id
Value: 3F3zVVV880Vliqozf89s%7C1700697600000%7C3413539063957874651
.ads.yieldmo.com/ Name: re_sync
Value: unl%3D1181939%7Cc%3D1181939%7Ct%3D1181939%7Cdv360%3D1181939%7Cpub%3D1181939
.adgrx.com/ Name: ADGRX_CM_PUBMATIC_BRIDGED
Value: 1
.ads.yieldmo.com/ Name: ptrt
Value: 26f23103-179c-4aa3-bd2c-21572cdcc184
.blismedia.com/ Name: b
Value: 655FE5D049CB44C07671CAA8BLIS
.pubmatic.com/ Name: KRTBCOOKIE_1003
Value: 22761-680f874e-8a5b-11ee-b797-8b289c061b88&KRTB&23275-680f874e-8a5b-11ee-b797-8b289c061b88
.linkedin.com/ Name: li_sugr
Value: 89190806-6e7c-41df-8148-0d96818a29b2
.linkedin.com/ Name: bcookie
Value: "v=2&112b38ec-78a6-4192-84d2-4446d74bbbfb"
.linkedin.com/ Name: lidc
Value: "b=OGST04:s=O:r=O:a=O:p=O:g=3021:u=1:x=1:i=1700783568:t=1700869968:v=2:sig=AQG1cvbBxn5nrX6lxs1JrJJgtE4MDV9e"
.ads.yieldmo.com/ Name: ptrc
Value: CAESEOTNAdQD_fXprPjrGmHstjs
.smaato.net/ Name: SCM
Value: dd89a05fcd
.smaato.net/ Name: SCMs
Value: dd89a05fcd
.bttrack.com/ Name: GLOBALID
Value: 2uKlc8-sIBd987FnXwa-Y5v8fAwCp1KFdnA4nXSwJEMIOD1scPFH14fKm5yoYfJXI2r2i1pkD5QC4TM1
.pubmatic.com/ Name: DPSync3
Value: 1701302400%3A164%7C1700784000%3A248%7C1701907200%3A245_226_201_197
.pubmatic.com/ Name: SyncRTB3
Value: 1701561600%3A63%7C1701993600%3A35%7C1701907200%3A13_22_5_99_3_209_196_247_54_220_56_71_231_264_214_238_96_165_179_107_176_233_46_254_21_8_234_7%7C1701302400%3A2_15_223%7C1705881600%3A69
.lijit.com/ Name: ljtrtbexp
Value: eJxlkEsSgDAIQ%2B%2FStQsoLRCv5nj3jtoNcfnCJ4GrIdqpIQqYOo7WK6r8BKtCaOXBdf%2FYMu1hYFtKOrCVrDMpZOrkAeonzxzEk5j2dZ6np8zcibvH2%2B%2FEQTfS01Dy3AsdR0oA
.r-ad.ne.jp/ Name: r_ad_token
Value: 57UNqn00SBDAK0071rTO
.openx.net/ Name: pd
Value: v2|1700783565.3.1|lYvOjEiuhI.iasnwJuIjIvGlQkqlUvH.vykSrApMvAsP
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-38d097bd-d4ec-4a21-af4c-64c777d98054-004%22%7D
.lijit.com/ Name: _ljtrtb_27
Value: 26f23103-179c-4aa3-bd2c-21572cdcc184
.ads.yieldmo.com/ Name: ptrpub
Value: 0A657C5F-D245-45A8-9BC1-CB8389B02520
.ads.yieldmo.com/ Name: ptrunl
Value: RX-38d097bd-d4ec-4a21-af4c-64c777d98054-004
.bing.com/ Name: MUID
Value: 37C2B1D49F026FA90FD2A2069E926E5F
.c.bing.com/ Name: MR
Value: 0
.rlcdn.com/ Name: pxrc
Value: CNHL/6oGEgUI6AcQABIFCOhHEAA=
.lijit.com/ Name: _ljtrtb_76
Value: c1acc625-907b-4d51-8d9d-6fe121ecec3f
.w55c.net/ Name: matchpubmatic
Value: 5
.contextweb.com/ Name: V
Value: yiiqhoNVUZq6
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1o5u|7dW.0.1
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: ec3853767bb8294c
.pippio.com/ Name: did
Value: iyLZcTfg4L0nE8s_
.pippio.com/ Name: didts
Value: 1700783569
.pippio.com/ Name: nnls
Value:
.w55c.net/ Name: matchbidswitch
Value: 5
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:OkHa2n9z1R6jv35&KRTB&23421-uid:OkHa2n9z1R6jv35
.w55c.net/ Name: wfivefivec
Value: REtXCVuJ1R6jv35
.lijit.com/ Name: _ljtrtb_2
Value: ADA818C615014749BAEDB02F63B36160
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-38d097bd-d4ec-4a21-af4c-64c777d98054-004%22%2C%22nxtrdr%22%3Afalse%7D
.bidr.io/ Name: bitoIsSecure
Value: ok
.sitescout.com/ Name: ssi
Value: 3b7e9869-bcce-48a8-954a-57bf5e161fd2#1700783569790
.lijit.com/ Name: _ljtrtb_102
Value: OPU1d80bda0d2304619906361725033a9c6
.lijit.com/ Name: _ljtrtb_92
Value: 4572801297682017392
.ipredictive.com/ Name: cu
Value: 7b764684-b67a-4f5c-9051-193487fa428c|1700783569844
.lijit.com/ Name: _ljtrtb_94
Value: 655FE5D049CB44C07671CAA8BLIS
.bidr.io/ Name: bito
Value: AAP3Yk7Kv8wAABQKlSZKBA
.w55c.net/ Name: matchopenx
Value: 5
.krushmedia.com/ Name: krm_usr
Value: cd6484de-d7fb-4a4e-93e2-1a8fbf64cfc4
.krushmedia.com/ Name: krm_r
Value: 572
.lijit.com/ Name: _ljtrtb_49
Value: yiiqhoNVUZq6
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 4
.pubmatic.com/ Name: pi
Value: 159196:4
.dotomi.com/ Name: DotomiTest
Value: c5dbc61d2c1fd1
.ads.pubmatic.com/ Name: pubsyncexp
Value: 1700805170127
.lijit.com/ Name: _ljtrtb_85
Value: AAP3Yk7Kv8wAABQKlSZKBA
.pippio.com/ Name: pxrc
Value: CNLL/6oGEgQIAhAAEgYI7OsBEAA=
.linksynergy.com/ Name: rmuid
Value: 9aaee305-ea32-4b02-858e-807882080c4d
.linksynergy.com/ Name: icts
Value: 2023-11-23T23:52:50Z
.sitescout.com/ Name: _ssuma
Value: eyIyNiI6MTcwMDc4MzU3MDA0NCwiMzkiOjE3MDA3ODM1NzAwNDQsIjciOjE3MDA3ODM1NzAwNDR9
www.turtlediary.com/ Name: _lr_retry_request
Value: true
www.turtlediary.com/ Name: _lr_env_src_ats
Value: false
www.turtlediary.com/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%2226f23103-179c-4aa3-bd2c-21572cdcc184%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222023-10-23T23%3A52%3A50%22%7D
www.turtlediary.com/ Name: pbjs-unifiedid_last
Value: Thu%2C%2023%20Nov%202023%2023%3A52%3A50%20GMT
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNrQ0NzEwNTG2NLE0NzYxsDAyMBLiM9SNT8r0sUwz0nVMDM0HAIXBlWQlAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNrQ0NzEwNTG2NLE0NzYxsDAyMBLiM9SNT8r0sUwz0nVMDM0HAIXBlWQlAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_9vEyGtobmBgbmFsam5gaG4IAAswJuQQAAAA
.lijit.com/ Name: _ljtrtb_43
Value: vqAC3u2gVN2lpVWPvvAa3bihVIyl9w-P66eTmrpM
.lijit.com/ Name: _ljtrtb_97
Value: RX-38d097bd-d4ec-4a21-af4c-64c777d98054-004
.creativecdn.com/ Name: u
Value: NQIV2IHIUxIink8vQMH4
.creativecdn.com/ Name: g
Value: NQIV2IHIUxIink8vQMH4_1700783570195
.creativecdn.com/ Name: ts
Value: 1700783570
.rlcdn.com/ Name: rlas3
Value: heXpafV1vPZFDjatwTTTDkk3fIRalR/2c33PcH6JNbY=
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-1974054394973408202
.pubmatic.com/ Name: PugT
Value: 1700777881
.demdex.net/ Name: demdex
Value: 65519155775594352671343870730137132108
.dpm.demdex.net/ Name: dpm
Value: 65519155775594352671343870730137132108
.adsrvr.org/ Name: TDCPM
Value: CAESFAoFdGFwYWQSCwjUu_KxqqK2PBAFEhcKCHB1Ym1hdGljEgsIvpvduaqitjwQBRIVCgZjYXNhbGUSCwiaj5fBqqK2PBAFEhsKDHNoYXJldGhyb3VnaBILCPzBztaqorY8EAUSFgoHc3Z4OXQ1MBILCLLdhsqqorY8EAUSFgoHcnViaWNvbhILCLKOgNmqorY8EAUYASACKAIyCwj-t9GDwaK2PBAFOAFaDHNoYXJldGhyb3VnaGAC
.quantserve.com/ Name: d
Value: EDwBFgG_KvijC_vLEJ9A
.ads.stickyadstv.com/ Name: uid-bp-34673
Value: ZV_lzhynmEB9jLIUcQ17wgAAEmEAAAIB
.intentiq.com/ Name: IQPData
Value: 1120628899#1700783570378#0#1700783565455
.intentiq.com/ Name: CSDT
Value: UEQ6MTUwNzJfMCZUd1RxVnJFIzE1MTA2XzAmVHdUcVg4ZQ
.lijit.com/ Name: _ljtrtb_80
Value: LPBUMEW9-N-2Z93
.lijit.com/ Name: _ljtrtb_16
Value: 3b7e9869-bcce-48a8-954a-57bf5e161fd2-655fe5d1-5553
.lijit.com/ Name: _ljtrtb_84
Value: c:85944e7351e7baf3b71e9d4f972feb09
.lijit.com/ Name: _ljtrtb_86
Value: gTyfWo91to-gjHH_iK7qZMecdi4pHV-sk3fmoGs8F0k
.connatix.com/ Name: cnx_userId
Value: d0d61b1e0aef4f6ab19a62551aa9802c
.analytics.yahoo.com/ Name: IDSYNC
Value: "19du~2f7z:18z8~2f7z:18za~2f7z:18yw~2f7z:18vk~2f7z:19e0~2f7z"
.lijit.com/ Name: ljtrtb
Value: eJwVkVtvGkEMhf%2FLPteSPeO5OG%2B7XEpEoLQJ0PJS7c6FUIiApiWKov73zrwef%2Faxjz8ass1doweXxFuBIYQE7HsPYrgH44ZsElnKUYE1JicTCYwxuvnUsJTO98Ph%2Bnxebta7qy2ackVTNitNqIGcBOC%2B1zBEFUCRcSrEEMhzZQvajltPfmTJILFj6drJuEM1tbrTliwWjLCCX1Zrih6H2GNUGtmSCNrCOGVQ615CtfdY0IdVt15MtgJLUDupm0qdwMXcIylx1iskp4taSlxK5bLpxIyRZdQxj9BZR6O29d3D%2FWOdWplw540wJ6cNJTf0uWRGSSJncSqnAaWSpt7UrvSPo5vf%2FFvbdl%2Fnp8fdvGurVw3n23fQPqK4IULkVPNRBH3mAJaDcy6KR8OAWDPy9Tv7p%2Fe8PQv9OcP%2B12z28zB3190ihXjgy2wDr0edX86fX%2F0Uj%2FUturTcru1I%2F1X7zVKdLpvt6nZrez0cnjf37yd5g5W16enl92VReFctAvUhWGVA0A3A0RD4KBFsTqQohRR0bv79ByFljo8%3D
.rubiconproject.com/ Name: audit
Value: 1|7Yrdz6p9ZsAtIHN/z709u3zjJHH+KyL/91kGSQPaAb/6DZ3dTM5nwcreO4uTeZ30tIlnhjEViM3yUhTWCqUS/Pv31DA4fHDqMp0HTDw5gZ7V/IjBlWfcneJ2KHjgqo/q5M3i/I6UUNF1OSX4D58XG2L/99vp4v+kYPDxny9O7hNPVHjylZIeXNAPlTu0R9RN
.liadm.com/ Name: lidid
Value: 808fcfab-1db1-4105-aa77-7fe76022241b
.adnxs.com/ Name: anj
Value: dTM7k!M41$Erk#WF']wIg2GTrv_!X^!]tcg8bhzs#DNA_<'.OaUcIZi_(y3V_(/@9Z614#Q9]Ao[N0N(cpP<?A3^BM@+vrWJZ4[KU>#vOT+N6Jcf`ig5?H-b>^1$?iXKId:*W5NNhTpglf#k^
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJ0cmlwbGVsaWZ0X25hdGl2ZSI6eyJ1aWQiOiI0NDMyMjMzNDk0OTI2ODQzMzM1ODI2IiwiZXhwaXJlcyI6IjIwMjQtMDItMjFUMjM6NTI6NDhaIn0sInRyaXBsZWxpZnQiOnsidWlkIjoiNDQzMjIzMzQ5NDkyNjg0MzMzNTgyNiIsImV4cGlyZXMiOiIyMDI0LTAyLTIxVDIzOjUyOjQ5WiJ9LCJydWJpY29uIjp7InVpZCI6IkxQQlVNRVc5LU4tMlo5MyIsImV4cGlyZXMiOiIyMDI0LTAyLTIxVDIzOjUyOjUxWiJ9fSwiYmlydGhkYXkiOiIyMDIzLTExLTIzVDIzOjUyOjQ4WiJ9
.mfadsrvr.com/ Name: tuuid
Value: 734eaab9-5b63-4bd3-b8a5-e9a06bc8b07b
.mfadsrvr.com/ Name: c
Value: 1700783571
.mfadsrvr.com/ Name: tuuid_lu
Value: 1700783571
.pubmatic.com/ Name: SPugT
Value: 1700783571
.resetdigital.co/ Name: ckbk
Value: 0000011E43D78C23
.hb.yahoo.net/ Name: visitor-id
Value: 3437851712889968000V10
.hb.yahoo.net/ Name: data-mag
Value: LPBUMEW9-N-2Z93~~63
s2s.t13.io/ Name: uids
Value: eyJ1aWRzIjp7fSwidGVtcFVJRHMiOnsicmVzZXRkaWdpdGFsIjp7InVpZCI6IjAwMDAwMTFFNDNENzhDMjMiLCJleHBpcmVzIjoiMjAyMy0xMi0wN1QyMzo1Mjo1MS40NTE2NTE5OTdaIn0sIml4Ijp7InVpZCI6IlpWLWx6aHlubUVCOWpMSVVjUTE3d2dBQSY0NzA1IiwiZXhwaXJlcyI6IjIwMjMtMTItMDdUMjM6NTI6NTAuNTU3NDg1Njc1WiJ9fX0=
.mfadsrvr.com/ Name: ssh
Value: !sovrn,1700783571

8 Console Messages

Source Level URL
Text
network error URL: https://ssum-sec.casalemedia.com/ium?sourceid=15&uid=060968ie9966h9h7aj8chfld7high6ec6k9604um6600s6s2ew4iso0k2suqs0mi0&gdpr=0
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://b1sync.zemanta.com/usersync/pubmatic/gdpr=0&gdpr_consent=&https:/simage2.pubmatic.com/AdServer/Pug%3Fvcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&s=2?gdpr=0
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://cs.nex8.net/cs/openx
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://match.rundsp.com/redirect?ex=openx
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 500)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
javascript error URL: https://www.turtlediary.com/
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=34' from origin 'https://www.turtlediary.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=34
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://idsync.rlcdn.com/712068.gif?partner_uid=93b9f0fb-9ff4-4e23-914c-3da2902f1b41&gpp=&gpp_sid=
Message:
Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options allow-from SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1652a92e08b530b0cf1938630f75d069.safeframe.googlesyndication.com
1f2e7.v.fwmrm.net
a.ad.gt
a.pub.network
a.sportradarserving.com
a.tribalfusion.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad-delivery.net
ad.doubleclick.net
ad.turn.com
ads.pubmatic.com
ads.stickyadstv.com
ads.yieldmo.com
ajax.googleapis.com
aorta.clickagy.com
ap.lijit.com
api.btloader.com
api.intentiq.com
api.rlcdn.com
b1sync.zemanta.com
bcp.crwdcntrl.net
bh.contextweb.com
bk.r-ad.ne.jp
btloader.com
btlr.sharethrough.com
bttrack.com
c.amazon-adsystem.com
c.bing.com
c.pub.network
c1.adform.net
c2shb.pubgw.yahoo.com
capi.connatix.com
cdn.hadronid.net
cdn.id5-sync.com
cdn.indexww.com
cdn.jsdelivr.net
cdn.turtlediary.com
cdnjs.cloudflare.com
ce.lijit.com
cm-supply-web.gammaplatform.com
cm.adform.net
cm.adgrx.com
cm.ambientdsp.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
core.iprom.net
cr-p3.ladsp.com
creativecdn.com
cs.admanmedia.com
cs.krushmedia.com
cs.media.net
cs.nex8.net
csi.gstatic.com
csync.loopme.me
d.adroll.com
d.pub.network
data.adsrvr.org
dis.criteo.com
dpm.demdex.net
dps.jp.cinarra.com
dsum-sec.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
freestar-d.openx.net
freestar-io.videoplayerhub.com
fronttoad.com
g2.gumgum.com
gocm.c.appier.net
google-bidout-d.openx.net
grid.bidswitch.net
gum.criteo.com
hb.yahoo.net
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.liadm.com
i.w55c.net
i6.liadm.com
ib.adnxs.com
id.hadron.ad.gt
id5-sync.com
ids.ad.gt
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
imasdk.googleapis.com
invstatic101.creativecdn.com
ipac.ctnsnet.com
jp-u.openx.net
js-sec.indexww.com
lb.eu-1-id5-sync.com
live.primis.tech
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.rundsp.com
match.sharethrough.com
mb9eo.publishers.tremorhub.com
media.turtlediary.com
nodejs.turtlediary.com
oa.openxcdn.net
oajs.openx.net
openx2-match.dotomi.com
optimise.net
p.ad.gt
p.rfihub.com
pagead2.googlesyndication.com
pippio.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pixels.ad.gt
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.media.net
pubmatic-match.dotomi.com
px.ads.linkedin.com
rtb.gumgum.com
rtb.mfadsrvr.com
rtb.openx.net
rtb.primis.tech
rules.quantcount.com
s.ad.smaato.net
s.amazon-adsystem.com
s.tribalfusion.com
s0.2mdn.net
s2s.t13.io
sb.scorecardresearch.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssbsync-global.smartadserver.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static.adsafeprotected.com
sync-dsp.ad-m.asia
sync-pm.ads.yieldmo.com
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.go.sonobi.com
sync.intentiq.com
sync.ipredictive.com
sync.mathtag.com
sync.resetdigital.co
sync.smartadserver.com
sync.springserve.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync1.intentiq.com
t.adx.opera.com
tags.crwdcntrl.net
tags.rd.linksynergy.com
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tr.blismedia.com
triplelift-match.dotomi.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usermatch.targeting.unrulymedia.com
video.primis.tech
www.google-analytics.com
www.googletagmanager.com
www.turtlediary.com
x.bidswitch.net
1f2e7.v.fwmrm.net
api.rlcdn.com
c2shb.pubgw.yahoo.com
ce.lijit.com
cm-supply-web.gammaplatform.com
cs.nex8.net
match.rundsp.com
s2s.t13.io
sync-dsp.ad-m.asia
sync.mathtag.com
103.229.10.180
103.43.90.178
104.17.24.14
104.18.20.206
104.18.24.173
104.18.38.76
104.18.41.104
104.22.5.69
104.22.74.216
104.26.3.70
104.26.8.50
104.68.31.231
107.178.254.65
108.177.112.94
119.9.108.191
124.146.153.160
13.107.42.14
13.215.29.241
13.224.181.100
13.224.181.49
13.224.181.84
13.228.253.17
13.229.188.244
13.35.147.91
130.211.23.194
141.95.98.64
141.95.98.65
142.250.204.1
142.250.204.2
142.250.66.198
142.250.66.202
142.250.66.226
142.250.66.232
142.250.76.102
142.250.76.110
142.251.221.66
142.251.221.67
142.251.221.74
143.244.220.80
15.197.193.217
151.101.129.229
151.101.66.137
151.101.66.49
169.197.150.8
172.104.45.159
172.64.151.101
172.67.23.234
172.67.36.110
172.67.38.106
18.138.18.111
18.140.225.254
18.143.106.89
18.176.234.133
18.177.11.1
18.65.3.9
18.67.111.37
18.67.92.138
18.67.93.14
18.67.93.16
18.67.93.24
18.67.93.44
18.67.93.62
182.161.73.136
182.161.73.146
185.184.8.90
185.84.60.23
195.5.165.20
198.8.71.131
204.79.197.200
207.65.33.76
207.65.33.79
207.65.33.82
207.65.33.83
209.191.163.208
213.19.162.90
220.150.223.50
23.106.127.165
23.106.127.169
23.106.127.39
23.206.242.194
23.215.59.10
23.221.21.71
23.55.38.48
23.77.149.36
3.0.243.35
3.1.170.125
3.105.199.38
3.122.66.171
3.227.26.135
34.102.146.192
34.107.140.113
34.111.113.62
34.111.152.239
34.120.107.143
34.120.63.153
34.124.209.251
34.160.152.31
34.160.63.134
34.96.105.8
34.96.70.87
34.98.64.218
34.98.67.3
35.186.193.173
35.213.12.39
35.213.7.59
35.213.93.179
35.214.243.89
35.227.252.103
35.244.154.8
35.71.178.8
37.157.2.230
44.220.1.83
50.116.239.135
50.31.142.191
52.196.135.209
52.205.132.212
52.4.98.207
52.46.155.104
52.69.158.44
52.70.198.148
52.74.118.249
52.76.234.12
52.76.40.2
52.77.152.198
52.77.160.240
52.77.24.115
52.84.251.4
52.9.84.22
52.94.220.185
54.221.54.135
54.238.236.6
54.254.195.29
64.38.119.44
67.199.150.86
67.199.150.87
69.173.158.64
69.173.158.92
72.34.250.75
74.118.186.107
74.214.196.131
8.2.110.134
8.43.72.98
80.77.87.166
82.145.213.8
89.207.22.108
98.98.134.243
99.84.203.31
01172e9ac9330920e66e282d2d77ed1ae863bbab08aec27b168e8d3c82d50c18
03bd3a5d2e936c7de83bc2059c35850d748e225a9d9366318717b10c875ec298
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
06802a62d7b8ad9d0191dd9d2cab7e6ad5027c2b4f0bd112145674bfac534254
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0804a138d2373d667829f97ef1789c8563ed2730275ef0a6aba5facb75b29a85
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c0d9eaa19e916706042c05e57dd0a59b959a94e2ea59705d30c63ed292adbb6
0d16cfa1e268735fa201c27d03314ddbcd003f3164214fa04462eb19222eed5c
0d616f2f5275b6161bd73ff81b74ef302b814c65532e28aa5640038323fabcfd
0d71b8cb8d3ce6a22b11bc6b34023ba9ff9a00470ab1915f888f243a6d6e782d
0dcac7cabd17a67b5d09d54d506c6ed734516248e9e8552d194b1a5cf16b7722
108e7c09a9d190083c217592e2059a6278e7f23d92f2190be2daa0b9c80440a9
10ba8eb1e99bad838502157cbda8525b4783dce0ce219366ac6d01eade3e468d
10f77140f943fed56fd24ef6d31198c70f8d72eff3717438ea334ebebed545c4
123b47f66fb33ca08ec61c8066351f3ef9d04fa5ad3664ba3bddfeff59b62be9
1248843480d9a6683a6d6c3c2f9ac80e48455d854e883d1204b7663a2f2845e2
150abf5d65851c215b785dc90f363002897279f75a0f466caa6c92534a20a2d7
15c39f91bd8d4a940557da362023f87d9dd6f16a95a1dd239666bf706a180d4b
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18c9f28396a1900f21ec53fb6edc249d8c16e2d7523704e5b7061367b18a7c1c
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1bf5435c55a81e3f050dc22ed008eb354bcecd1c042316e81a95a488a6c0ae43
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d16d42e33c80a00df5f4c6a514edbfaa985a2cdf0d33b4f76f90a6625b773b7
1d4ee19b918d965bcd79df0e57ea9b99e928e0302a09e534a587975126f2f920
1d615cce173cd5fc0a4bf61282c600b5bf90a45df308f8c3017274434b28a8c4
1d67b9c2184e174c895b39e925c743bf2b20c2e6bdaf908a6860a51cbfc28c5d
1ffdb3fb1f2d046095ef716a8b47e50a07e4554a79f21623c133bc7f19b30d33
22a1257891d7523261ed7426751d43a5dfeb83e2211aed3b71f085b5a45149ed
233e15521ef6656de413653baff7f21f8820228263a990affd3b95b9be193a00
25359cb3d49c2e00cb2e97f95643ee30748d54c33daa11c9c6fb0d2b519dfffa
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
26d05bbbc6161e973f251434c2e9888b7c1a5d465a8a6850d3caaf987cbf7510
270fd5ef990d8cdcc91e68e2ddb14b00d9403ea70a146d60622c246161374c0b
2830a50f59578e40f2c23948be43205feb3f38f8599796cec040d31dc9812c48
2b886f05bfca2b066fb718afcc815ec322d7df55c18dcbcac57cfe2f1c9a10bb
2c5326f95c3af5c4574e31d614d17f43618da2d43464536f5029a677f6b1629d
2c7419b74ad71f441448e81efb781c3449155cc9238ce996ade4663abefec695
2dcf6590a49e6d2fc6ff060c1192937e40b56b81591fe48eb8baf78800b16d2d
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3029adbcd8e7d319000b2558e106ee866e7120f4f21f232ad52c1963725f6097
304b5b77fbef13b8774bf42a9b10debad0bfa6ba3cab51f4823f0070023d60ee
30daa447f4de7cc794ddff076fd1e834d59271f68d4937faeb75d4bdee465c77
3153b9a9e9fc6e6d187194096a6494ebd7fac22938e59daf14b6dd3f5786148c
325fb385497b9473d4befc72824051ade03471ba7c825e193e44fd08934b8c87
334416c325a77993e33c282928a7f6b05d28c54ed5aaebfc9fd1614008c81ab7
33c1ab6a01b4049878497c2874d8cbb72e14ee7cf14fafec3c09b45f9874b67e
35981b6766cb407cfcff7271ceff3057e9ad15da9a56bf9cac2dfe5bb9f5cf47
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
3988cd2abb8e7c863fa05d202933cb13ed0fbf32efbf30188312375cb85e930f
3b325dc4cc400ce5817dd28c5bfaabdce34e9e637f8a25840665055ead80d727
3d1d5ea5e3e39a432b9619f393b448b15aa4af365a22b30ac2cce130463c6525
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3df6b36b3d9ec91ec8ee170906cc6ef2f2247be1d1e715880ee5477dd38c4e37
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4022cb9ff13180686b7258efb389a65689f6a8b566f5705b3631db660a4e5d49
407a567abfabf78843c1dfe24457bb650325d8f93e9396a00ce686172756244f
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
42c1f6a66ff3442adb9b6d0a97b9e66bec0c8c7fc5f1c95345c73430dbc35d7c
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
473917246f8e1778e0c1ac249327e64dbd220621bbe1fb1ebac58cb915fb124f
47712824c48b5c8149ee07b4e04c0cd35ec75dcc98c5e6f0fc75f1854f69e35f
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48c76c91f2d42a1668fee310da41b7c1f0d97d7ab0fa55fcf794e2cd3e412242
49147fd978355944f2cb567e8579ba6b81affc569aa0e386c7e53bc8808de9b2
4b11a3cb86b8e90ee13ac577dbb1a2398373c7d7777a18066cf50b991ecae129
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bb3c40a43446eab98cb29c3b7981dee8aa8be1be445fdcbf2e50067e39e6875
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f3a29b00449660f0ffbe741e97b1c03492abcb0e1722b1c0a573612e56e5e99
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
534fe3532c0c71b2ea6696ec27c4e4ca36d16c1a83cd2869c2ad1a05b195557f
54380fe85dacc6105a5f55caa3c04d80229700c906dc120f68a54dde9bfe1fa8
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
561afc2bac4821081c6022d9e0b232653060a8bbb609d8f451fbb1c90ecce12a
57c93e86e7b10612f05de7652b2bce658199b0c60eb9ec6c71feb50ad52edc58
5871778f6ee047af0d2aa445d97b568e374fab1f88da69e5f1041939f3474fc4
5b37d9f1009dc8fec3476dbafc42de9ea497971896cfb3487ddf4adaec2ee970
5cb7a35776d6b39fca1209001dff98b5c26fc81de178c4cad9f07e8f0fd18948
5f4b67d75522e1d15d1f4b9f24ff51188b52552ee5c084e63cdc5d1ac1dc4e29
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
64cf3f445f28fd01c8231d61df095e936df8dbe625e88c461a3989ec52009027
66d162758b12fcef80d51555131f5371153da5a81bb89e93ef14d4ccbdccb328
6744628dc8d472eacdc35266ae7c9b4bb08a2e246d943fe0542cfba853a62fb7
67e9ef2dad9b6e57008ef45c10c87262d4bc5008e66224827c2c4ccc871de835
68fb114544676a7ff3da526d1c5944d17659f972759f4d6712dc03989ca078a0
6935aeb7ce0d9da986f062094e9d6fe081cd13f29517c42bd770b72e551895b9
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6bc56823812bdc9e3273e44103fb1da56c554204decc8b182f877daeac6788be
6cf80ea76640643986fec098dc70af1bc9f13fdcd95c62ae7af4176b67ef6741
6ee69abe38a87fd8aa0867401e1e14d2831eab6dfb1bb2d97abf65ac57cb5705
71dbd6930e59dcb260c08741ae72261275139765dbe949ca7e98516aa422c1dc
737b9926931d3e5f92d3b99d96c322adb6195eefeb84fd1fcf2dd5a4c3de70a0
76c5530c20a5deb829a5223cce07c6f05df9ccd3aef9b53ae7310e7bbef76cfe
778599c0c8c1d5e2f5f9f4776c0a15f08eb09b0a3a7617f1ae9c4b05c8109b03
77daa4388c965a3e23b5a6c800727d8025ab108f89cf5679e79136986d5b4561
781a26644f200441299dd3f071392c63fcf15cab6a77f699936866a2b9d6c883
788c13994d09fd809cb431d4a0a2aaba6dd88c9b2ba4c0c9e03345362d9633ec
78f843d3abb760189d189f74b3f80bb0ca13e40ede8caad1c05c321ffeb78cf4
7a915f4bd01ad242715e416ee5f0bcad56a0d7f785df6f10f1343ce4f0531265
7b08eca7e48d4cdb0c939b874869d7e2f404de6328519c758e70301cffb01afd
7bff505e90701ae8b85f4d38433170cb16bc5156e045b9b10ad96f4c9e9ee96a
7ebadfb0328064c5cee4e463f60f6b67ad4111578429bb00206d358826752596
81210e7ce6c6033375740aea23a5844dec8a611027f6bb3b7c44d1fdebe3a4ec
81a161d5793ac2a33f02ddcd64fb0dc2d028616dac084e4f64e77f4898b0c4e4
82b1ac7bac4f54d30e2a421e5bc0a1e9fc338eb18acb299f0edd64462daf9cf7
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85953b4641cdc7eb32550f557d1f1e8cc617dc1ec47199a2d360feed4c13ba3c
865b9a963a93f64ec8206011abd5887fa8b2555e840990064c12ff469ebf74e4
87960e7994f9fc5f6d2fc8c0b93be02f4b9b7cdca0dd9c726f5806d8e9092068
88ead20839122c0145320cfe2854b19d2e87d2850dfb71977caab6be3813b641
8a2e2fb6f3fb55c6e082d8761acce94483842596ef9cbcf2792290ed07e9a314
8b20f11d9b2716dc1026da78aea85f5918477486b82055a103ec063ee7d7a2bb
8c51666dc597f3c00d8b96c9cdcea12f28b4add101103868b0df81fbaa0b069f
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
8fccd1b16e7908e01dcf3dede92dd655790a37ee261daff7fbbb19d2c64a7c24
90dc1dd41adb18dfda3418fbe783597c70aa93bfc41ac100f8ba5c3bccf9bf3e
92033b58253abb0529325a307ee85442a1fdea546a274288480595391784a510
9278d9ec4107061297756436259a4ed28ebb0c6bee94fbca0c06475de0896496
94250919b0ff8ec072aa2503949b2aa0d54064c771413d59f9e688f4edff260d
966269ebdf4b5e678bf7be4ac3aa0ed983362eaac8e5786bc01472daf74a941f
966f958137fce9d27b6ac2ed207b7288fd830ec8f2f197409bf1996f80e0d94a
9753bf5dc6e8bfc154553bc01aa09680ef407fc1dfc112892e745a9d2fc4a4f6
980c96107d8f974d249b98757877f4a51db8cf7172903fe99aba4b5466631ee1
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9c5eab6657a64c3738f572154f23d884c4d15da744a4eea7f6cc0d4a942d2bd9
9c6a7df01af9bcc78211a661e3a4b0d3cc83bb2e97ffa27f44b0098e414c06db
9caa50bd166770d892272d538231e7f08c8c56da618388852e4570eee524a127
9ce999a407cf24f16d8b3d52923f53505d7153314749794d0d153608e5873716
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a20010b26bce05ea3cfc83cf3a162b7c16b5d2fa2bcf2253b0394b0eb322347a
a2eacbd0a55e794d92e79a03b68c07f613a0ab710ffaffe5f1d12d67aac843a1
a5151c85cac25834a3fb848f6bde2d3a8638dde14b3c4a0bcce09badf90c75f5
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a5ee1ee672866c689ca31e8c8ed157d602f67f0e25125cadebff402152a5f0e4
a6e64277c460e86a0c076d391f18360881f695199727a63a732c8c4c78f1cb9b
a7b5f5f96f81dea4efc53e1d4dae8b37c28bec27a45b42ccf604ee759e20caec
a7e8ed2d7bbdbcaeeee81c3433f057d64a32c000112bbd09b5969fc658d0a655
a87e670b5f030bdc06abd0237adcde32bc1914705e0a137a4bce997ad91fe610
aaa22a42f6b6eb66ff26f8880a7187df2a6452fb37039c0a2f8d7fbceae8275d
abb60e7cf9f019236835676934158d2c4ab822b64e56b9afa627bde68c0e4a5b
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ad6e2d53f24ebad6e0d6be3058074a91caef2453cceba2b27e4774e1c88e3afe
ada879ec79ddf4ac22b8d49b886d14f6c31c411888ff68e13c38fc826154a5df
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b063c5ca505fa3b9c7ce150c672ad8b750914ee5f3f9886057324ca8c368c6b3
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b16e15764b8bc06c5c3f9f19bc8b99fa48e7894aa5a6ccdad65da49bbf564793
b3e57eb372e8b405c816875571e184854b2846261c7477c6c9bdb7782faa1a30
b4716830c4d28552ad0b3999b59d28187ec2ba819618bbfac3ca9a2f0ba1c3b7
bad4155111cfa8d146fe8dcdcf3935651d730dfd8fc67550c14f8ae8fe41bb69
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd351964a6d11d6d1080c25b6d081821d598622929758e010a337bc04710a5aa
bf49e27fc683ba28a41f55094272531e6b8375d5c37e90392a671f5c551a2888
c054d631a869a67d8e42c49e3f48283f5d66b9c444b889a8efae0d936eb0188d
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2a5712fd317990914ac9af07b86d21a5a5c69a22f3d6ce3b463528806322899
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c484c78d502a9769494d9fe87c9a826618b36fd60b567dee2cfa0f4e9163d79d
c561d7fffec8bd07961d6d60c7be2d27f6898d162b603329254f6dcef7394d53
c6aafa40c0301e6e21601208fcb1e87a61acaa1da0cc62711e2d4fbcf5bd82cf
c7f1618546c551ed350b3f5c066681e91bd17ce9f2eaf1c539f2a65cb3e1966d
c87b7f745cfb4a994801488584e6e0e78d6c4f0ad567e985a781fc0b86074724
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
caaccf1f675a43bfcd899e0530dc1d60bab848db13170024b741abf316d02c73
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d037ba3209044db2ccff64a55106d5e69f4f0e4b78429fcdf1ca12936edb519e
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d2531c060499a31d29528942642ecaf731ca7d26f8c2ffe3b9aba20f79a51419
d346801abbf9bb4e9e9a055239053d4ab5596514304f601a6c70604187acb744
d534291efb7d78d1fcf5cb0e1b2273acb11d6c989fd5f110473d2f570134b43c
d672b8fc4ad807877b8b70812b79b9464af39f3bf4a6c05ab5015d3eb227e864
d90b6133411f8e29e1acfdab52638d28fa255516968df6f42a66cebfdd337ea2
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
dbe5b7ecbb1e59ac15de1b1ea340c9540f8d1cf1764c667aeca64a1fdd3b639c
dcbb76a8cb268e3ed25b14f8d4a9b8e906f20da34d903111c2d77fc2c34d83cc
ddb5418954db43dc55c388d48c29d73a0a03513089f6a8f09563f839fbf516e4
ddde42b838df34e811616678de619c67de435d02f058004fa6a09b4c835a5c1c
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de495615086d5c815a2b07dddb246c9ad6ca96f6f44de4975424586b5b91fbe3
dfb95277447e40b12c0841ece47ecc7b56e0e596e2ba986c31fb09db7d76c844
e0e0b845af590c1ff82adf4b689da8fc18281e5b27c59979b4e9168733bdb4bb
e2e1ad18cce5424b905ba2f78b3970a9f26ce651ac6c03b99d706e639d392b06
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e62a00258a2118faad7754b5c5c19174124e4b2ec83a330bd5f9515c19529b94
e708928a99052b23253d34e2bbcef265f289eb36a373e23098db65ac88e148dd
e7191c5f19d5665d24fc63c847b5c67ba5dca351d76f66a60547694dae2da247
e77b0425c3e856209c5aa03aa406be4fae9fe9b0623429bf8a862c473f68abd3
e7eb2f5d386eac7d24d6289e55ae596969a8da2e2202c123c5333301a64f5322
e7f6c011776e8db7cd330b54174fd76f7d0216b612387a5ffcfb81e6f0919683
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
ea6da3fd9b357ff8c3d3c12a21aaf4be7d7139b7addc52bcb22dae3f50f3ecad
eaa593bcfe485f4b5a8ac997cf9936604f9fbef91652db94a8e22b75d612bfc1
eca003642178c47d53f4b1c5ae15b453eb75bf875f40d4505f790760345dc3d0
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
ece307e0b49c55605f17563e2376dd43d013b02632b9dfc3cc71194854d751bb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0b9f311ad90f73a67e8d16a392ba1e8950e4030828d44197803d831acfc8ffb
f2af5eb48fa05a661a8ae11c8ef6872d268402d53ffc0351860504406c496783
f48aee2c68ae5fc7d918ea5c7948b86d09a9de3d6fe70c6926839233e1879db0
f4a9c7e802b59da407d928f885788fca893d1e025169c9c2e32806143c23fdc0
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7309abef3c5197717e4ba4263728c9aafeb57fc12dbef8d499ac3047099ff60
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f8ef0b666f8dea62b61e1e25734e1823e810b661651d639ed5663cef4f15c9bb
fa1f876cb70f7a711191b9dab191d9cc1c037ae4f5f5ea032dfe742f51c07f65
fc76ad27ec124c4daa115980a9bea11d31252e3f7a580b455e5578f90a2ef98d
fc8295c10eb74bfc39252e0cdb679d5652befa2123a3bafd9edf35d05338b9bf
fd6dfd3500d3e4291cbc3e2c675fb950d1ec7f7b7eaae2c16c7b739bdc4bf717
fdf89d1a74034d42ce15ca995a045aa9a3dac6a12209cba90445d6a0ca2368d5
ff13096e02f6534f37880161972d56fd39cd83bb11998dab5af22a9c49ef1e78
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995