www.turtlediary.com Open in urlscan Pro
152.199.20.123 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://turtlediary.com/
Effective URL:
https://www.turtlediary.com/
Submission: On August 30 via manual (August 30th 2022, 11:36:30 am UTC) from US — Scanned from DE

Summary HTTP 244 Redirects Behaviour Indicators

Summary

This website contacted 74 IPs in 9 countries across 72 domains to perform 244 HTTP transactions. The main IP is 152.199.20.123, located in United States and belongs to EDGECAST, US. The main domain is www.turtlediary.com. The Cisco Umbrella rank of the primary domain is 336121.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on December 1st 2021. Valid for: a year.

This is the only time www.turtlediary.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	23.111.151.121 23.111.151.121	29802 (HVC-AS) (HVC-AS)
47	152.199.20.123 152.199.20.123	15133 (EDGECAST) (EDGECAST)
3	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223f:7400:1:efdc:4e00:21	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
5	2606:4700:20:... 2606:4700:20::681a:6da	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	3.210.193.120 3.210.193.120	14618 (AMAZON-AES) (AMAZON-AES)
2	34.95.69.49 34.95.69.49	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
5	65.9.71.118 65.9.71.118	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
1 9	151.101.130.137 151.101.130.137	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
6	52.28.203.152 52.28.203.152	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:20:... 2606:4700:20::681a:9a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:272	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.72.120.129 3.72.120.129	16509 (AMAZON-02) (AMAZON-02)
2 4	72.251.249.14 72.251.249.14	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
3	52.59.71.86 52.59.71.86	16509 (AMAZON-02) (AMAZON-02)
1	2a02:fa8:8806... 2a02:fa8:8806:20::2100	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1	52.204.206.216 52.204.206.216	14618 (AMAZON-AES) (AMAZON-AES)
2 3	147.75.85.234 147.75.85.234	54825 (PACKET) (PACKET)
6	159.89.246.130 159.89.246.130	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	52.212.200.243 52.212.200.243	16509 (AMAZON-02) (AMAZON-02)
1	213.19.147.42 213.19.147.42	26120 (RHYTHMONE) (RHYTHMONE)
1	198.47.127.22 198.47.127.22	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	92.123.21.200 92.123.21.200	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700:10:... 2606:4700:10::6816:3556	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	162.19.138.119 162.19.138.119	16276 (OVH) (OVH)
2	141.95.98.67 141.95.98.67	16276 (OVH) (OVH)
2	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
2	151.101.194.137 151.101.194.137	54113 (FASTLY) (FASTLY)
5	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:ef75:8280:f209:5ba1	16509 (AMAZON-02) (AMAZON-02)
1 1	52.71.211.74 52.71.211.74	14618 (AMAZON-AES) (AMAZON-AES)
3 10	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
1 1	31.220.27.134 31.220.27.134	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
2 2	124.146.215.49 124.146.215.49	2514 (INFOSPHER...) (INFOSPHERE NTT PC Communications)
5 6	64.74.236.63 64.74.236.63	19024 (INTERNAP-...) (INTERNAP-BLK5)
1	99.86.4.25 99.86.4.25	16509 (AMAZON-02) (AMAZON-02)
1	23.35.236.247 23.35.236.247	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.66.97.42 18.66.97.42	16509 (AMAZON-02) (AMAZON-02)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
4	23.47.208.212 23.47.208.212	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.248.206.77 34.248.206.77	16509 (AMAZON-02) (AMAZON-02)
2	51.38.120.206 51.38.120.206	16276 (OVH) (OVH)
1 2	185.86.139.101 185.86.139.101	201081 (SMARTADSE...) (SMARTADSERVER)
7 14	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	23.75.240.210 23.75.240.210	16625 (AKAMAI-AS) (AKAMAI-AS)
4	23.205.235.133 23.205.235.133	16625 (AKAMAI-AS) (AKAMAI-AS)
2	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
5 5	37.252.172.123 37.252.172.123	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	3.229.251.39 3.229.251.39	14618 (AMAZON-AES) (AMAZON-AES)
3 3	213.19.147.44 213.19.147.44	3356 (LEVEL3) (LEVEL3)
6	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
2 2	193.0.160.129 193.0.160.129	54312 (ROCKETFUEL) (ROCKETFUEL)
3	69.166.1.10 69.166.1.10	27630 (AS-XFERNET) (AS-XFERNET)
5 5	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
2 2	3.92.9.222 3.92.9.222	14618 (AMAZON-AES) (AMAZON-AES)
2 3	18.156.32.70 18.156.32.70	16509 (AMAZON-02) (AMAZON-02)
1 1	18.184.125.137 18.184.125.137	16509 (AMAZON-02) (AMAZON-02)
1	198.47.127.19 198.47.127.19	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1 1	37.252.172.250 37.252.172.250	29990 (ASN-APPNEX) (ASN-APPNEX)
1 17	34.247.233.198 34.247.233.198	16509 (AMAZON-02) (AMAZON-02)
3 3	52.57.12.251 52.57.12.251	16509 (AMAZON-02) (AMAZON-02)
1 1	168.119.168.202 168.119.168.202	24940 (HETZNER-AS) (HETZNER-AS)
3 4	70.42.32.31 70.42.32.31	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
3 3	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
2 2	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1 1	3.231.251.159 3.231.251.159	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2a05:d018:d29... 2a05:d018:d29:3605:a43d:cfec:dc69:3aee	16509 (AMAZON-02) (AMAZON-02)
1 1	52.2.126.119 52.2.126.119	14618 (AMAZON-AES) (AMAZON-AES)
1	141.148.45.191 141.148.45.191	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
2	38.91.45.7 38.91.45.7	398989 (DEEPINTENT) (DEEPINTENT)
1 1	104.111.215.191 104.111.215.191	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	18.192.150.185 18.192.150.185	16509 (AMAZON-02) (AMAZON-02)
1 1	198.148.27.140 198.148.27.140	19189 (PULSEPOINT) (PULSEPOINT)
2 2	103.229.205.242 103.229.205.242	30419 (MEDIAMATH...) (MEDIAMATH-INC)
4 4	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
3 6	209.54.182.161 209.54.182.161	16509 (AMAZON-02) (AMAZON-02)
1	192.132.33.46 192.132.33.46	18568 (BIDTELLECT) (BIDTELLECT)
1	2606:4700::68... 2606:4700::6812:c4c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	35.169.131.238 35.169.131.238	14618 (AMAZON-AES) (AMAZON-AES)
1 1	18.205.75.24 18.205.75.24	14618 (AMAZON-AES) (AMAZON-AES)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
2	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	8.43.72.98 8.43.72.98	26667 (RUBICONPR...) (RUBICONPROJECT)
1	185.255.84.152 185.255.84.152	200271 (IGUANE-) (IGUANE-)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 2	185.86.139.115 185.86.139.115	201081 (SMARTADSE...) (SMARTADSERVER)
244	74

1 23.111.151.121 (Tampa, United States) 1 redirects

ASN29802 (HVC-AS, US)
PTR: 23-111-151-121.static.hvvc.us

turtlediary.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

47 152.199.20.123 (United States)

ASN15133 (EDGECAST, US)

www.turtlediary.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.turtlediary.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:7400:1:efdc:4e00:21 (United States)

ASN16509 (AMAZON-02, US)

dm0le9ta2f1vc.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:20::681a:6da (United States)

ASN13335 (CLOUDFLARENET, US)

qd.admetricspro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.210.193.120 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-210-193-120.compute-1.amazonaws.com

nodeaws.turtlediary.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.69.49 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 49.69.95.34.bc.googleusercontent.com

i.clean.gg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 65.9.71.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-71-118.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 151.101.130.137 (United States) 1 redirects

ASN54113 (FASTLY, US)

cd.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cds.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
capi.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vid.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.28.203.152 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com

c2shb.pubgw.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:9a9 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:272 (United States)

ASN13335 (CLOUDFLARENET, US)

mp.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.72.120.129 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-72-120-129.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 72.251.249.14 (Amsterdam, Netherlands) 2 redirects

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.59.71.86 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-71-86.eu-central-1.compute.amazonaws.com

btlr.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:20::2100 (Singapore)

ASN41041 (VCLK-EU-SE, US)

web.hb.ad.cpe.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.204.206.216 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-204-206-216.compute-1.amazonaws.com

hb.yellowblue.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 147.75.85.234 (Schiphol, Netherlands) 2 redirects

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 159.89.246.130 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

e.serverbid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
x.serverbid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.19.126 (None, )

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 52.212.200.243 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-200-243.eu-west-1.compute.amazonaws.com

ads.servenobid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.147.42 (Beverwijk, Netherlands)

ASN26120 (RHYTHMONE, US)

tag.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.22 (United States)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.123.21.200 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-21-200.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.119 (France)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.95.98.67 (France)

ASN16276 (OVH, FR)
PTR: ns3216533.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

3667980415a81f45328c5a4170e33ed7.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.194.137 (United States)

ASN54113 (FASTLY, US)

ins.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vid.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:ef75:8280:f209:5ba1 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.71.211.74 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-211-74.compute-1.amazonaws.com

fksnk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.74.194 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.220.27.134 (Amsterdam, Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

s.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 124.146.215.49 (Japan) 2 redirects

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 64.74.236.63 (United States) 5 redirects

ASN19024 (INTERNAP-BLK5, US)
PTR: chi.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-25.fra6.r.cloudfront.net

public.servenobid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.236.247 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-247.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-42.fra56.r.cloudfront.net

sync.serverbid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.47.208.212 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-47-208-212.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.248.206.77 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-206-77.eu-west-1.compute.amazonaws.com

g2.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.38.120.206 (France)

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.139.101 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 104.18.18.126 (None, ) 7 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.75.240.210 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-75-240-210.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.205.235.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-235-133.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.252.172.123 (Frankfurt am Main, Germany) 5 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.229.251.39 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-229-251-39.compute-1.amazonaws.com

x.yieldlift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.44 (Beverwijk, Netherlands) 3 redirects

ASN3356 (LEVEL3, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.0.160.129 (United States) 2 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.166.1.10 (United States)

ASN27630 (AS-XFERNET, US)

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.156.0.31 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.92.9.222 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-92-9-222.compute-1.amazonaws.com

ssp.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.156.32.70 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-32-70.eu-central-1.compute.amazonaws.com

cs.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.184.125.137 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-125-137.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.172.250 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 34.247.233.198 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com

usersync.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.57.12.251 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-12-251.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 168.119.168.202 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.202.168.119.168.clients.your-server.de

bidswitch-eu.splicky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 70.42.32.31 (United States) 3 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.184.8.90 (Amsterdam, Netherlands) 3 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.231.251.159 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-231-251-159.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3605:a43d:cfec:dc69:3aee (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.2.126.119 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-2-126-119.compute-1.amazonaws.com

sync.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.148.45.191 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)

sync.technoratimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 38.91.45.7 (United States)

ASN398989 (DEEPINTENT, US)

match.deepintent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.215.191 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.192.150.185 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-150-185.eu-central-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.140 (New York, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.229.205.242 (Singapore) 2 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.66.49 (United States) 4 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 209.54.182.161 (Ashburn, United States) 3 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com

bttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:c4c (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.169.131.238 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-169-131-238.compute-1.amazonaws.com

beacon.lynx.cognitivlabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.205.75.24 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-205-75-24.compute-1.amazonaws.com

sync.extend.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)

pixel-us-east.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.152 (Ivry-sur-Seine, France)

ASN200271 (IGUANE-, FR)

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Waldshut-Tiengen, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.139.115 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
54	turtlediary.com 1 redirects turtlediary.com — Cisco Umbrella Rank: 274687 www.turtlediary.com — Cisco Umbrella Rank: 336121 cdn.turtlediary.com — Cisco Umbrella Rank: 352685 nodeaws.turtlediary.com — Cisco Umbrella Rank: 395097	901 KB
18	gumgum.com 1 redirects g2.gumgum.com — Cisco Umbrella Rank: 1417 usersync.gumgum.com — Cisco Umbrella Rank: 1974	6 KB
17	casalemedia.com 7 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 539 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 456 r.casalemedia.com — Cisco Umbrella Rank: 778 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 525	15 KB
17	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218 googleads.g.doubleclick.net — Cisco Umbrella Rank: 52 cm.g.doubleclick.net — Cisco Umbrella Rank: 214	244 KB
13	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 123 3667980415a81f45328c5a4170e33ed7.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 159	228 KB
12	servenobid.com ads.servenobid.com — Cisco Umbrella Rank: 1767 public.servenobid.com — Cisco Umbrella Rank: 3759	8 KB
12	yahoo.com 6 redirects c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 943 ups.analytics.yahoo.com — Cisco Umbrella Rank: 278 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 488	3 KB
11	rubiconproject.com 2 redirects secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1015 eus.rubiconproject.com — Cisco Umbrella Rank: 582 pixel.rubiconproject.com — Cisco Umbrella Rank: 327 token.rubiconproject.com — Cisco Umbrella Rank: 711 pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 959	22 KB
11	connatix.com 1 redirects cd.connatix.com — Cisco Umbrella Rank: 3575 cds.connatix.com — Cisco Umbrella Rank: 3734 capi.connatix.com — Cisco Umbrella Rank: 3924 ins.connatix.com — Cisco Umbrella Rank: 5024 capi-tier-2-us-east-2.connatix.com Failed vid.connatix.com — Cisco Umbrella Rank: 4401 img.connatix.com — Cisco Umbrella Rank: 4230	422 KB
11	amazon-adsystem.com 3 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 304 s.amazon-adsystem.com — Cisco Umbrella Rank: 282	51 KB
7	serverbid.com e.serverbid.com — Cisco Umbrella Rank: 3767 sync.serverbid.com — Cisco Umbrella Rank: 7615 x.serverbid.com — Cisco Umbrella Rank: 8601	3 KB
6	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 371	2 KB
6	adnxs.com 6 redirects ib.adnxs.com — Cisco Umbrella Rank: 230 secure.adnxs.com — Cisco Umbrella Rank: 463	6 KB
6	zemanta.com 5 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 572	3 KB
6	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 493 ads.pubmatic.com — Cisco Umbrella Rank: 492 image6.pubmatic.com — Cisco Umbrella Rank: 634	24 KB
5	admetricspro.com qd.admetricspro.com — Cisco Umbrella Rank: 18944	275 KB
4	everesttech.net 4 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 590	1 KB
4	outbrain.com 3 redirects sync.outbrain.com — Cisco Umbrella Rank: 744	1 KB
4	smartadserver.com 2 redirects ssbsync.smartadserver.com — Cisco Umbrella Rank: 939 rtb-csync.smartadserver.com — Cisco Umbrella Rank: 600	2 KB
4	1rx.io 3 redirects tag.1rx.io — Cisco Umbrella Rank: 1506 sync.1rx.io — Cisco Umbrella Rank: 570	2 KB
4	lijit.com 2 redirects ap.lijit.com — Cisco Umbrella Rank: 654 ce.lijit.com — Cisco Umbrella Rank: 936	2 KB
4	gstatic.com fonts.gstatic.com www.gstatic.com	45 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 54 ajax.googleapis.com — Cisco Umbrella Rank: 286 imasdk.googleapis.com Failed	33 KB
3	creativecdn.com 3 redirects creativecdn.com — Cisco Umbrella Rank: 668	971 B
3	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 292	2 KB
3	emxdgt.com 2 redirects cs.emxdgt.com — Cisco Umbrella Rank: 952	547 B
3	sonobi.com sync.go.sonobi.com — Cisco Umbrella Rank: 992	1 KB
3	openx.net 2 redirects rtb.openx.net — Cisco Umbrella Rank: 1517 us-u.openx.net — Cisco Umbrella Rank: 399	780 B
3	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1301 id5-sync.com — Cisco Umbrella Rank: 508	15 KB
3	a-mo.net 2 redirects prebid.a-mo.net — Cisco Umbrella Rank: 1232	669 B
3	sharethrough.com btlr.sharethrough.com — Cisco Umbrella Rank: 1244	481 B
3	4dex.io script.4dex.io — Cisco Umbrella Rank: 2218 mp.4dex.io — Cisco Umbrella Rank: 2814	25 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 219	31 KB
2	mathtag.com 2 redirects sync.mathtag.com — Cisco Umbrella Rank: 476	1 KB
2	360yield.com 2 redirects ad.360yield.com — Cisco Umbrella Rank: 671	624 B
2	deepintent.com match.deepintent.com — Cisco Umbrella Rank: 913	83 B
2	disqus.com 2 redirects ssp.disqus.com — Cisco Umbrella Rank: 2420	772 B
2	rfihub.com 2 redirects p.rfihub.com — Cisco Umbrella Rank: 743	1 KB
2	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 746
2	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 594 cdn.indexww.com — Cisco Umbrella Rank: 1405	2 KB
2	socdm.com 2 redirects tg.socdm.com — Cisco Umbrella Rank: 1000	2 KB
2	google.com adservice.google.com — Cisco Umbrella Rank: 88 www.google.com — Cisco Umbrella Rank: 9	549 B
2	3lift.com tlx.3lift.com — Cisco Umbrella Rank: 617 eb2.3lift.com — Cisco Umbrella Rank: 418	698 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 45	20 KB
2	clean.gg i.clean.gg — Cisco Umbrella Rank: 1373	104 B
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 194	72 KB
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1558	487 B
1	omnitagjs.com visitor.omnitagjs.com — Cisco Umbrella Rank: 1265	158 B
1	taboola.com sync.taboola.com — Cisco Umbrella Rank: 984	99 B
1	extend.tv 1 redirects sync.extend.tv — Cisco Umbrella Rank: 1642	546 B
1	cognitivlabs.com 1 redirects beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 1369	561 B
1	bttrack.com bttrack.com — Cisco Umbrella Rank: 745	263 B
1	contextweb.com 1 redirects bh.contextweb.com — Cisco Umbrella Rank: 522	387 B
1	bluekai.com 1 redirects stags.bluekai.com — Cisco Umbrella Rank: 509	755 B
1	technoratimedia.com sync.technoratimedia.com — Cisco Umbrella Rank: 1099	293 B
1	ipredictive.com 1 redirects sync.ipredictive.com — Cisco Umbrella Rank: 1010	465 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 754	582 B
1	splicky.com 1 redirects bidswitch-eu.splicky.com — Cisco Umbrella Rank: 28041	221 B
1	advertising.com 1 redirects pixel.advertising.com — Cisco Umbrella Rank: 975	166 B
1	yieldlift.com 1 redirects x.yieldlift.com — Cisco Umbrella Rank: 3650	593 B
1	uuidksinc.net 1 redirects s.uuidksinc.net — Cisco Umbrella Rank: 3867	290 B
1	fksnk.com 1 redirects fksnk.com — Cisco Umbrella Rank: 4753	611 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 1072	463 B
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1638	333 B
1	google.de adservice.google.de — Cisco Umbrella Rank: 8811	792 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 882	648 B
1	fastclick.net secure.cdn.fastclick.net — Cisco Umbrella Rank: 1509	17 KB
1	yellowblue.io hb.yellowblue.io — Cisco Umbrella Rank: 7311	414 B
1	dotomi.com web.hb.ad.cpe.dotomi.com — Cisco Umbrella Rank: 1795	575 B
1	cloudfront.net dm0le9ta2f1vc.cloudfront.net	42 KB
0	wbtrk.net Failed um.wbtrk.net Failed
0	jquery.com Failed code.jquery.com Failed
244	72

	Domain	Requested by
37	cdn.turtlediary.com	www.turtlediary.com
17	usersync.gumgum.com	1 redirects g2.gumgum.com
11	ads.servenobid.com	qd.admetricspro.com public.servenobid.com g2.gumgum.com r.casalemedia.com ssbsync.smartadserver.com
10	cm.g.doubleclick.net	3 redirects www.turtlediary.com 3667980415a81f45328c5a4170e33ed7.safeframe.googlesyndication.com g2.gumgum.com r.casalemedia.com
10	www.turtlediary.com	www.turtlediary.com
9	dsum-sec.casalemedia.com	2 redirects r.casalemedia.com
6	s.amazon-adsystem.com	3 redirects r.casalemedia.com ssbsync.smartadserver.com
6	match.adsrvr.org	public.servenobid.com sync.serverbid.com g2.gumgum.com r.casalemedia.com
6	b1sync.zemanta.com	5 redirects www.turtlediary.com
6	c2shb.pubgw.yahoo.com	qd.admetricspro.com
6	nodeaws.turtlediary.com	www.turtlediary.com nodeaws.turtlediary.com
6	pagead2.googlesyndication.com	www.turtlediary.com dm0le9ta2f1vc.cloudfront.net 3667980415a81f45328c5a4170e33ed7.safeframe.googlesyndication.com
5	ups.analytics.yahoo.com	5 redirects
5	ib.adnxs.com	5 redirects
5	ssum-sec.casalemedia.com	5 redirects
5	tpc.googlesyndication.com	www.turtlediary.com 3667980415a81f45328c5a4170e33ed7.safeframe.googlesyndication.com
5	c.amazon-adsystem.com	dm0le9ta2f1vc.cloudfront.net c.amazon-adsystem.com
5	securepubads.g.doubleclick.net	dm0le9ta2f1vc.cloudfront.net www.googletagservices.com securepubads.g.doubleclick.net
5	qd.admetricspro.com	www.turtlediary.com qd.admetricspro.com
4	sync-tm.everesttech.net	4 redirects
4	sync.outbrain.com	3 redirects g2.gumgum.com
4	eus.rubiconproject.com	public.servenobid.com g2.gumgum.com eus.rubiconproject.com
4	ads.pubmatic.com	dm0le9ta2f1vc.cloudfront.net public.servenobid.com sync.serverbid.com g2.gumgum.com
4	cds.connatix.com	www.turtlediary.com dm0le9ta2f1vc.cloudfront.net
3	creativecdn.com	3 redirects
3	x.bidswitch.net	3 redirects
3	cs.emxdgt.com	2 redirects sync.serverbid.com
3	x.serverbid.com	sync.serverbid.com
3	sync.go.sonobi.com	public.servenobid.com sync.serverbid.com
3	sync.1rx.io	3 redirects
3	www.gstatic.com	www.turtlediary.com 3667980415a81f45328c5a4170e33ed7.safeframe.googlesyndication.com
3	e.serverbid.com	qd.admetricspro.com sync.serverbid.com
3	prebid.a-mo.net	2 redirects qd.admetricspro.com
3	btlr.sharethrough.com	qd.admetricspro.com
3	ap.lijit.com	1 redirects qd.admetricspro.com public.servenobid.com
3	cdnjs.cloudflare.com	www.turtlediary.com
3	fonts.googleapis.com	www.turtlediary.com 3667980415a81f45328c5a4170e33ed7.safeframe.googlesyndication.com
2	rtb-csync.smartadserver.com	1 redirects ssbsync.smartadserver.com
2	token.rubiconproject.com	eus.rubiconproject.com
2	sync.mathtag.com	2 redirects
2	ad.360yield.com	2 redirects
2	match.deepintent.com	g2.gumgum.com r.casalemedia.com
2	us-u.openx.net	2 redirects
2	ssp.disqus.com	2 redirects
2	p.rfihub.com	2 redirects
2	pixel.rubiconproject.com	public.servenobid.com eus.rubiconproject.com
2	secure-assets.rubiconproject.com	2 redirects
2	r.casalemedia.com	public.servenobid.com js-sec.indexww.com
2	ssbsync.smartadserver.com	1 redirects public.servenobid.com
2	onetag-sys.com	public.servenobid.com sync.serverbid.com
2	tg.socdm.com	2 redirects
2	img.connatix.com	www.turtlediary.com
2	vid.connatix.com	cd.connatix.com www.turtlediary.com
2	3667980415a81f45328c5a4170e33ed7.safeframe.googlesyndication.com	dm0le9ta2f1vc.cloudfront.net
2	id5-sync.com	cdn.id5-sync.com ssbsync.smartadserver.com
2	script.4dex.io	dm0le9ta2f1vc.cloudfront.net
2	googleads.g.doubleclick.net	dm0le9ta2f1vc.cloudfront.net
2	www.google-analytics.com	dm0le9ta2f1vc.cloudfront.net www.google-analytics.com
2	i.clean.gg	dm0le9ta2f1vc.cloudfront.net
2	www.googletagservices.com	www.turtlediary.com
1	dsp.adfarm1.adition.com	1 redirects
1	visitor.omnitagjs.com	ssbsync.smartadserver.com
1	pixel-us-east.rubiconproject.com	eus.rubiconproject.com
1	sync.taboola.com	r.casalemedia.com
1	sync.extend.tv	1 redirects
1	beacon.lynx.cognitivlabs.com	1 redirects
1	cdn.indexww.com	r.casalemedia.com
1	bttrack.com	r.casalemedia.com
1	bh.contextweb.com	1 redirects
1	stags.bluekai.com	1 redirects
1	sync.technoratimedia.com	g2.gumgum.com
1	sync.ipredictive.com	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	sync.srv.stackadapt.com	1 redirects
1	bidswitch-eu.splicky.com	1 redirects
1	secure.adnxs.com	1 redirects
1	image6.pubmatic.com	ads.pubmatic.com
1	pixel.advertising.com	1 redirects
1	x.yieldlift.com	1 redirects
1	ce.lijit.com	1 redirects
1	g2.gumgum.com	public.servenobid.com
1	eb2.3lift.com	dm0le9ta2f1vc.cloudfront.net
1	sync.serverbid.com	dm0le9ta2f1vc.cloudfront.net
1	js-sec.indexww.com	dm0le9ta2f1vc.cloudfront.net
1	public.servenobid.com	dm0le9ta2f1vc.cloudfront.net
1	rtb.openx.net	3667980415a81f45328c5a4170e33ed7.safeframe.googlesyndication.com
1	s.uuidksinc.net	1 redirects
1	fksnk.com	1 redirects
1	cms.quantserve.com	3667980415a81f45328c5a4170e33ed7.safeframe.googlesyndication.com
1	www.google.com	www.turtlediary.com
1	ins.connatix.com	cd.connatix.com
1	capi.connatix.com	cd.connatix.com
1	lb.eu-1-id5-sync.com	cdn.id5-sync.com
1	adservice.google.com	dm0le9ta2f1vc.cloudfront.net
1	adservice.google.de	dm0le9ta2f1vc.cloudfront.net
1	partner.googleadservices.com	dm0le9ta2f1vc.cloudfront.net
1	cdn.id5-sync.com	dm0le9ta2f1vc.cloudfront.net
1	secure.cdn.fastclick.net	dm0le9ta2f1vc.cloudfront.net
1	hbopenbid.pubmatic.com	qd.admetricspro.com
1	tag.1rx.io	qd.admetricspro.com
1	htlb.casalemedia.com	qd.admetricspro.com
1	hb.yellowblue.io	qd.admetricspro.com
1	web.hb.ad.cpe.dotomi.com	qd.admetricspro.com
1	tlx.3lift.com	qd.admetricspro.com
1	mp.4dex.io	qd.admetricspro.com
1	fonts.gstatic.com	fonts.googleapis.com
1	cd.connatix.com	1 redirects
1	ajax.googleapis.com	www.turtlediary.com
1	dm0le9ta2f1vc.cloudfront.net	www.turtlediary.com
1	turtlediary.com	1 redirects
0	um.wbtrk.net Failed	3667980415a81f45328c5a4170e33ed7.safeframe.googlesyndication.com
0	imasdk.googleapis.com Failed	www.turtlediary.com
0	capi-tier-2-us-east-2.connatix.com Failed	cd.connatix.com
0	code.jquery.com Failed	www.turtlediary.com
244	114

This site contains no links.

Subject Issuer	Validity	Valid
*.turtlediary.com Sectigo RSA Domain Validation Secure Server CA	`2021-12-01` - `2022-12-01`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-07-11` - `2023-07-10`	a year	crt.sh
i.clean.gg GTS CA 1D4	`2022-08-07` - `2022-11-05`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-08-02` - `2023-01-25`	6 months	crt.sh
*.3lift.com Amazon	`2022-05-13` - `2023-06-11`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-06-27` - `2023-06-05`	a year	crt.sh
*.sharethrough.com Amazon	`2022-07-14` - `2023-08-12`	a year	crt.sh
ad.cpe.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-05-31` - `2023-07-02`	a year	crt.sh
*.yellowblue.io Amazon	`2022-04-23` - `2023-05-22`	a year	crt.sh
*.a-mo.net R3	`2022-07-04` - `2022-10-02`	3 months	crt.sh
*.consumableaudio.com R3	`2022-07-05` - `2022-10-03`	3 months	crt.sh
ads.servenobid.com Amazon	`2022-05-29` - `2023-06-27`	a year	crt.sh
*.1rx.io Sectigo RSA Domain Validation Secure Server CA	`2022-06-28` - `2023-07-29`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
secure.cdn.fastclick.net DigiCert SHA2 Secure Server CA	`2022-01-15` - `2023-01-17`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.eu-1-id5-sync.com R3	`2022-08-18` - `2022-11-16`	3 months	crt.sh
*.connatix.com Go Daddy Secure Certificate Authority - G2	`2021-08-20` - `2022-09-21`	a year	crt.sh
*.id5-sync.com R3	`2022-08-18` - `2022-11-16`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.servenobid.com Amazon	`2022-02-06` - `2023-03-07`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-12-12` - `2022-12-13`	a year	crt.sh
sync.serverbid.com Amazon	`2022-04-04` - `2023-05-03`	a year	crt.sh
*.gumgum.com Amazon	`2022-05-06` - `2023-06-04`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-10` - `2023-01-03`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-17` - `2023-04-04`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2021-12-08` - `2023-01-09`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.emxdgt.com Go Daddy Secure Certificate Authority - G2	`2022-05-18` - `2023-06-19`	a year	crt.sh
*.technoratimedia.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-17` - `2022-10-05`	a year	crt.sh
*.deepintent.com Go Daddy Secure Certificate Authority - G2	`2022-05-02` - `2023-06-03`	a year	crt.sh
*.ad-server.k8s.ie.ggops.com Amazon	`2022-02-15` - `2023-03-16`	a year	crt.sh
*.bttrack.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-21` - `2023-04-20`	a year	crt.sh
*.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-21` - `2023-07-21`	a year	crt.sh

This page contains 33 frames:

Primary Page: https://www.turtlediary.com/
Frame ID: 0D7D5719E7DCA05FFABE41AB95AC8ECD
Requests: 115 HTTP requests in this frame

Frame: https://cds.connatix.com/p/178828/connatix.player.dc.js
Frame ID: 5D3FADCC13827ABBFE37DB9DB29E5836
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220825/r20190131/zrt_lookup.html
Frame ID: 41E81068220D7A790EC6FA0C10596162
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-0516794783272595&output=html&adk=1812271804&adf=3025194257&lmt=1661859360&plat=1%3A16777216%2C8%3A64%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.turtlediary.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661859360370&bpp=6&bdt=731&idt=255&shv=r20220825&mjsv=m202208250101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3493811586140&frm=20&pv=2&ga_vid=961022126.1661859361&ga_sid=1661859361&ga_hid=3149586&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761792%2C21066428&oid=2&pvsid=3629225544511929&tmod=1569497056&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=331
Frame ID: 184CF4F09D0A13154C9E867AB9D9CD57
Requests: 1 HTTP requests in this frame

Frame: https://3667980415a81f45328c5a4170e33ed7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F16BE0713722257606C9BD1FFD5DF4E4
Requests: 1 HTTP requests in this frame

Frame: https://3667980415a81f45328c5a4170e33ed7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C1CB57162E2A72211DB5CF4A5361644C
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 5CFE34112EB8911E4B54647110EFFC9E
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8CE0F587AD5A5B21A4FB257470A7E331
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/OjkVMSBLCKffYYJCcR1sndQZ2h8-FW78sMeE84aZbRQ.js
Frame ID: 0233D3AA5F373381C0FE2F77E68694D1
Requests: 1 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 06850D678AC851F430FC74EDDFD4C0E5
Requests: 13 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: FE0DB30DD61E24E2B8EC18D03D3BC6FA
Requests: 1 HTTP requests in this frame

Frame: https://sync.serverbid.com/ss/2000891.html
Frame ID: 0CC3F84347E334C63D1FE52ED388A2F9
Requests: 9 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 1571F6C400218F054E25DE7E956DB389
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156858&gdpr=0&gdpr_consent=
Frame ID: 23B79DF2C1CB20FAE612DC025C385B94
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Frame ID: 4FD269BCC9316F4CB307C729D900A2FE
Requests: 1 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: 1B10A88A5B8D66727602AF04F943B955
Requests: 16 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: C41F4118E3D3DDBA5A99A8CDB348BBB6
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: F988A618DD031FB371D98B40FD20C85A
Requests: 6 HTTP requests in this frame

Frame: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Frame ID: 02701AFE81184B3771202350B0939B21
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: 67299D600C3CF032CCC9634776EFEF3D
Requests: 4 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=6c68086c0c61793
Frame ID: B3BD8790D47117AC256B9760771416AF
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Frame ID: 5E368F24C9E1353FB436EC4E85AA032D
Requests: 1 HTTP requests in this frame

Frame: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.turtlediary.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 22B05A442395636D41CC864E0E35F094
Requests: 10 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=6f44630d-f627-4c00-9fff-aa55b725371c&gdpr=0&gdpr_consent=
Frame ID: 83EEAEAB888405B99A51B21278CB636D
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=Yw32JgAKNDhbOABC&gdpr=0&gdpr_consent=&_test=Yw32JgAKNDhbOABC
Frame ID: 4429D1167437CDECECC61606EEE14FA6
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8yZDZhOGE4OS0zNDJlLTQwZTMtODJjOC00ZmQwNTYzNGI3OTE=&gdpr=0&gdpr_consent=
Frame ID: A1E173D80D1C2849DB8D956F0E6D1FF1
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 0F2526372931B38C21186F12E4DB28D7
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Frame ID: 0CC1D7AB23D084989CA95B91A6AA59F4
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=emx&i=50711754162459423brt50801661859366508559f1
Frame ID: 196AEE95788CF33B30177D39629A926E
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=Yw32JsCo8X0AAMRCFnIAAAAA
Frame ID: 379907507DF6005CD1822E261EAB738B
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=iex&i=Yw32Jv8Bq1LdL.qE.D5HswAA%265135
Frame ID: EB2B9092D160BAC849701FCC6BFFEF03
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=kLM4dvYWRxcyUjIDYyJA&pi=gumgum&tc=1
Frame ID: B73946E0E09D5D91105D93CF7FAC481F
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: DDBCDB244A34B609B9EE37E6D2268C9C
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://turtlediary.com/ HTTP 301
https://www.turtlediary.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Socket.io (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

socket\.io.*\.js

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

244
Requests

80 %
HTTPS

24 %
IPv6

72
Domains

114
Subdomains

74
IPs

9
Countries

2505 kB
Transfer

6755 kB
Size

77
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://turtlediary.com/ HTTP 301
https://www.turtlediary.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 55

https://cd.connatix.com/connatix.player.js HTTP 302
https://cds.connatix.com/p/178828/connatix.player.dc.js

Request Chain 146

https://fksnk.com/cs/google?google_gid=CAESEPh4IBusxZUDifnz6AmKF9Y&google_cver=1&google_push=AehlK4Ax7W4-aOEjGkGvx8_AE6r3W0SFvr5g5Gk8dgbu4Qw_TMd8I4K_D5zFUZnuA-B_O9RurbpUQ4QWl-cBRVH3Hj-UHIWh4sXN5w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=NDQ2OERCNTY4NTA3NDVENw==

Request Chain 148

https://s.uuidksinc.net/match/47/?remote_uid=CAESEF-elem8zd47PuD2JBIgfZA&c_param1=AehlK4AVurUytG5-PcXCLLrv8QtjvNg0vs67dwCqo93ckv-hI442QJUZCGY0A3vkjMK9YBZi4-aKhv9IPtvv3Az4Pv1AUdz8RsDF&gdpr=%%GDPR%%&addtl_consent=%%ADDTL_CONSENT%%&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AehlK4AVurUytG5-PcXCLLrv8QtjvNg0vs67dwCqo93ckv-hI442QJUZCGY0A3vkjMK9YBZi4-aKhv9IPtvv3Az4Pv1AUdz8RsDF

Request Chain 150

https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEJ-h5wuuSbmy7X_IaiqNNMc&google_cver=1&google_push=AehlK4CTf8hXARudbj9DJeKkK-FQE2abdOterRiSFYNcmO4AiwjA2L17WkgFONMR5w-UZI0iHF9y5tXZpP1JrbX8wzZX6XnNJsO0ig HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AehlK4CTf8hXARudbj9DJeKkK-FQE2abdOterRiSFYNcmO4AiwjA2L17WkgFONMR5w-UZI0iHF9y5tXZpP1JrbX8wzZX6XnNJsO0ig&google_hm=WXczMkk4Q284WDBBQU1SQ0ZVb0FBQUFB

Request Chain 151

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEL9fJhX3-e1KM36s5A-JxFU&google_cver=1&google_push=AehlK4C-dK3ilL-iQFN_zoF7YoH_fhrSAiDq-rWQgUiN90-40Awf2l65izXW1mO1QjnXtfrelSFswB0HcpCk86U6GbRiqr21oBDszQ HTTP 302
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEL9fJhX3-e1KM36s5A-JxFU&google_push=AehlK4C-dK3ilL-iQFN_zoF7YoH_fhrSAiDq-rWQgUiN90-40Awf2l65izXW1mO1QjnXtfrelSFswB0HcpCk86U6GbRiqr21oBDszQ&s=2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AehlK4C-dK3ilL-iQFN_zoF7YoH_fhrSAiDq-rWQgUiN90-40Awf2l65izXW1mO1QjnXtfrelSFswB0HcpCk86U6GbRiqr21oBDszQ&google_hm=cVpnYWRzRHdZb18yb3Fsc2t0RzQ= HTTP 302
https://b1sync.zemanta.com/usersync/googleadx/?google_error=5

Request Chain 163

https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D HTTP 302
https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1

Request Chain 164

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east

Request Chain 166

https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fads.servenobid.com%252Fsync%253Fpid%253D312%2526uid%253D%2524UID HTTP 302
https://ads.servenobid.com/sync?pid=312&uid=50711754162459423

Request Chain 167

https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
https://ads.servenobid.com/sync?pid=310&uid=FO24pBZH6xtvluSYRCK66vHq

Request Chain 169

https://x.yieldlift.com/getuid?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D314%26uid%3D%24UID HTTP 301
https://ads.servenobid.com/sync?pid=314&uid=eyJ4dWlkIjoiYjc4ZWQ1YjItYmVhNy00M2E0LTk4NGMtZmQzNDlhYTFhMGQ0IiwiZHAiOnt9LCJiZGF5IjoiMjAyMi0wOC0zMFQxMTozNjowNi43NDQ3NloifQ==

Request Chain 170

https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1661859366416 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6436506920

Request Chain 171

https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
https://ads.servenobid.com/sync?pid=324&uid=5142336719710155790

Request Chain 173

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
https://ads.servenobid.com/sync?pid=327&uid=7c7c2717-ce4a-4c61-9992-0b5cc4ab0123&gdpr=0&gdpr_consent=&us_privacy=1YN-

Request Chain 174

https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58559/occ?verify=true HTTP 302
https://ads.servenobid.com/sync?pid=337&uid=y-Rr0egXNE2uH5CNZdSio.Zx7EgGs_q2Lr0lBj.wc-~A

Request Chain 175

https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS0yZTUyOTJjOC0xZDc2LTNlZGUtODkzZC00ODE5NWRkY2NlYzEqU2h0dHBzOi8vYWRzLnNlcnZlbm9iaWQuY29tL3N5bmM_cGlkPTM0NiZ1aWQ9dWEtMmU1MjkyYzgtMWQ3Ni0zZWRlLTg5M2QtNDgxOTVkZGNjZWMxMgIGEjgB%26buyeruid%3D HTTP 302
https://ssp.disqus.com/match?bidder=6&r=Cid1YS0yZTUyOTJjOC0xZDc2LTNlZGUtODkzZC00ODE5NWRkY2NlYzEqU2h0dHBzOi8vYWRzLnNlcnZlbm9iaWQuY29tL3N5bmM_cGlkPTM0NiZ1aWQ9dWEtMmU1MjkyYzgtMWQ3Ni0zZWRlLTg5M2QtNDgxOTVkZGNjZWMxMgIGEjgB&buyeruid=2a0554e7-627d-4d20-b5ab-d452df2bf16c&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS0yZTUyOTJjOC0xZDc2LTNlZGUtODkzZC00ODE5NWRkY2NlYzEqU2h0dHBzOi8vYWRzLnNlcnZlbm9iaWQuY29tL3N5bmM_cGlkPTM0NiZ1aWQ9dWEtMmU1MjkyYzgtMWQ3Ni0zZWRlLTg5M2QtNDgxOTVkZGNjZWMxMgIGEjgC

Request Chain 176

https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58632/occ?verify=true HTTP 302
https://ads.servenobid.com/sync?pid=339&uid=y-Rr0egXNE2uH5CNZdSio.Zx7EgGs_q2Lr0lBj.wc-~A

Request Chain 180

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D4%26spui%3D%26dpui%3D%24UID HTTP 307
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=4&spui=&dpui=FO24pBZH6xtvluSYRCK66vHq

Request Chain 182

https://p.rfihub.com/cm?pub=42786&in=1 HTTP 302
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=53&userId=5124322322947701753

Request Chain 183

https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D&s=185073&C=1 HTTP 302
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=Yw32Jv8Bq1LdL.qE.D5HswAA%265135

Request Chain 184

https://ib.adnxs.com/getuid?https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5551%26spui%3D%26dpui%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fx.serverbid.com%252Fusersync%253Fttt%253D1%2526src%253D2%2526cspi%253D0%2526cn%253D5551%2526spui%253D%2526dpui%253D%2524UID HTTP 302
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=50711754162459423

Request Chain 186

https://pixel.advertising.com/ups/56621/occ HTTP 302
https://ups.analytics.yahoo.com/ups/56621/occ HTTP 302
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=

Request Chain 187

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.turtlediary.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.turtlediary.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 189

https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
https://usersync.gumgum.com/usersync?b=apn&i=50711754162459423

Request Chain 190

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_2d6a8a89-342e-40e3-82c8-4fd05634b791&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_2d6a8a89-342e-40e3-82c8-4fd05634b791&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=ca95b234-7d8d-460b-98f0-63c290e6bfd2 HTTP 302
https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=gumgum2&expires=10&bsw_param=ca95b234-7d8d-460b-98f0-63c290e6bfd2 HTTP 302
https://usersync.gumgum.com/usersync?b=bsw&i=ca95b234-7d8d-460b-98f0-63c290e6bfd2

Request Chain 191

https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
https://usersync.gumgum.com/usersync?b=obn&i=ENC%281SrUa1wfyxU1r1j5fHwP-oGprVN0u_eicyAO1WZO93DOf4OPV4akU7i7lObd4xX6%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%281SrUa1wfyxU1r1j5fHwP-oGprVN0u_eicyAO1WZO93DOf4OPV4akU7i7lObd4xX6%29 HTTP 302
https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_2d6a8a89-342e-40e3-82c8-4fd05634b791&obuid=ENC(1SrUa1wfyxU1r1j5fHwP-oGprVN0u_eicyAO1WZO93DOf4OPV4akU7i7lObd4xX6) HTTP 302
https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
https://creativecdn.com/cm-notify?pi=outbrain HTTP 302
https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=kLM4dvYWRxcyUjIDYyJA&pi=outbrain

Request Chain 192

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
https://usersync.gumgum.com/usersync?b=opx&i=ea6f2dca-4063-4719-93a4-97aad3ee151e

Request Chain 193

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=sta&i=0-1c406ebe-fe00-4789-4deb-d6edbb04d066$ip$193.27.14.21

Request Chain 194

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=oth&i=y-xJKCM91E2pero_w34Yw2riQSZ9egxD6rrX4l~A

Request Chain 195

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
https://usersync.gumgum.com/usersync?b=vnt&i=9b226f8f-4cc0-4346-92e2-302f2f850fde

Request Chain 198

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_2d6a8a89-342e-40e3-82c8-4fd05634b791&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
https://stags.bluekai.com/site/23178?id=qZgadsDwYo_2oqlsktG4&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT24K2M5QWI42EO5MW6XZSN5YWY43LORDTIJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT24K2M5QWI42EO5MW6XZSN5YWY43LORDTIJTVONPXA4TJOZQWG6J5GEWS2LI HTTP 302
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=qZgadsDwYo_2oqlsktG4&us_privacy=1---

Request Chain 199

https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
https://usersync.gumgum.com/usersync?b=idi&i=04f9c826-ea95-402f-9735-74085eefe9a6

Request Chain 200

https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8476832798

Request Chain 201

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
https://usersync.gumgum.com/usersync?b=pln&i=hg47PwVMY0fM&ev=1&pid=558355

Request Chain 202

https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=sad&i=3255878002942032043

Request Chain 204

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
https://usersync.gumgum.com/usersync?b=mmh&i=6f44630d-f627-4c00-9fff-aa55b725371c&gdpr=0&gdpr_consent=

Request Chain 205

https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Yw32JgAKNDhbOABC HTTP 302
https://usersync.gumgum.com/usersync?b=atm&i=Yw32JgAKNDhbOABC&gdpr=0&gdpr_consent=&_test=Yw32JgAKNDhbOABC

Request Chain 209

https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY29tL3VzZXJzeW5jP2I9ZW14Jmk9JEVNWFVJRA== HTTP 302
https://cs.emxdgt.com/umcheck?apnxid=50711754162459423&redirect=https://usersync.gumgum.com/usersync?b=emx&i=$EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY29tL3VzZXJzeW5jP2I9ZW14Jmk9JEVNWFVJRA== HTTP 302
https://usersync.gumgum.com/usersync?b=emx&i=50711754162459423brt50801661859366508559f1

Request Chain 210

https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
https://usersync.gumgum.com/usersync?b=sus&i=Yw32JsCo8X0AAMRCFnIAAAAA

Request Chain 211

https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D HTTP 302
https://usersync.gumgum.com/usersync?b=iex&i=Yw32Jv8Bq1LdL.qE.D5HswAA%265135

Request Chain 212

https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
https://usersync.gumgum.com/usersync?b=rth&i=kLM4dvYWRxcyUjIDYyJA&pi=gumgum&tc=1

Request Chain 213

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
https://eus.rubiconproject.com/usync.html?p=gumgum

Request Chain 215

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yw32Jti5Yq9oyb.Glqj9ggAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIYKuxqUf3rhbMJht5N5y7c&google_cver=1&gdpr=1&google_hm=2

Request Chain 217

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yw32Ju-nxkvK5wzREW4zVQAABLsAAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yw32Ju-nxkvK5wzREW4zVQAABLsAAAIB&dcc=t

Request Chain 218

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=f17f630d-f627-4100-a862-f297629c55a1&gdpr=1&gdpr_consent=

Request Chain 221

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1 HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=Yw32JgAKN7y6mAAK HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Yw32JgAKN7y6mAAK&gdpr=1&_test=Yw32JgAKN7y6mAAK

Request Chain 224

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yw32Jti5Yq9oyb-Glqj9ggAABKwAAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yw32Jti5Yq9oyb-Glqj9ggAABKwAAAIB&dcc=t

Request Chain 225

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yw32Jv8Bq1LdL.qE.D5HswAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIYKuxqUf3rhbMJht5N5y7c&google_cver=1&gdpr=1&google_hm=2

Request Chain 227

https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=a83a2f5e-ae6c-46dd-8232-f58703962902&expiration=1693395366

Request Chain 228

https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=1&gdpr_consent= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=qZgadsDwYo_2oqlsktG4&gdpr=1

Request Chain 229

https://sync.extend.tv/r.gif?exchange=index HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=feef4ff1-2370-451f-be4b-7fa7c6a3ed5b

Request Chain 240

https://dsp.adfarm1.adition.com/cookie/?ssp=5&gdpr=0&gdpr_consent= HTTP 302
https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7137631627541936277&gdpr=0&gdpr_consent=

Request Chain 241

https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=135&partneruserid=TAM_OK&redirurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fdcm%3Fpid%3D72348060-38ad-4586-8e4f-f1e2a8e789b3%26id%3DSMART_USER_ID&gdpr=0&gdpr_consent= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=72348060-38ad-4586-8e4f-f1e2a8e789b3&id=3255878002942032043&gdpr=0&gdpr_consent= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=72348060-38ad-4586-8e4f-f1e2a8e789b3&id=3255878002942032043&gdpr=0&gdpr_consent=&dcc=t

244 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.turtlediary.com/
Redirect Chain

http://turtlediary.com/
https://www.turtlediary.com/

226 KB
47 KB

444ms
351ms

Document
text/html

152.199.20.123
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.turtlediary.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.20.123 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

Apache/2.2.15 (CentOS) /

Resource Hash

84655379562b78b8ceaad516ea420fd1a7fa635689478374b493302fbed0ffde

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: Accept, Authorization, Origin, Content-Type
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
access-control-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: max-age=10800
content-encoding: gzip
content-length: 47896
content-type: text/html; charset=utf-8
date: Tue, 30 Aug 2022 11:35:59 GMT
ec-re-ver: 3.1.4
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: Apache/2.2.15 (CentOS)
server-host: w2
vary: Accept-Encoding,User-Agent,Accept-Language
x-frame-options: SAMEORIGIN
x-mod-pagespeed: 1.13.35.2-0

Redirect headers

Content-Length: 317
Content-Type: text/html; charset=iso-8859-1
Date: Tue, 30 Aug 2022 11:35:59 GMT
Location: https://www.turtlediary.com/
Server: Apache/2.2.15 (CentOS)

GET
H2 200 A.,qg=tdcss_home,av=77.37.pagespeed.cf.wif6akoypE.css
www.turtlediary.com/min/ 270 KB
270 KB 312ms
310ms Stylesheet
text/css 152.199.20.123
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.turtlediary.com/min/A.,qg=tdcss_home,av=77.37.pagespeed.cf.wif6akoypE.css

Requested by

Host: www.turtlediary.com
URL: https://www.turtlediary.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.20.123 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

Apache/2.2.15 (CentOS) /

Resource Hash

f9a10012eb69419243defffa007806bdfe0ae259bc68394458ea6bcfdf806c1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.turtlediary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

server-host: w2
date: Tue, 30 Aug 2022 11:35:59 GMT
x-content-type-options: nosniff
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 276239
ec-re-ver: 3.1.4
last-modified: Wed, 22 Jun 2022 09:19:45 GMT
server: Apache/2.2.15 (CentOS)
x-frame-options: SAMEORIGIN
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding,User-Agent,Accept-Language
cache-control: max-age=300,private
access-control-allow-headers: Accept, Authorization, Origin, Content-Type
expires: Tue, 30 Aug 2022 11:40:59 GMT

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
1 KB 67ms
26ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Dosis:wght@200;300;400;500;600;700;800&display=swap&v=?ver=77.37

Requested by

Host: www.turtlediary.com
URL: https://www.turtlediary.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

74f43d2382f98d0dc87ca776afb2223d2df5d11e7ed7bc4e41dfc700c263b6e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.turtlediary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 30 Aug 2022 11:25:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 30 Aug 2022 11:35:59 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 30 Aug 2022 11:35:59 GMT

GET
H2 200 script.js Show response
dm0le9ta2f1vc.cloudfront.net/ 122 KB
42 KB 95ms
24ms Script
application/javascript 2600:9000:223f:7400:1:efdc:4e00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dm0le9ta2f1vc.cloudfront.net/script.js
Requested by: Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:7400:1:efdc:4e00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 505fbdd965819f7e704b5749476d6ff9373347a21684ee7fd43b41406ba95ee3

Request headers

Referer: https://www.turtlediary.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Tue, 30 Aug 2022 11:30:08 GMT
content-encoding: gzip
last-modified: Tue, 30 Aug 2022 11:19:25 GMT
server: AmazonS3
age: 352
etag: W/"ad37b852a5e5d2d3f76489a23610d145"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
cache-control: max-age=600,public,must-revalidate
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: XnswGHrYOw-ZoDVn-x5EULIPAQjh9TkUwQ8HXRZwzD3zt6iuZtUA8Q==

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 83 KB
28 KB 77ms
28ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.turtlediary.com
URL: https://www.turtlediary.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfdf39f9929a41d5c797c60c9f2c5d4d1361d7f522336a7fff5171351e8c06ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.turtlediary.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Tue, 30 Aug 2022 11:35:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28523
x-xss-protection: 0
server: sffe
etag: "1318 / 931 of 1000 / last-modified: 1661858818"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 30 Aug 2022 11:35:59 GMT

GET
H2 200 home-layout.js Show response
qd.admetricspro.com/js/turtlediary/ 12 KB
3 KB 259ms
183ms Script
application/javascript 2606:4700:20::681a:6da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qd.admetricspro.com/js/turtlediary/home-layout.js
Requested by: Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:6da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b886a752090d608a97e591463d5d26c58c9871ae59eec813e86fb8b2e0f4951e

Request headers

Referer: https://www.turtlediary.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Tue, 30 Aug 2022 11:35:59 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 25 Jun 2022 03:06:22 GMT
server: cloudflare
etag: W/"2f0b-5e23cf8b6ab2f-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k4EEtiwe9KKAxCdMGDxHPTWTh2wXJdWCHGOHdrcY2STz6aK0tTs4MY%2BTsGpNGeZ6RWJ4rp0iOPoMigc%2B1GevgF07FQOIQ6kXRj%2BHLO13do0NhAUy6dEzaA7PvQwSc0EYreN2pKHgt6K6O1cPe817fs4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 742d39e678d3bb09-MXP
expires: Tue, 30 Aug 2022 11:40:22 GMT

GET
H2 200 cmp.js Show response
qd.admetricspro.com/js/turtlediary/ 310 KB
90 KB 290ms
214ms Script
application/javascript 2606:4700:20::681a:6da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qd.admetricspro.com/js/turtlediary/cmp.js
Requested by: Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:6da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 519815bc4a3dd9a571cb56f57c7c6abfbda2b4e2de8c4b884a7535a1705438f2

Request headers

Referer: https://www.turtlediary.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Tue, 30 Aug 2022 11:35:59 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Jun 2021 14:47:10 GMT
server: cloudflare
etag: W/"4d957-5c3b56abf6028-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qtChAJBr0o1YJH%2BAF7QD8VKIKzLtCMaDCyTqjI6ricD5JF21ytqAS7wQr9wnrj6GsA9ZrHgACPmUBagW0ipPXVWK2b%2ByZvuoPIyMCJJYbx39%2Bm7Dg8j%2Bts38E44FUZKOJ6ZnHMEFKpMrhsdtNT9Bk1I%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 742d39e688d8bb09-MXP
expires: Tue, 30 Aug 2022 11:43:32 GMT

GET
H2 200 prebid.js Show response
qd.admetricspro.com/js/turtlediary/ 459 KB
131 KB 264ms
188ms Script
application/javascript 2606:4700:20::681a:6da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qd.admetricspro.com/js/turtlediary/prebid.js
Requested by: Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:6da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a7e2f2daef118825ab8bb58bc3cd9dbb3c83cb84772a08f6c5758d706fef173

Request headers

Referer: https://www.turtlediary.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Tue, 30 Aug 2022 11:35:59 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 02 May 2022 16:56:40 GMT
server: cloudflare
etag: W/"72c32-5de0a46b45676-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u4tSAHPokbPVzf1FzTZT5tRJ5iMXEHKnE3D3S3TFUHNKukudKF3WvA%2BMpbFdgifOHOLjZNw7ENmB%2BJqEMVulPBd18eWU4X8RBLc5FnHh17xuUXBddGt%2FYYxTEWGUnJ%2F8vSMBB5FK4MGNwRWoFJEay4o%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 742d39e688d7bb09-MXP
expires: Tue, 30 Aug 2022 11:41:29 GMT

GET
H2 200 engine.js Show response
qd.admetricspro.com/js/turtlediary/ 35 KB
11 KB 247ms
172ms Script
application/javascript 2606:4700:20::681a:6da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qd.admetricspro.com/js/turtlediary/engine.js
Requested by: Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:6da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e6377776a1104aed9b11142115b22dcaad3cf78ae76d255e454b04b7189af32

Request headers

Referer: https://www.turtlediary.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Tue, 30 Aug 2022 11:35:59 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 24 Jan 2022 02:31:38 GMT
server: cloudflare
etag: W/"8cae-5d64ac49b9c1c-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jbKkLoZBPPNU9JFSLwRnNJP2pbXhXvIzkfgSSvtdoUMDmkHqlGeXPSg%2Bpq3p5x5AZ5LDXK19NeYKiwx09Ftu%2FaEIp8Z9a%2F2qKVsWNWNREWTgTEyG5QiZXoQBQnrD6Hiq9dm8F3yic1e5LJw55RndQTo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 742d39e678d5bb09-MXP
expires: Tue, 30 Aug 2022 11:38:51 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 165 KB
57 KB 162ms
105ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.turtlediary.com
URL: https://www.turtlediary.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

99ff24f75b4bfc2b9efa57f859eb63434ffc42ca2d5f6253ef60d14f72043ad1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.turtlediary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 11:36:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57380
x-xss-protection: 0
server: cafe
etag: 15461740378353341512
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 30 Aug 2022 11:36:00 GMT

GET
H2 200 td-logo-3.webp
cdn.turtlediary.com/homepage/ 3 KB
3 KB 58ms
17ms Image
image/webp 152.199.20.123
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.turtlediary.com/homepage/td-logo-3.webp
Requested by: Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.20.123 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frd/E2FC) /
Resource Hash: bad4155111cfa8d146fe8dcdcf3935651d730dfd8fc67550c14f8ae8fe41bb69

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.turtlediary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

server-host: w2
date: Tue, 30 Aug 2022 11:36:00 GMT
last-modified: Thu, 25 Jul 2019 08:55:06 GMT
server: ECAcc (frd/E2FC)
age: 329049
etag: "b36-58e7d951160d4"
x-cache: HIT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2678400, public
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2870
ec-re-ver: 3.1.4

GET
H2 200 assignment.webp
cdn.turtlediary.com/homepage/ 2 KB
2 KB 62ms
21ms Image
image/webp 152.199.20.123
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.turtlediary.com/homepage/assignment.webp
Requested by: Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.20.123 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frd/E2BE) /
Resource Hash: f4a9c7e802b59da407d928f885788fca893d1e025169c9c2e32806143c23fdc0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.turtlediary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

server-host: web1
date: Tue, 30 Aug 2022 11:36:00 GMT
last-modified: Tue, 21 Jan 2020 05:49:50 GMT
server: ECAcc (frd/E2BE)
age: 1265151
etag: "8e0-59c9ff9e7bb80"
x-cache: HIT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2678400, public
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2272
ec-re-ver: 3.1.4

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 87 KB
31 KB 88ms
14ms Script
text/javascript 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: www.turtlediary.com
URL: https://www.turtlediary.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.turtlediary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 11:13:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1325
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31021
x-xss-protection: 0
last-modified: Fri, 08 May 2020 07:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Aug 2023 11:13:55 GMT

GET
H2 200 positionscroll2.js Show response
www.turtlediary.com/js/ 9 KB
3 KB 403ms
402ms Script
text/javascript 152.199.20.123
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.turtlediary.com/js/positionscroll2.js

Requested by

Host: www.turtlediary.com
URL: https://www.turtlediary.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.20.123 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

Apache/2.2.15 (CentOS) /

Resource Hash

9c5eab6657a64c3738f572154f23d884c4d15da744a4eea7f6cc0d4a942d2bd9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.turtlediary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

server-host: web1
date: Tue, 30 Aug 2022 11:36:00 GMT
content-encoding: gzip
vary: Accept-Encoding,User-Agent,Accept-Language
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2711
ec-re-ver: 3.1.4
last-modified: Fri, 01 Apr 2022 14:51:05 GMT
server: Apache/2.2.15 (CentOS)
etag: "c41a5-248c-5db98e87a0673"
x-frame-options: SAMEORIGIN
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, private
accept-ranges: bytes
access-control-allow-headers: Accept, Authorization, Origin, Content-Type
expires: Thu, 29 Sep 2022 11:36:00 GMT

GET
H2 200 jquery.modal.min.css
cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/ 3 KB
2 KB 128ms
61ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.css

Requested by

Host: www.turtlediary.com
URL: https://www.turtlediary.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eaa593bcfe485f4b5a8ac997cf9936604f9fbef91652db94a8e22b75d612bfc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.turtlediary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 11:36:00 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 9479026
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1541
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-c81"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NTUDDSpMCTThwIF50k1ThuJoSLOMbAInIqWqSBZANlzXuLfZlDoM5uJnudZ6Tmjn8p2BuKY3%2BMyGKJLzAfq%2FPldzaD1aANQ2OriNNclBaTM9XrGjSHzL9YQOD0Bk%2B8%2F6VKOk3SPMXTk3m0pWmfUG3boP"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 742d39e95fb723c7-ZRH
expires: Sun, 20 Aug 2023 11:36:00 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.0.0/ 84 KB
27 KB 126ms
60ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.0.0/jquery.min.js

Requested by

Host: www.turtlediary.com
URL: https://www.turtlediary.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.turtlediary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 11:36:00 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2739374
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27139
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-15145"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R0SObZS8w%2Bh%2FqLbajFLM%2BWLKz7IBCM5nzlKqnv5YafWJfd%2By%2BE4B%2FKBv7u1JZz9IbH5nV1Hy9ocfF%2F%2BNiuijE8KFUbTLh5SW%2BbHFhjUGxmY%2FP2n2NiIF6VvfyHiQrDlmRlyqA2%2BClMcbpK1LSqsV6DtY"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 742d39e95fba23c7-ZRH
expires: Sun, 20 Aug 2023 11:36:00 GMT

GET
H2 200 jquery.modal.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/ 5 KB
2 KB 129ms
63ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.js

Requested by

Host: www.turtlediary.com
URL: https://www.turtlediary.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7e8ed2d7bbdbcaeeee81c3433f057d64a32c000112bbd09b5969fc658d0a655

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.turtlediary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 11:36:00 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 574786
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1399
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-1359"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hDtvou4AIEmwnqbYOiPYYARFQlnCnIyExCSGaIf8oAF0FkvC8qAYa8%2ByFK5wWwZOLs5Yb5TyEq73y5izjfxlcZXTBWNzwJjt%2FGo73xRF4jOEcGD2TBUh5nYtRNll3SVd1pKzcZdFpPyYgrq7h9hGinmd"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 742d39e95fbc23c7-ZRH
expires: Sun, 20 Aug 2023 11:36:00 GMT

GET
H2 200 adv-rt-img.webp
cdn.turtlediary.com/homepage/ 6 KB
6 KB 60ms
19ms Image
image/webp 152.199.20.123
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.turtlediary.com/homepage/adv-rt-img.webp
Requested by: Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.20.123 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frd/E28F) /
Resource Hash: c561d7fffec8bd07961d6d60c7be2d27f6898d162b603329254f6dcef7394d53

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.turtlediary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

server-host: web1
date: Tue, 30 Aug 2022 11:36:00 GMT
last-modified: Thu, 25 Jul 2019 08:55:19 GMT
server: ECAcc (frd/E28F)
age: 619970
etag: "17d0-58e7d95de69b0"
x-cache: HIT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2678400, public
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6096
ec-re-ver: 3.1.4

GET
H2 200 adv-lft-img.webp
cdn.turtlediary.com/homepage/ 6 KB
6 KB 57ms
18ms Image
image/webp 152.199.20.123
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.turtlediary.com/homepage/adv-lft-img.webp
Requested by: Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.20.123 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frd/E2A9) /
Resource Hash: 35981b6766cb407cfcff7271ceff3057e9ad15da9a56bf9cac2dfe5bb9f5cf47

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.turtlediary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

server-host: w2
date: Tue, 30 Aug 2022 11:36:00 GMT
last-modified: Thu, 25 Jul 2019 08:55:06 GMT
server: ECAcc (frd/E2A9)
age: 883380
etag: "19a8-58e7d950f3df4"
x-cache: HIT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2678400, public
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6568
ec-re-ver: 3.1.4

GET
H2 200 ball-fall.webp
cdn.turtlediary.com/games/span/ 2 KB
2 KB 20ms
17ms Image
image/webp 152.199.20.123
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.turtlediary.com/games/span/ball-fall.webp
Requested by: Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.20.123 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frd/E314) /
Resource Hash: ea63f459f94ada608a16ba2f78f60ff25369c53ea9ec652068a10fd508045be2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.turtlediary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

server-host: w2
date: Tue, 30 Aug 2022 11:36:00 GMT
last-modified: Mon, 01 Aug 2022 09:16:41 GMT
server: ECAcc (frd/E314)
age: 2513189
etag: "84a-5e52a752fb040"
x-cache: HIT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2678400, public
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2122
ec-re-ver: 3.1.4

GET
H2 200 plyThumbOn.webp
cdn.turtlediary.com/homepage/ 940 B
1017 B 19ms
16ms Image
image/webp 152.199.20.123
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.turtlediary.com/homepage/plyThumbOn.webp
Requested by: Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.20.123 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frd/E2CD) /
Resource Hash: a5ee1ee672866c689ca31e8c8ed157d602f67f0e25125cadebff402152a5f0e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.turtlediary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

server-host: w2
date: Tue, 30 Aug 2022 11:36:00 GMT
last-modified: Thu, 25 Jul 2019 08:55:06 GMT
server: ECAcc (frd/E2CD)
age: 2127870
etag: "3ac-58e7d950f16e4"
x-cache: HIT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2678400, public
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 940
ec-re-ver: 3.1.4

GET
H2 200 box-size.webp
cdn.turtlediary.com/games/span/ 1 KB
1 KB 34ms
26ms Image
image/webp 152.199.20.123
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.turtlediary.com/games/span/box-size.webp
Requested by: Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.20.123 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frd/E312) /
Resource Hash: 7479d4ef40ffd56d5fa5dce55e300b60785d624df0f763a780f82002b3483d9a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.turtlediary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

server-host: web1
date: Tue, 30 Aug 2022 11:36:00 GMT
last-modified: Mon, 01 Aug 2022 09:16:45 GMT
server: ECAcc (frd/E312)
age: 2513189
etag: "4ae-5e52a756cb940"
x-cache: HIT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2678400, public
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1198
ec-re-ver: 3.1.4

GET
H2 200 bridge-down.webp
cdn.turtlediary.com/games/span/ 2 KB
2 KB 55ms
43ms Image
image/webp 152.199.20.123
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.turtlediary.com/games/span/bridge-down.webp
Requested by: Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.20.123 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frd/E319) /
Resource Hash: eed80dfe398c646f792fa412f76ba7a538d1b784c851b5aaddd07a9fe948eb01

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.turtlediary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

server-host: w2
date: Tue, 30 Aug 2022 11:36:00 GMT
last-modified: Mon, 01 Aug 2022 09:16:49 GMT
server: ECAcc (frd/E319)
age: 2513188
etag: "6a0-5e52a75a9c240"
x-cache: HIT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2678400, public
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1696
ec-re-ver: 3.1.4

GET
H2 200 circle-collector.webp
cdn.turtlediary.com/games/span/ 5 KB
5 KB 38ms
37ms Image
image/webp 152.199.20.123
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.turtlediary.com/games/span/circle-collector.webp
Requested by: Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.20.123 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frd/E288) /
Resource Hash: 5ab5df89c99435090a4fc5b31ac41d5d520deafabc93a2c20f1d4bc7034042b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.turtlediary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

server-host: web1
date: Tue, 30 Aug 2022 11:36:00 GMT
last-modified: Mon, 01 Aug 2022 11:10:16 GMT
server: ECAcc (frd/E288)
age: 2505598
etag: "1240-5e52c0b645600"
x-cache: HIT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2678400, public
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4672
ec-re-ver: 3.1.4

GET
H2 200 circle-platform.webp
cdn.turtlediary.com/games/span/ 7 KB
7 KB 39ms
39ms Image
image/webp 152.199.20.123
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.turtlediary.com/games/span/circle-platform.webp
Requested by: Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.20.123 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frd/E29B) /
Resource Hash: 59617143549980e1251db4886467b59693549fdfee7fb6e63490c4fd3485ce02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.turtlediary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

server-host: w2
date: Tue, 30 Aug 2022 11:36:00 GMT
last-modified: Mon, 01 Aug 2022 11:09:58 GMT
server: ECAcc (frd/E29B)
age: 2505551
etag: "1c40-5e52c0a51ad80"
x-cache: HIT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2678400, public
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7232
ec-re-ver: 3.1.4

GET
H2 200 color-dots.webp
cdn.turtlediary.com/games/span/ 5 KB
5 KB 67ms
21ms Image
image/webp 152.199.20.123
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.turtlediary.com/games/span/color-dots.webp
Requested by: Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.20.123 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frd/E30E) /
Resource Hash: 6279b0a9b0b726dea78e23ea4489a5454b243f9f5520169cee39b9a424cc8ccd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.turtlediary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

server-host: web1
date: Tue, 30 Aug 2022 11:36:00 GMT
last-modified: Mon, 01 Aug 2022 11:09:56 GMT
server: ECAcc (frd/E30E)
age: 2505551
etag: "1458-5e52c0a332900"
x-cache: HIT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2678400, public
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5208
ec-re-ver: 3.1.4

GET
H2 200 color-plates.webp
cdn.turtlediary.com/games/span/ 7 KB
7 KB 25ms
19ms Image
image/webp 152.199.20.123
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.turtlediary.com/games/span/color-plates.webp
Requested by: Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.20.123 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frd/E2FE) /
Resource Hash: fb0804bac34ff93677c0caf83c0b156f58e81b5958d50756f2c065da6e8b237f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.turtlediary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

server-host: w2
date: Tue, 30 Aug 2022 11:36:00 GMT
last-modified: Mon, 01 Aug 2022 11:09:28 GMT
server: ECAcc (frd/E2FE)
age: 2505551
etag: "1c60-5e52c0887ea00"
x-cache: HIT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2678400, public
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7264
ec-re-ver: 3.1.4

GET
H2 200 colored-water-and-pin.webp
cdn.turtlediary.com/games/span/ 10 KB
10 KB 27ms
21ms Image
image/webp 152.199.20.123
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.turtlediary.com/games/span/colored-water-and-pin.webp
Requested by: Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.20.123 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frd/E2DD) /
Resource Hash: a9ffbab2d89c48fa501a00c4ca9cbd4ec46eb3fb2c3db797a053425d890feed0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.turtlediary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

server-host: web1
date: Tue, 30 Aug 2022 11:36:00 GMT
last-modified: Mon, 01 Aug 2022 11:09:30 GMT
server: ECAcc (frd/E2DD)
age: 2505551
etag: "281e-5e52c08a66e80"
x-cache: HIT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2678400, public
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10270
ec-re-ver: 3.1.4

GET
H2 200 car-race-multiplayer-th.webp
cdn.turtlediary.com/games/span/ 5 KB
5 KB 30ms
24ms Image
image/webp 152.199.20.123
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.turtlediary.com/games/span/car-race-multiplayer-th.webp
Requested by: Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.20.123 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frd/E2F9) /
Resource Hash: d2531c060499a31d29528942642ecaf731ca7d26f8c2ffe3b9aba20f79a51419

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.turtlediary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

server-host: w2
date: Tue, 30 Aug 2022 11:36:00 GMT
last-modified: Thu, 25 Jul 2019 08:57:44 GMT
server: ECAcc (frd/E2F9)
age: 939129
etag: "1450-58e7d9e803bf4"
x-cache: HIT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2678400, public
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5200
ec-re-ver: 3.1.4

GET
H2 200 climbing-stickman-multiplayer.webp
cdn.turtlediary.com/games/span/ 7 KB
7 KB 28ms
22ms Image
image/webp 152.199.20.123
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.turtlediary.com/games/span/climbing-stickman-multiplayer.webp
Requested by: Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.20.123 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frd/E2B9) /
Resource Hash: 334416c325a77993e33c282928a7f6b05d28c54ed5aaebfc9fd1614008c81ab7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.turtlediary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

server-host: web1
date: Tue, 30 Aug 2022 11:36:00 GMT
last-modified: Thu, 25 Jul 2019 08:58:30 GMT
server: ECAcc (frd/E2B9)
age: 2280625
etag: "1c92-58e7da137d6c0"
x-cache: HIT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2678400, public
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7314
ec-re-ver: 3.1.4

GET
H2 200 preschool-color-by-number.webp
cdn.turtlediary.com/games/span/ 4 KB
4 KB 37ms
32ms Image
image/webp 152.199.20.123
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.turtlediary.com/games/span/preschool-color-by-number.webp
Requested by: Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.20.123 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frd/E288) /
Resource Hash: 781a26644f200441299dd3f071392c63fcf15cab6a77f699936866a2b9d6c883

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.turtlediary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

server-host: web1
date: Tue, 30 Aug 2022 11:36:00 GMT
last-modified: Thu, 25 Jul 2019 08:59:02 GMT
server: ECAcc (frd/E288)
age: 839861
etag: "109c-58e7da31bc578"
x-cache: HIT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2678400, public
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4252
ec-re-ver: 3.1.4

GET
H2 200 candy-typing.webp
cdn.turtlediary.com/games/span/ 4 KB
4 KB 20ms
19ms Image
image/webp 152.199.20.123
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.turtlediary.com/games/span/candy-typing.webp
Requested by: Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.20.123 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frd/E2B2) /
Resource Hash: 5871778f6ee047af0d2aa445d97b568e374fab1f88da69e5f1041939f3474fc4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.turtlediary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

server-host: web1
date: Tue, 30 Aug 2022 11:36:00 GMT
last-modified: Thu, 25 Jul 2019 08:58:30 GMT
server: ECAcc (frd/E2B2)
age: 595810
etag: "10b4-58e7da1387ad0"
x-cache: HIT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2678400, public
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4276
ec-re-ver: 3.1.4

GET
H2 200 balloon-typing.webp
cdn.turtlediary.com/games/span/ 3 KB
3 KB 21ms
20ms Image
image/webp 152.199.20.123
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.turtlediary.com/games/span/balloon-typing.webp
Requested by: Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.20.123 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frd/E2F9) /
Resource Hash: 4bb3c40a43446eab98cb29c3b7981dee8aa8be1be445fdcbf2e50067e39e6875

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.turtlediary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

server-host: web1
date: Tue, 30 Aug 2022 11:36:00 GMT
last-modified: Thu, 25 Jul 2019 08:58:48 GMT
server: ECAcc (frd/E2F9)
age: 242183
etag: "b14-58e7da249b038"
x-cache: HIT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2678400, public
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2836
ec-re-ver: 3.1.4

GET
H2 200 basketball.webp
cdn.turtlediary.com/games/span/ 5 KB
5 KB 22ms
22ms Image
image/webp 152.199.20.123
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.turtlediary.com/games/span/basketball.webp
Requested by: Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.20.123 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frd/E2FC) /
Resource Hash: dfb95277447e40b12c0841ece47ecc7b56e0e596e2ba986c31fb09db7d76c844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.turtlediary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

server-host: w2
date: Tue, 30 Aug 2022 11:36:00 GMT
last-modified: Thu, 25 Jul 2019 08:57:41 GMT
server: ECAcc (frd/E2FC)
age: 106656
etag: "1506-58e7d9e4ad7fc"
x-cache: HIT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2678400, public
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5382
ec-re-ver: 3.1.4

GET
H2 200 typing-race-beginner.webp
cdn.turtlediary.com/games/span/ 4 KB
4 KB 22ms
21ms Image
image/webp 152.199.20.123
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.turtlediary.com/games/span/typing-race-beginner.webp
Requested by: Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.20.123 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frd/E2CB) /
Resource Hash: bfff50bcb36b80b74e247520c693eb6fb98acf98846ec881bee58f40621bad04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.turtlediary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

server-host: web1
date: Tue, 30 Aug 2022 11:36:00 GMT
last-modified: Thu, 25 Jul 2019 09:00:05 GMT
server: ECAcc (frd/E2CB)
age: 329668
etag: "f88-58e7da6e4bf50"
x-cache: HIT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2678400, public
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3976
ec-re-ver: 3.1.4

GET
H2 200 ninja-car-race-multiplayer.webp
cdn.turtlediary.com/games/span/ 4 KB
4 KB 23ms
22ms Image
image/webp 152.199.20.123
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.turtlediary.com/games/span/ninja-car-race-multiplayer.webp
Requested by: Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.20.123 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frd/E2B4) /
Resource Hash: 92033b58253abb0529325a307ee85442a1fdea546a274288480595391784a510

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.turtlediary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

server-host: web1
date: Tue, 30 Aug 2022 11:36:00 GMT
last-modified: Thu, 25 Jul 2019 08:58:53 GMT
server: ECAcc (frd/E2B4)
age: 1570338
etag: "e96-58e7da294f9a8"
x-cache: HIT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2678400, public
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3734
ec-re-ver: 3.1.4

GET
H2 200 td-logo.webp
cdn.turtlediary.com/homepage/ 3 KB
3 KB 29ms
15ms Image
image/webp 152.199.20.123
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.turtlediary.com/homepage/td-logo.webp
Requested by: Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.20.123 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frd/E299) /
Resource Hash: bf49e27fc683ba28a41f55094272531e6b8375d5c37e90392a671f5c551a2888

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.turtlediary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

server-host: web1
date: Tue, 30 Aug 2022 11:36:00 GMT
last-modified: Thu, 25 Jul 2019 08:55:19 GMT
server: ECAcc (frd/E299)
age: 214283
etag: "a84-58e7d95da9920"
x-cache: HIT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2678400, public
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2692
ec-re-ver: 3.1.4

GET
H2 200 xleading-educators.webp
cdn.turtlediary.com/homepage/ 3 KB
3 KB 28ms
22ms Image
image/webp 152.199.20.123
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.turtlediary.com/homepage/xleading-educators.webp
Requested by: Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.20.123 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frd/E2B8) /
Resource Hash: 8c51666dc597f3c00d8b96c9cdcea12f28b4add101103868b0df81fbaa0b069f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.turtlediary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

server-host: w2
date: Tue, 30 Aug 2022 11:36:00 GMT
last-modified: Fri, 05 Jul 2019 07:16:05 GMT
server: ECAcc (frd/E2B8)
age: 2592281
etag: "c0c-58ce9de18f740"
x-cache: HIT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2678400, public
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3084
ec-re-ver: 3.1.4

GET
H2 200 gw-kids.webp
cdn.turtlediary.com/homepage/ 2 KB
3 KB 26ms
19ms Image
image/webp 152.199.20.123
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.turtlediary.com/homepage/gw-kids.webp
Requested by: Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.20.123 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frd/E2AC) /
Resource Hash: 94250919b0ff8ec072aa2503949b2aa0d54064c771413d59f9e688f4edff260d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.turtlediary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

server-host: web1
date: Tue, 30 Aug 2022 11:36:00 GMT
last-modified: Thu, 25 Jul 2019 08:55:19 GMT
server: ECAcc (frd/E2AC)
age: 1016318
etag: "9da-58e7d95de8508"
x-cache: HIT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2678400, public
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2522
ec-re-ver: 3.1.4

GET
H2 200 home-school-img.webp
cdn.turtlediary.com/homepage/ 2 KB
2 KB 24ms
18ms Image
image/webp 152.199.20.123
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.turtlediary.com/homepage/home-school-img.webp
Requested by: Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.20.123 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frd/E2A3) /
Resource Hash: fdf89d1a74034d42ce15ca995a045aa9a3dac6a12209cba90445d6a0ca2368d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.turtlediary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

server-host: web1
date: Tue, 30 Aug 2022 11:36:00 GMT
last-modified: Thu, 25 Jul 2019 08:55:19 GMT
server: ECAcc (frd/E2A3)
age: 2644510
etag: "71c-58e7d95da0898"
x-cache: HIT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2678400, public
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1820
ec-re-ver: 3.1.4

GET
H2 200 ads-badge.webp
cdn.turtlediary.com/homepage/ 3 KB
3 KB 27ms
20ms Image
image/webp 152.199.20.123
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.turtlediary.com/homepage/ads-badge.webp
Requested by: Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.20.123 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frd/E2E5) /
Resource Hash: fc76ad27ec124c4daa115980a9bea11d31252e3f7a580b455e5578f90a2ef98d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.turtlediary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

server-host: w2
date: Tue, 30 Aug 2022 11:36:00 GMT
last-modified: Mon, 08 Nov 2021 08:52:39 GMT
server: ECAcc (frd/E2E5)
age: 586692
etag: "bd8-5d0431d72c3c0"
x-cache: HIT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2678400, public
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3032
ec-re-ver: 3.1.4

GET
H/1.1 200
OK socket.io.js Show response
nodeaws.turtlediary.com/socket.io/ 105 KB
24 KB 391ms
113ms Script
application/javascript 3.210.193.120
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://nodeaws.turtlediary.com:3000/socket.io/socket.io.js
Requested by: Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.210.193.120 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-210-193-120.compute-1.amazonaws.com
Software: /
Resource Hash: 78f843d3abb760189d189f74b3f80bb0ca13e40ede8caad1c05c321ffeb78cf4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.turtlediary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 11:36:00 GMT
content-encoding: gzip
ETag: "4.4.1"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: public, max-age=0
Connection: keep-alive
Keep-Alive: timeout=5

GET
H2 200 client.js Show response
www.turtlediary.com/js/html5/ 12 KB
3 KB 501ms
484ms Script
text/javascript 152.199.20.123
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.turtlediary.com/js/html5/client.js?v=77.37

Requested by

Host: www.turtlediary.com
URL: https://www.turtlediary.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.20.123 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

Apache/2.2.15 (CentOS) /

Resource Hash

2b6a20a52a3fc9be588d2a7bffee058f4336e48f1582bb9177821af323888fde

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.turtlediary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

server-host: web1
date: Tue, 30 Aug 2022 11:36:00 GMT
content-encoding: gzip
vary: Accept-Encoding,User-Agent,Accept-Language
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3173
ec-re-ver: 3.1.4
last-modified: Mon, 11 Jul 2022 05:17:35 GMT
server: Apache/2.2.15 (CentOS)
etag: "c3735-2fd3-5e380ab77e6a5"
x-frame-options: SAMEORIGIN
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, private
accept-ranges: bytes
access-control-allow-headers: Accept, Authorization, Origin, Content-Type
expires: Thu, 29 Sep 2022 11:36:00 GMT

GET jquery-3.5.1.min.js
code.jquery.com/ 0
0

GET
H2 200 custom.js Show response
www.turtlediary.com/js/ 2 KB
877 B 519ms
503ms Script
text/javascript 152.199.20.123
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.turtlediary.com/js/custom.js?v=77.37

Requested by

Host: www.turtlediary.com
URL: https://www.turtlediary.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.20.123 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

Apache/2.2.15 (CentOS) /

Resource Hash

abb60e7cf9f019236835676934158d2c4ab822b64e56b9afa627bde68c0e4a5b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.turtlediary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

server-host: w2
date: Tue, 30 Aug 2022 11:36:00 GMT
content-encoding: gzip
vary: Accept-Encoding,User-Agent,Accept-Language
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 767
ec-re-ver: 3.1.4
last-modified: Thu, 09 Dec 2021 10:48:41 GMT
server: Apache/2.2.15 (CentOS)
etag: "c3716-888-5d2b459833bb0"
x-frame-options: SAMEORIGIN
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, private
accept-ranges: bytes
access-control-allow-headers: Accept, Authorization, Origin, Content-Type
expires: Thu, 29 Sep 2022 11:36:00 GMT

GET
H2 200 ,qg=tdjs,av=77.37.pagespeed.jm.Piv806d1Hk.js Show response
www.turtlediary.com/min/ 9 KB
4 KB 35ms
19ms Script
application/x-javascript 152.199.20.123
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.turtlediary.com/min/,qg=tdjs,av=77.37.pagespeed.jm.Piv806d1Hk.js

Requested by

Host: www.turtlediary.com
URL: https://www.turtlediary.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.20.123 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frd/E298) /

Resource Hash

4890ec8826894b4d58a2ac0857eacf719f4417ca54e595915fae5f0570dc2145

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.turtlediary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

server-host: web1
date: Tue, 30 Aug 2022 11:36:00 GMT
content-encoding: gzip
vary: Accept-Encoding
x-original-content-length: 9124
age: 4239252
x-cache: HIT
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3580
ec-re-ver: 3.1.4
last-modified: Tue, 12 Jul 2022 10:01:48 GMT
server: ECAcc (frd/E298)
etag: W/"0"
x-frame-options: SAMEORIGIN
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: Accept, Authorization, Origin, Content-Type
expires: Wed, 30 Aug 2023 11:36:00 GMT

GET
H2 200 ,qg=jqueryjs,av=77.37.pagespeed.jm.iDyG3vc4gw.js Show response
www.turtlediary.com/min/ 94 KB
33 KB 38ms
22ms Script
application/x-javascript 152.199.20.123
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.turtlediary.com/min/,qg=jqueryjs,av=77.37.pagespeed.jm.iDyG3vc4gw.js

Requested by

Host: www.turtlediary.com
URL: https://www.turtlediary.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.20.123 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frd/E29E) /

Resource Hash

0d6271f6c1c509d78ee10f14174542be0db49486fe7c23201c1b517a063f578e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.turtlediary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

server-host: w2
date: Tue, 30 Aug 2022 11:36:00 GMT
content-encoding: gzip
vary: Accept-Encoding
x-original-content-length: 95957
age: 4239251
x-cache: HIT
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33251
ec-re-ver: 3.1.4
last-modified: Tue, 12 Jul 2022 10:01:49 GMT
server: ECAcc (frd/E29E)
etag: W/"0"
x-frame-options: SAMEORIGIN
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: Accept, Authorization, Origin, Content-Type
expires: Wed, 30 Aug 2023 11:36:00 GMT

GET
H2 200 ,qg==footertdjs2,av==77.37+,qg==footertdjs1,av==77.37+,qg==footertdjs3,av==77.37.pagespeed.jc.je2L0XhuHy.js Show response
www.turtlediary.com/min/ 68 KB
19 KB 35ms
20ms Script
application/javascript 152.199.20.123
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.turtlediary.com/min/,qg==footertdjs2,av==77.37+,qg==footertdjs1,av==77.37+,qg==footertdjs3,av==77.37.pagespeed.jc.je2L0XhuHy.js

Requested by

Host: www.turtlediary.com
URL: https://www.turtlediary.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.20.123 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frd/E28C) /

Resource Hash

f1e15b14e81404fef6d664d9c1cbbbac696e3c7e61a91be65191197518140631

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.turtlediary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

server-host: w2
date: Tue, 30 Aug 2022 11:36:00 GMT
content-encoding: gzip
vary: Accept-Encoding
x-original-content-length: 67572
age: 4239215
x-cache: HIT
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19779
ec-re-ver: 3.1.4
last-modified: Tue, 12 Jul 2022 10:02:25 GMT
server: ECAcc (frd/E28C)
etag: W/"0"
x-frame-options: SAMEORIGIN
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: Accept, Authorization, Origin, Content-Type
expires: Wed, 30 Aug 2023 11:36:00 GMT

GET
H2 200 ,qg=bootstrapjs,av=77.37.pagespeed.jm.KF2cAiimnY.js Show response
www.turtlediary.com/min/ 37 KB
10 KB 36ms
21ms Script
application/x-javascript 152.199.20.123
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.turtlediary.com/min/,qg=bootstrapjs,av=77.37.pagespeed.jm.KF2cAiimnY.js

Requested by

Host: www.turtlediary.com
URL: https://www.turtlediary.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.20.123 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frd/E2D5) /

Resource Hash

580862e36ae2250047584533ef0a3cedeb941bfce494888f4998ca3024a27604

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.turtlediary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

server-host: w2
date: Tue, 30 Aug 2022 11:36:00 GMT
content-encoding: gzip
vary: Accept-Encoding
x-original-content-length: 38957
age: 4239222
x-cache: HIT
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9738
ec-re-ver: 3.1.4
last-modified: Tue, 12 Jul 2022 10:02:18 GMT
server: ECAcc (frd/E2D5)
etag: W/"0"
x-frame-options: SAMEORIGIN
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: Accept, Authorization, Origin, Content-Type
expires: Wed, 30 Aug 2023 11:36:00 GMT

POST
H2 200 1a Show response
i.clean.gg/ 0
104 B 110ms
103ms XHR
application/octet-stream 34.95.69.49
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Requested by: Host: dm0le9ta2f1vc.cloudfront.net
URL: https://dm0le9ta2f1vc.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.turtlediary.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 30 Aug 2022 11:36:00 GMT
via: 1.1 google
server: nginx/1.21.6
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

OPTIONS
H2 204 1a
i.clean.gg/ Frame 0
0 149ms
108ms Preflight
text/plain 34.95.69.49
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.turtlediary.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=utf-8
date: Tue, 30 Aug 2022 11:35:59 GMT
server: nginx/1.21.6
via: 1.1 google

GET
H2 200 pubads_impl_2022082501.js Show response
securepubads.g.doubleclick.net/gpt/ 380 KB
130 KB 64ms
16ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js

Requested by

Host: dm0le9ta2f1vc.cloudfront.net
URL: https://dm0le9ta2f1vc.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aad48e612efa9d7364a3ad0e06aaa0d46320b7a57cc13697a8997ee9ef7c9101

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.turtlediary.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Tue, 30 Aug 2022 10:03:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5576
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132254
x-xss-protection: 0
last-modified: Thu, 25 Aug 2022 08:41:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 30 Aug 2023 10:03:03 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 212 B
767 B 97ms
53ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.turtlediary.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9094ec434576a0f54487e7576a0c577c9716ac652a76e40dcfab3637f6a4b2aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.turtlediary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 30 Aug 2022 11:35:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Tue, 30 Aug 2022 11:35:59 GMT

GET
H2 200 vendor-list.json Show response
qd.admetricspro.com/js/cmp2/ 318 KB
42 KB 266ms
185ms XHR
application/json 2606:4700:20::681a:6da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qd.admetricspro.com/js/cmp2/vendor-list.json
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/turtlediary/cmp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:6da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1030fc8851425c20e532acd288aa03d709507bcd3d55367f980d55de309ead68

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.turtlediary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 11:36:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 03 May 2022 16:25:12 GMT
server: cloudflare
etag: W/"4f6fe-5de1df3ffe732"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N%2BN3sWWu%2Boc9zFOnpLE3%2Fd0QvZtvrb48VTYfaFNbGpAqANPNyGQTrSiIj%2F2Q%2BGDLP7xdD1Xvp20jplD4PJ1JotyIhOUfHmmPjShQgwBIGtHgaOmHlN4r0R2UQtK7uZ3dsmdcyO1ikRqysnzmJ9XQm%2Fo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 742d39e90e08bb2c-MXP
expires: Tue, 30 Aug 2022 11:44:34 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 161 KB
41 KB 144ms
18ms Script
application/javascript 65.9.71.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: dm0le9ta2f1vc.cloudfront.net
URL: https://dm0le9ta2f1vc.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-118.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a17bf5a5e1a1e1c69faa10ec7a45118181b51ca287bb2374c32798eff7edbb09

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.turtlediary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 30 Aug 2022 10:41:14 GMT
via: 1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront), 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
last-modified: Thu, 25 Aug 2022 16:04:11 GMT
server: AmazonS3
age: 3287
etag: W/"a702d6a9b82e18143638cd1f28cbb7a1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-pop: FRA60-P1, FRA56-C1
content-encoding: gzip
x-amz-cf-id: QG47Y5MTTn-JfqJicDqiX8WLc4-_-M9uSAf9Gexs6sTR5GbBibmLwA==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 62ms
15ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: dm0le9ta2f1vc.cloudfront.net
URL: https://dm0le9ta2f1vc.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.turtlediary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 2040
date: Tue, 30 Aug 2022 11:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 30 Aug 2022 13:02:00 GMT

GET
H2

200

connatix.player.dc.js Show response
cds.connatix.com/p/178828/ Frame 5D3F
Redirect Chain

https://cd.connatix.com/connatix.player.js
https://cds.connatix.com/p/178828/connatix.player.dc.js

1000 KB
228 KB

70ms
25ms

Script
application/javascript

151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/178828/connatix.player.dc.js
Requested by: Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol: H2
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 50696977642f55d63c9abe745bb931ceb1f132242accd9afc4249f340302883d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 11:36:00 GMT
content-encoding: br
last-modified: Tue, 30 Aug 2022 08:43:29 GMT
age: 5744
etag: "76eede0894306212b117b6a6aec963ab"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 232810

Redirect headers

location: https://cds.connatix.com/p/178828/connatix.player.dc.js
date: Tue, 30 Aug 2022 11:36:00 GMT
cache-control: no-cache, no-store, must-revalidate, max-age=0
accept-ranges: bytes
content-length: 0
access-control-max-age: 86400

GET
H2 200 fontawesome-webfont.woff2
www.turtlediary.com/fonts/new/ 65 KB
65 KB 19ms
18ms Font
application/octet-stream 152.199.20.123
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.turtlediary.com/fonts/new/fontawesome-webfont.woff2?v=4.5.0

Requested by

Host: www.turtlediary.com
URL: https://www.turtlediary.com/min/A.,qg=tdcss_home,av=77.37.pagespeed.cf.wif6akoypE.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.20.123 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frd/E2B7) /

Resource Hash

4f2721fcaed5436f55432318b274d1542e96753b56c6ec6cdbd1c0fdd46bc66d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.turtlediary.com/min/A.,qg=tdcss_home,av=77.37.pagespeed.cf.wif6akoypE.css
Origin: https://www.turtlediary.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

server-host: web1
date: Tue, 30 Aug 2022 11:36:00 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 738625
x-cache: HIT
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 66625
ec-re-ver: 3.1.4
last-modified: Tue, 03 Apr 2018 10:50:32 GMT
server: ECAcc (frd/E2B7)
etag: "165fc9-10440-568ef79bbb10d"
x-frame-options: SAMEORIGIN
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Accept, Authorization, Origin, Content-Type
expires: Thu, 29 Sep 2022 11:36:00 GMT

GET
H2 200 HhyaU5sn9vOmLzloC_U.woff2
fonts.gstatic.com/s/dosis/v27/ 29 KB
29 KB 118ms
18ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/dosis/v27/HhyaU5sn9vOmLzloC_U.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Dosis:wght@200;300;400;500;600;700;800&display=swap&v=?ver=77.37

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9d88c1280c412b1bccb32e6d99da3369feeb3fae8b64900e7066a1829385699

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.turtlediary.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 09:40:37 GMT
x-content-type-options: nosniff
age: 93323
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29436
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 20:56:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 29 Aug 2023 09:40:37 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208250101/ 343 KB
121 KB 109ms
75ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0516794783272595&plah=www.turtlediary.com

Requested by

Host: dm0le9ta2f1vc.cloudfront.net
URL: https://dm0le9ta2f1vc.cloudfront.net/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

953eff9ab0eb40b8c203e6aaf624ffb713a696b07d611ad7fa78d4373d55308d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.turtlediary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 11:36:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 123440
x-xss-protection: 0
server: cafe
etag: 9460423852441960388
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 30 Aug 2022 11:36:00 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220825/r20190131/ Frame 41E8 10 KB
5 KB 109ms
18ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220825/r20190131/zrt_lookup.html

Requested by

Host: dm0le9ta2f1vc.cloudfront.net
URL: https://dm0le9ta2f1vc.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.turtlediary.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 49547
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Aug 2022 21:50:13 GMT
etag: 8616628553774171045
expires: Mon, 12 Sep 2022 21:50:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 135ms
23ms Preflight 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://www.turtlediary.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://www.turtlediary.com
access-control-max-age: 600
age: 0
content-length: 0
date: Tue, 30 Aug 2022 11:36:00 GMT
server: ATS/9.1.10.25

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 134ms
22ms Preflight 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://www.turtlediary.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://www.turtlediary.com
access-control-max-age: 600
age: 0
content-length: 0
date: Tue, 30 Aug 2022 11:36:00 GMT
server: ATS/9.1.10.25

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 134ms
22ms Preflight 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://www.turtlediary.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://www.turtlediary.com
access-control-max-age: 600
age: 0
content-length: 0
date: Tue, 30 Aug 2022 11:36:00 GMT
server: ATS/9.1.10.25

GET
H2 200 localstore.js Show response
script.4dex.io/ 483 B
937 B 133ms
49ms Script
application/javascript 2606:4700:20::681a:9a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: dm0le9ta2f1vc.cloudfront.net
URL: https://dm0le9ta2f1vc.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.turtlediary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 11:36:00 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1895767
x-amz-request-id: txc6abd54ace594ae2a5b2f-00629f4bc7
x-amz-id-2: txc6abd54ace594ae2a5b2f-00629f4bc7
last-modified: Tue, 10 May 2022 09:57:32 GMT
server: cloudflare
etag: W/"922cffdd75f7192f75231d92684885aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fAz0ugC4QbWl9FWPh0clbcGg1R%2FlIQF7ngoU9l8b3qwN8%2FDn0Q72r8AACBdUK2TspGwjijGzLUsW84GR8YYIJ51AcxYVOUYqTqrsgLq9z4q56WLSOLoFEJHLMwcSg0a1cLMit9ytsVneU7Pn"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=1800
x-amz-version-id: 1652176652152482
cf-ray: 742d39eb5840e907-MXP

POST
H2 200 prebid Show response
mp.4dex.io/ 114 B
945 B 143ms
64ms XHR
application/json 2606:4700::6812:272
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/turtlediary/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4636f9de97f8fb6bb4b047765bc28efe8baf9e8fee333f78b127c543816818d6

Request headers

Referer: https://www.turtlediary.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 30 Aug 2022 11:36:00 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
x-warn: Process Shapings. Seat shared_indexexchange: No adunits with mapping rule and shaping, Process Shapings. Seat shared_drbanner: No adunits with mapping rule and shaping, Process Shapings. Seat shared_improvedigital: No adunits with mapping rule and shaping, Process Shapings. Seat shared_pubmatic: No adunits with mapping rule and shaping, Process Shapings. Seat shared_rubicon: No adunits with mapping rule and shaping, Process Shapings. Seat shared_33across: No adunits with mapping rule and shaping
content-encoding: gzip
x-err: Shapings: no adunits with size and seat and mapping
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.turtlediary.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 742d39eb78b0020d-ZRH
expires: 0

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
558 B 71ms
18ms XHR
application/json 3.72.120.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=6.22.0&referrer=https%3A%2F%2Fwww.turtlediary.com%2F&tmax=1000&gdpr=false

Requested by

Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/turtlediary/prebid.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.72.120.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-120-129.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.turtlediary.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 30 Aug 2022 11:36:00 GMT
accept-ch: sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile
x-auction-status: 12, 12, 12
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.turtlediary.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
300 B 57ms
24ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/turtlediary/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: d30c6e1404518a06afa28827e3a6e8b0366bcf81b04a3c92215a04092b303bd2

Request headers

Referer: https://www.turtlediary.com/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 30 Aug 2022 11:36:00 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.turtlediary.com
access-control-allow-credentials: true
content-length: 66

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
96 B 61ms
25ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/turtlediary/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: fbb90307b405341490aac22199b3cb709ba27d6659a83d18c8bf42ccb912a29a

Request headers

Referer: https://www.turtlediary.com/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 30 Aug 2022 11:36:00 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.turtlediary.com
access-control-allow-credentials: true
content-length: 66

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
96 B 86ms
52ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/turtlediary/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 48b35b7bd62aa098dcccdcd0323caf2ae8ca0273ac6ae80e62a86bf0103e2a84

Request headers

Referer: https://www.turtlediary.com/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 30 Aug 2022 11:36:00 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.turtlediary.com
access-control-allow-credentials: true
content-length: 66

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 24 B
648 B 153ms
37ms XHR
application/json 72.251.249.14
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.22.0
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/turtlediary/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: 32bd2356e4f658c4e1709bb7bade6927b655e4c3feb635538673d38b97e0059b

Request headers

Referer: https://www.turtlediary.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 30 Aug 2022 11:36:00 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://www.turtlediary.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 24

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
161 B 144ms
21ms XHR
text/plain 52.59.71.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/turtlediary/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.71.86 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-71-86.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.turtlediary.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.turtlediary.com
date: Tue, 30 Aug 2022 11:36:00 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
160 B 145ms
22ms XHR
text/plain 52.59.71.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/turtlediary/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.71.86 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-71-86.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.turtlediary.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.turtlediary.com
date: Tue, 30 Aug 2022 11:36:00 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
160 B 144ms
22ms XHR
text/plain 52.59.71.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/turtlediary/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.71.86 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-71-86.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.turtlediary.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.turtlediary.com
date: Tue, 30 Aug 2022 11:36:00 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 200 25 Show response
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 387 B
575 B 170ms
22ms XHR
application/json 2a02:fa8:8806:20::2100
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/turtlediary/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:20::2100 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: 2035db0b019a7673dcaaf2c423ee7f2164d1bd54d71d69c85ad13a7b738ee136

Request headers

Referer: https://www.turtlediary.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 30 Aug 2022 11:36:00 GMT
server: nginx
content-type: application/json
access-control-allow-origin: https://www.turtlediary.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 387
expires: 0

POST
H2 200 hb-multi Show response
hb.yellowblue.io/ 105 B
414 B 352ms
110ms XHR
application/json 52.204.206.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.yellowblue.io/hb-multi
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/turtlediary/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.204.206.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-204-206-216.compute-1.amazonaws.com
Software: /
Resource Hash: a434845061ab9f9342679399368a6b04a447068acfa407e8a6e316ee71a9e15c

Request headers

Referer: https://www.turtlediary.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 30 Aug 2022 11:36:00 GMT
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.turtlediary.com
x-reason: maxmind hosting provider
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length: 105

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
280 B 126ms
42ms XHR
text/plain 147.75.85.234
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/turtlediary/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.turtlediary.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.turtlediary.com
date: Tue, 30 Aug 2022 11:36:00 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 14
vary: origin, Accept-Encoding

POST
H2 200 v2 Show response
e.serverbid.com/api/ 16 B
392 B 444ms
129ms XHR
application/json 159.89.246.130
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://e.serverbid.com/api/v2
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/turtlediary/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c

Request headers

Referer: https://www.turtlediary.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 30 Aug 2022 11:36:00 GMT
content-encoding: gzip
access-control-max-age: 10080
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.turtlediary.com
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept
content-length: 42

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 36 B
641 B 117ms
39ms XHR
application/json 104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=256365&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%223780577b6e9f84%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.turtlediary.com%2F%22%2C%22ref%22%3A%22https%3A%2F%2Fwww.turtlediary.com%2F%22%2C%22domain%22%3A%22turtlediary.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22turtlediary.com%22%7D%2C%22keywords%22%3A%22freeeducationalgames%2Ckidseducationalgames%2Conlineeducationalgamesforkids%2Ceducationgamesonline%2Ceducationalcomputergamesforkids%2Ceducationalgamesforkidsonline%2Ckidseducationalvideos%2Cinteractiveeducationalgames%2Ckidslearninggames%2Cfreeonlinelearninggames%2Cfreekidslearninggames%2Cgudli%2Ccookiegames%2Ccookiesgames%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A3%2C%22ren%22%3Afalse%2C%22version%22%3A%226.22.0%22%2C%22userIds%22%3A%5B%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2238a103c5dcf7eff%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22256365%22%2C%22sid%22%3A%22109%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F22404337467%2C5358318%2Fturtlediary-300x250-ATF%22%2C%22gpid%22%3A%22%2F22404337467%2C5358318%2Fturtlediary-300x250-ATF%22%7D%7D%2C%7B%22id%22%3A%223995906f698982b%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22256367%22%2C%22sid%22%3A%22111%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F22404337467%2C5358318%2Fturtlediary-300x250-ATF-2%22%2C%22gpid%22%3A%22%2F22404337467%2C5358318%2Fturtlediary-300x250-ATF-2%22%7D%7D%2C%7B%22id%22%3A%2240c5ce3de2bb1a7%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22256366%22%2C%22sid%22%3A%22110%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F22404337467%2C5358318%2Fturtlediary-300x250-BTF%22%2C%22gpid%22%3A%22%2F22404337467%2C5358318%2Fturtlediary-300x250-BTF%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22admetricspro.com%22%2C%22sid%22%3A%22580%22%2C%22hp%22%3A1%2C%22rid%22%3A%22a6da36df-3d69-4fed-aa23-c9e72237f4f2%22%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/turtlediary/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ca951c59281d7d5aec5e39ec7e692594187ebc5acbb82904b6473d3f7922f98

Request headers

Referer: https://www.turtlediary.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 30 Aug 2022 11:36:00 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FKe8WLLN4xSIqAl1ySxTQqQnGAZeU9KrCKfijLFwofWkUZaztCECik9L%2FjIBrjdJaM8JhGOJfGu4oDaM2sk5gXP7OmDmeggBh4pB7zQT1F%2BIgPEdTadUP1JyU8UZccfu%2Bq6wDdyH"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.turtlediary.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 742d39eb89ae9bf2-FRA
expires: 0

POST
H2 200 adreq Show response
ads.servenobid.com/ 707 B
677 B 297ms
201ms XHR
application/json 52.212.200.243
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servenobid.com/adreq?cb=2592
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/turtlediary/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.200.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-200-243.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 53687e4ae8005f36a979037115ea1bee8ada96a1fa467c175071912bb431b644

Request headers

Referer: https://www.turtlediary.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 30 Aug 2022 11:36:00 GMT
content-encoding: gzip
amp-access-control-allow-source-origin: *
vary: accept-encoding
content-type: application/json
access-control-allow-origin: https://www.turtlediary.com
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true

POST
H2 204 mvo Show response
tag.1rx.io/rmp/66447/0/ 0
167 B 104ms
23ms XHR
text/plain 213.19.147.42
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/66447/0/mvo?z=1r&hbv=6.22,2.1
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/turtlediary/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 Beverwijk, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.turtlediary.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.turtlediary.com
pragma: no-cache
date: Tue, 30 Aug 2022 11:36:00 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
119 B 164ms
22ms XHR
text/plain 198.47.127.22
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/turtlediary/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.22 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.turtlediary.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.turtlediary.com
date: Tue, 30 Aug 2022 11:36:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 94ms
41ms XHR
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=3149586&t=pageview&_s=1&dl=https%3A%2F%2Fwww.turtlediary.com%2F&ul=en-us&de=UTF-8&dt=Educational%20Games%20%7C%20Educational%20Games%20For%20Kids%20%7C%20Turtle%20Diary&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1525096128&gjid=230641583&cid=961022126.1661859361&tid=UA-31320576-1&_gid=811299509.1661859361&_r=1&_slc=1&z=2001438686

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.turtlediary.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 30 Aug 2022 11:36:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.turtlediary.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 662 B
1023 B 38ms
28ms XHR
application/json 65.9.71.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.turtlediary.com&pubid=cb8cfc89-e83e-44aa-a3a2-ff78eda781ef
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-118.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 6493fe707262fb8d9bc0e4d487e319fc9ebe7de26ebe7e3b4f58a5d17f03a9ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.turtlediary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 07:15:33 GMT
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
server: Server
age: 15627
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.turtlediary.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
content-length: 662
x-amz-cf-id: W1XaqSYTb7c_8Ikuc-sSxTbYOj5OptCX0eqnJnnR2m5vqIeU73rEJQ==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 64 B
536 B 62ms
61ms XHR
text/javascript 65.9.71.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.turtlediary.com%2F&pid=KbTEBnXFYvsbb&cb=0&ws=1600x1200&v=22.8.221912&t=1000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1494336036845-0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F22404337467%2C5358318%2Fturtlediary-300x250-ATF%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1494336036845-1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F22404337467%2C5358318%2Fturtlediary-300x250-ATF-2%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1588684778383-0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F22404337467%2C5358318%2Fturtlediary-300x250-BTF%22%7D%5D&pubid=cb8cfc89-e83e-44aa-a3a2-ff78eda781ef&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.71.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-71-118.fra56.r.cloudfront.net

Software

Server /

Resource Hash

d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.turtlediary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 11:36:00 GMT
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-C1
x-amz-rid: 448V6AXQF3K6YWSW44N7
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.turtlediary.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 64
x-amz-cf-id: feyGRaFAKdOdGSHW90_3LULuY1GmhACIWhPUFp_sPWI3I_Js-uEfcA==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 59ms
20ms XHR
application/javascript 65.9.71.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-118.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.turtlediary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-version-id: tKimXuvhjexkvOlm5D.ynBWfUtiJgbbH
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 26747
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 24 Aug 2022 19:06:24 GMT
server: AmazonS3
date: Tue, 30 Aug 2022 04:10:13 GMT
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 b8fb5d47d5536b63dd25111404e6e2e4.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: Sxsl5E7w-pq3y1zXB5Amy1UJSVaVV2JDLpOxnMK1W5skAMdpDsvuqg==

GET
H2 200 grades.webp
cdn.turtlediary.com/homepage/ 194 KB
194 KB 19ms
17ms Image
image/webp 152.199.20.123
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.turtlediary.com/homepage/grades.webp
Requested by: Host: www.turtlediary.com
URL: https://www.turtlediary.com/min/A.,qg=tdcss_home,av=77.37.pagespeed.cf.wif6akoypE.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.20.123 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frd/E2DC) /
Resource Hash: d037ba3209044db2ccff64a55106d5e69f4f0e4b78429fcdf1ca12936edb519e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.turtlediary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

server-host: web1
date: Tue, 30 Aug 2022 11:36:00 GMT
last-modified: Thu, 10 Mar 2022 12:00:38 GMT
server: ECAcc (frd/E2DC)
age: 1541618
etag: "306de-5d9dbf65e6580"
x-cache: HIT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2678400, public
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 198366
ec-re-ver: 3.1.4

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ 53 KB
17 KB 158ms
29ms Script
application/javascript 92.123.21.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: dm0le9ta2f1vc.cloudfront.net
URL: https://dm0le9ta2f1vc.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.21.200 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-21-200.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.turtlediary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 11:36:00 GMT
content-encoding: gzip
last-modified: Tue, 01 Jun 2021 17:06:57 GMT
server: Apache
etag: "d398-5c3b75e9ebb41-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17087
expires: Tue, 30 Aug 2022 11:51:00 GMT

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 46 KB
13 KB 120ms
44ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: dm0le9ta2f1vc.cloudfront.net
URL: https://dm0le9ta2f1vc.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

722fefa695bdf5a6a1b6c2e6f0fda474edbf575098f18310f69e4540ead991df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.turtlediary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 11:36:00 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
age: 2387
x-amz-server-side-encryption: AES256
x-amz-request-id: 53ZSKAMP1VPDXRH3
x-amz-id-2: Y2CofIb5Z/wkfugaSUQQTFnOHt7RBxsAfGWajHkndU91itY262Me4rAjvZuBqEZwn8eEhxMZrPQ=
last-modified: Tue, 30 Aug 2022 09:18:48 GMT
server: cloudflare
etag: W/"6aecb9201509174b8422d19c013a2191"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 742d39ec5986021d-ZRH

GET
H2 200 grass-bg.webp
cdn.turtlediary.com/homepage/ 15 KB
15 KB 23ms
20ms Image
image/webp 152.199.20.123
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.turtlediary.com/homepage/grass-bg.webp
Requested by: Host: www.turtlediary.com
URL: https://www.turtlediary.com/min/A.,qg=tdcss_home,av=77.37.pagespeed.cf.wif6akoypE.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.20.123 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frd/E2F3) /
Resource Hash: 1d4ee19b918d965bcd79df0e57ea9b99e928e0302a09e534a587975126f2f920

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.turtlediary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

server-host: web1
date: Tue, 30 Aug 2022 11:36:00 GMT
last-modified: Thu, 25 Jul 2019 08:55:19 GMT
server: ECAcc (frd/E2F3)
age: 250308
etag: "3d6c-58e7d95dceae0"
x-cache: HIT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2678400, public
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15724
ec-re-ver: 3.1.4

GET
H2 200 circular-ribbon.png
cdn.turtlediary.com/homepage/ 4 KB
4 KB 24ms
21ms Image
image/png 152.199.20.123
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.turtlediary.com/homepage/circular-ribbon.png
Requested by: Host: www.turtlediary.com
URL: https://www.turtlediary.com/min/A.,qg=tdcss_home,av=77.37.pagespeed.cf.wif6akoypE.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.20.123 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frd/E2CC) /
Resource Hash: 68fb114544676a7ff3da526d1c5944d17659f972759f4d6712dc03989ca078a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.turtlediary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

server-host: w2
date: Tue, 30 Aug 2022 11:36:00 GMT
last-modified: Tue, 07 Jun 2022 06:36:08 GMT
server: ECAcc (frd/E2CC)
age: 1906303
etag: "e7a-5e0d5cdbe2600"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2678400, public
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3706
ec-re-ver: 3.1.4

GET
H2 200 topics.webp
cdn.turtlediary.com/homepage/ 49 KB
49 KB 25ms
22ms Image
image/webp 152.199.20.123
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.turtlediary.com/homepage/topics.webp
Requested by: Host: www.turtlediary.com
URL: https://www.turtlediary.com/min/A.,qg=tdcss_home,av=77.37.pagespeed.cf.wif6akoypE.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.20.123 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frd/E30F) /
Resource Hash: c9c48bbf1a2d7eef0e21de8b0024c680ce39da23fa6d375622a0e058e6d9b4d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.turtlediary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

server-host: web1
date: Tue, 30 Aug 2022 11:36:00 GMT
last-modified: Thu, 28 Oct 2021 11:24:59 GMT
server: ECAcc (frd/E30F)
age: 2331161
etag: "c4e2-5cf67f5faf8c0"
x-cache: HIT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2678400, public
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50402
ec-re-ver: 3.1.4

GET
H2 200 cloud-bg.png
cdn.turtlediary.com/homepage/ 8 KB
8 KB 19ms
17ms Image
image/png 152.199.20.123
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.turtlediary.com/homepage/cloud-bg.png
Requested by: Host: www.turtlediary.com
URL: https://www.turtlediary.com/min/A.,qg=tdcss_home,av=77.37.pagespeed.cf.wif6akoypE.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.20.123 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frd/E2F8) /
Resource Hash: 7b08eca7e48d4cdb0c939b874869d7e2f404de6328519c758e70301cffb01afd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.turtlediary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

server-host: w2
date: Tue, 30 Aug 2022 11:36:00 GMT
last-modified: Tue, 03 Jan 2017 10:32:28 GMT
server: ECAcc (frd/E2F8)
age: 249418
etag: "2110-5452e2f4de700"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2678400, public
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8464
ec-re-ver: 3.1.4

GET
H2 200 ajax-loader.gif
cdn.turtlediary.com/homepage/ 771 B
879 B 23ms
21ms Image
image/gif 152.199.20.123
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.turtlediary.com/homepage/ajax-loader.gif
Requested by: Host: www.turtlediary.com
URL: https://www.turtlediary.com/min/A.,qg=tdcss_home,av=77.37.pagespeed.cf.wif6akoypE.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.20.123 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frd/E2BE) /
Resource Hash: 81a161d5793ac2a33f02ddcd64fb0dc2d028616dac084e4f64e77f4898b0c4e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.turtlediary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

server-host: w2
date: Tue, 30 Aug 2022 11:36:00 GMT
last-modified: Tue, 03 Jan 2017 12:38:25 GMT
server: ECAcc (frd/E2BE)
age: 1570069
etag: "303-5452ff1bc9240"
x-cache: HIT
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2678400, public
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 771
ec-re-ver: 3.1.4

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 219 B
648 B 174ms
24ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.turtlediary.com&callback=_gfp_s_&client=ca-pub-0516794783272595

Requested by

Host: dm0le9ta2f1vc.cloudfront.net
URL: https://dm0le9ta2f1vc.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

467cb53d6936e5e9402ab0b891aa1cce6f3a0d474925440d11158c0730d2deed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.turtlediary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 11:36:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 204
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 113ms
45ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.turtlediary.com

Requested by

Host: dm0le9ta2f1vc.cloudfront.net
URL: https://dm0le9ta2f1vc.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.turtlediary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 30 Aug 2022 11:36:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 78ms
34ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.turtlediary.com

Requested by

Host: dm0le9ta2f1vc.cloudfront.net
URL: https://dm0le9ta2f1vc.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.turtlediary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 30 Aug 2022 11:36:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 53ms
52ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.turtlediary.com%2F&tn=DIV&cls=addRightSection&ign=false&pw=1600&ph=1200&x=1575&y=1175

Requested by

Host: www.turtlediary.com
URL: https://www.turtlediary.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.turtlediary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Aug 2022 11:36:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 184C 0
19 B 130ms
89ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-0516794783272595&output=html&adk=1812271804&adf=3025194257&lmt=1661859360&plat=1%3A16777216%2C8%3A64%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.turtlediary.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661859360370&bpp=6&bdt=731&idt=255&shv=r20220825&mjsv=m202208250101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3493811586140&frm=20&pv=2&ga_vid=961022126.1661859361&ga_sid=1661859361&ga_hid=3149586&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761792%2C21066428&oid=2&pvsid=3629225544511929&tmod=1569497056&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=331

Requested by

Host: dm0le9ta2f1vc.cloudfront.net
URL: https://dm0le9ta2f1vc.cloudfront.net/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.turtlediary.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 30 Aug 2022 11:36:00 GMT
expires: Tue, 30 Aug 2022 11:36:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 adagio.js Show response
script.4dex.io/ 72 KB
23 KB 111ms
36ms Fetch
application/javascript 2606:4700:20::681a:9a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: dm0le9ta2f1vc.cloudfront.net
URL: https://dm0le9ta2f1vc.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b55131eaef425cb84b957a28df5881c3c83eb11ca9c01e3abccb00baf0e377b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.turtlediary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 11:36:00 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 474478
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-request-id: tx6bf5fceb92dc449b85c95-0062a05717
x-amz-id-2: tx6bf5fceb92dc449b85c95-0062a05717
last-modified: Tue, 10 May 2022 09:57:31 GMT
server: cloudflare
etag: W/"2430496689c00115831347992a974246"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hOCpL%2BYTFBiUmBzj9kIOvt6s2rUBNkYyx1w9lAN1Qejl6S0%2FqDpS51NGvFFfeFDWq9UKk6xcYXYbYeTS0PpsMfHRQOWAaIyIaF1LHwxWeHNRCMkvRuvWcHjRbWsu7E0Rm6Fly3wzMijbagjC"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
access-control-allow-credentials: true
x-amz-version-id: 1652176651393042
cf-ray: 742d39ed0daf3752-MXP
access-control-allow-headers: Authorization

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
333 B 77ms
17ms XHR
application/json 162.19.138.119
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.eu-1-id5-sync.com/lb/v1
Requested by: Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.138.119 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31533570.ip-162-19-138.eu
Software: /
Resource Hash: f60e27beae5e9a24ea8ed0d3873df32ff43600cef161c320ec199c714bc79420

Request headers

Referer: https://www.turtlediary.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.turtlediary.com
date: Tue, 30 Aug 2022 11:36:00 GMT
transfer-encoding: chunked
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H2 200 quiz.webp
cdn.turtlediary.com/homepage/ 26 KB
26 KB 18ms
17ms Image
image/webp 152.199.20.123
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.turtlediary.com/homepage/quiz.webp
Requested by: Host: www.turtlediary.com
URL: https://www.turtlediary.com/min/A.,qg=tdcss_home,av=77.37.pagespeed.cf.wif6akoypE.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.20.123 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frd/E309) /
Resource Hash: 8a2e2fb6f3fb55c6e082d8761acce94483842596ef9cbcf2792290ed07e9a314

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.turtlediary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

server-host: web1
date: Tue, 30 Aug 2022 11:36:00 GMT
last-modified: Mon, 04 Oct 2021 09:45:07 GMT
server: ECAcc (frd/E309)
age: 935914
etag: "689c-5cd83c4a34ec0"
x-cache: HIT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2678400, public
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26780
ec-re-ver: 3.1.4

GET
H2 200 subfooter_bg.png
cdn.turtlediary.com/homepage/ 7 KB
7 KB 19ms
18ms Image
image/png 152.199.20.123
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.turtlediary.com/homepage/subfooter_bg.png
Requested by: Host: www.turtlediary.com
URL: https://www.turtlediary.com/min/A.,qg=tdcss_home,av=77.37.pagespeed.cf.wif6akoypE.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.20.123 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frd/E2F4) /
Resource Hash: 6935aeb7ce0d9da986f062094e9d6fe081cd13f29517c42bd770b72e551895b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.turtlediary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

server-host: w2
date: Tue, 30 Aug 2022 11:36:00 GMT
last-modified: Tue, 03 Jan 2017 10:32:00 GMT
server: ECAcc (frd/E2F4)
age: 1316041
etag: "1b88-5452e2da2a800"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2678400, public
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7048
ec-re-ver: 3.1.4

GET
H2 200 hls.5b3b785f487abbe00eee.js
cds.connatix.com/p/178828/ Frame 5D3F 0
47 KB 32ms
31ms Other
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/178828/hls.5b3b785f487abbe00eee.js
Requested by: Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 11:36:00 GMT
content-encoding: br
last-modified: Tue, 30 Aug 2022 08:43:29 GMT
age: 5744
etag: "182f65d040bfb9544bd8f71472475672"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 48258

GET
H2 200 player.css
cds.connatix.com/p/178828/ 59 KB
9 KB 30ms
30ms Stylesheet
text/css 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/178828/player.css
Requested by: Host: dm0le9ta2f1vc.cloudfront.net
URL: https://dm0le9ta2f1vc.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ffe461772c4b9ad4357f0c9b843d14199091bacacca645bf0a38a9bee0f8ce05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.turtlediary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 11:36:00 GMT
content-encoding: br
last-modified: Tue, 30 Aug 2022 08:43:29 GMT
age: 5743
etag: "bd3c05bb06a3a4313862d880bf9bc465"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 9119

POST
H/1.1 200 724.json Show response
id5-sync.com/g/v2/ 216 B
629 B 65ms
16ms XHR
application/json 141.95.98.67
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/724.json

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.67 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216533.ip-141-95-98.eu

Software

Resource Hash

0dbea748cd27d89085b880816c4b0bc480cf1fc1b347468d008f3272ac07221c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.turtlediary.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.turtlediary.com
date: Tue, 30 Aug 2022 11:36:00 GMT
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json;charset=UTF-8

GET
H2 200 footer-bottom-bg.png
cdn.turtlediary.com/homepage/ 655 B
778 B 18ms
17ms Image
image/png 152.199.20.123
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.turtlediary.com/homepage/footer-bottom-bg.png
Requested by: Host: www.turtlediary.com
URL: https://www.turtlediary.com/min/A.,qg=tdcss_home,av=77.37.pagespeed.cf.wif6akoypE.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.20.123 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frd/E2BB) /
Resource Hash: 3b325dc4cc400ce5817dd28c5bfaabdce34e9e637f8a25840665055ead80d727

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.turtlediary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

server-host: w2
date: Tue, 30 Aug 2022 11:36:01 GMT
last-modified: Mon, 02 Jan 2017 09:35:49 GMT
server: ECAcc (frd/E2BB)
age: 200779
etag: "28f-5451946dde740"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2678400, public
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 655
ec-re-ver: 3.1.4

GET
H2 200 footer-top-bg.png
cdn.turtlediary.com/homepage/ 635 B
848 B 20ms
19ms Image
image/png 152.199.20.123
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.turtlediary.com/homepage/footer-top-bg.png
Requested by: Host: www.turtlediary.com
URL: https://www.turtlediary.com/min/A.,qg=tdcss_home,av=77.37.pagespeed.cf.wif6akoypE.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.20.123 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frd/E2DE) /
Resource Hash: 82b1ac7bac4f54d30e2a421e5bc0a1e9fc338eb18acb299f0edd64462daf9cf7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.turtlediary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

server-host: web1
date: Tue, 30 Aug 2022 11:36:01 GMT
last-modified: Mon, 02 Jan 2017 09:35:50 GMT
server: ECAcc (frd/E2DE)
age: 403355
etag: "27b-5451946ed2980"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2678400, public
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 635
ec-re-ver: 3.1.4

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
0 49ms
49ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=esp&c=38&pc=3629225544511929&eids=44770638

Requested by

Host: dm0le9ta2f1vc.cloudfront.net
URL: https://dm0le9ta2f1vc.cloudfront.net/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.turtlediary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Aug 2022 11:36:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 229 KB
66 KB 784ms
751ms XHR
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3629225544511929&correlator=2085577421225733&eid=44770638&output=ldjh&gdfp_req=1&vrg=2022082501&ptt=17&impl=fifs&gdpr=0&tfua=0&tfcd=0&iu_parts=22404337467%3A5358318%2Cturtlediary-300x250-ATF%2Cturtlediary-300x250-ATF-2%2Cturtlediary-300x250-BTF%2Cturtlediary-AdX-Interstitial&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=300x250%2C300x250%2C300x250%2C1x1&ifi=2&adks=756861911%2C1777548779%2C4221690387%2C3549851669&sfv=1-0-38&ists=1&fas=0%2C0%2C0%2C8&fsapi=false&prev_scp=amznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7C&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1661859361041&lmt=1661859361&dlt=1661859359639&idt=319&adxs=1290%2C1290%2C1290%2C-9&adys=22%2C282%2C542%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C-1&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.turtlediary.com%2F&frm=20&vis=1&psz=300x-1%7C300x-1%7C300x-1%7C0x-1&msz=300x-1%7C300x-1%7C300x-1%7C0x-1&fws=516%2C516%2C516%2C2&ohw=1600%2C1600%2C1600%2C0&ga_vid=961022126.1661859361&ga_sid=1661859361&ga_hid=3149586&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eacd6f9fb90913a5ca306a9892074cfbf833c7818d0280fb03b02a11540d38b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.turtlediary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 11:36:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67988
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.turtlediary.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
3667980415a81f45328c5a4170e33ed7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F16B 6 KB
4 KB 93ms
26ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3667980415a81f45328c5a4170e33ed7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: dm0le9ta2f1vc.cloudfront.net
URL: https://dm0le9ta2f1vc.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.turtlediary.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 30 Aug 2022 11:36:01 GMT
expires: Wed, 30 Aug 2023 11:36:01 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads_2022082501.js Show response
securepubads.g.doubleclick.net/gpt/ 36 KB
13 KB 47ms
17ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022082501.js

Requested by

Host: dm0le9ta2f1vc.cloudfront.net
URL: https://dm0le9ta2f1vc.cloudfront.net/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c9aec4f2b8e548c9177d6710f4edf73f020c9a68f5ac7458fdd2895e337c42e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.turtlediary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 14:58:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 419840
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13586
x-xss-protection: 0
last-modified: Thu, 25 Aug 2022 08:41:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 25 Aug 2023 14:58:41 GMT

GET
H/1.1 200
OK / Show response
nodeaws.turtlediary.com/socket.io/ 97 B
373 B 425ms
212ms XHR
text/plain 3.210.193.120
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://nodeaws.turtlediary.com:3000/socket.io/?EIO=4&transport=polling&t=OBkYN4X
Requested by: Host: nodeaws.turtlediary.com
URL: https://nodeaws.turtlediary.com:3000/socket.io/socket.io.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.210.193.120 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-210-193-120.compute-1.amazonaws.com
Software: /
Resource Hash: 1c6bc9437ad433852a67980dcc243d11144706735505a7375108a18cbb1fc598

Request headers

Accept: */*
Referer: https://www.turtlediary.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 11:36:01 GMT
Vary: Origin
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: https://www.turtlediary.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=5
Content-Length: 97

GET
H2 200 g2t.turtle.png
cdn.turtlediary.com/homepage/ 5 KB
5 KB 17ms
16ms Image
image/png 152.199.20.123
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.turtlediary.com/homepage/g2t.turtle.png?ver=2
Requested by: Host: www.turtlediary.com
URL: https://www.turtlediary.com/min/A.,qg=tdcss_home,av=77.37.pagespeed.cf.wif6akoypE.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.20.123 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frd/E2B2) /
Resource Hash: e62a00258a2118faad7754b5c5c19174124e4b2ec83a330bd5f9515c19529b94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.turtlediary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

server-host: web1
date: Tue, 30 Aug 2022 11:36:01 GMT
last-modified: Wed, 04 Jan 2017 05:11:33 GMT
server: ECAcc (frd/E2B2)
age: 899283
etag: "1395-5453dd1754b40"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2678400, public
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5013
ec-re-ver: 3.1.4

POST
H2 200 pls Show response
capi.connatix.com/core/ Frame 5D3F 6 KB
3 KB 180ms
146ms XHR
application/x-protobuf 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/core/pls?v=178828
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a7a26b8135736404f185ffee33d6e5e1f58bddb55206e5880c41ac662f25a5c3

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Tue, 30 Aug 2022 11:36:01 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.turtlediary.com
access-control-max-age: 86400
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 3406

GET
H2 200 insights.bin Show response
ins.connatix.com/5a85bfb8123ac2497c77368f4ad6b2e9/ Frame 5D3F 108 B
334 B 87ms
19ms XHR
application/octet-stream 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ins.connatix.com/5a85bfb8123ac2497c77368f4ad6b2e9/insights.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 66be9f44d52117bba411612fe7ab3f66b6c30ea28db10b8e4c0dd035f7dce6cc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 11:36:01 GMT
content-encoding: gzip
last-modified: Thu, 21 Jul 2022 13:03:41 GMT
age: 1633152
etag: "f1a864c0b1a72116503491ca9c5cea7b"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 98

POST sr
capi-tier-2-us-east-2.connatix.com/tr/ Frame 5D3F 0
0

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 83 KB
28 KB 111ms
111ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: dm0le9ta2f1vc.cloudfront.net
URL: https://dm0le9ta2f1vc.cloudfront.net/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

205541a490bb02a734619166dbc224c3c37c66a387ea8a3f0e0a622a5ab9fd6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.turtlediary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 11:36:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28524
x-xss-protection: 0
server: sffe
etag: "1318 / 462 of 1000 / last-modified: 1661855724"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 30 Aug 2022 11:36:01 GMT

GET
H2 200 5_media.bin Show response
vid.connatix.com/pid-f88c779f-3ff8-46e2-a8d0-9991ffb7711d/47b2904e-6229-4f79-9cc1-d7e722175c0d/ Frame 5D3F 378 B
378 B 57ms
18ms XHR
application/octet-stream 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/pid-f88c779f-3ff8-46e2-a8d0-9991ffb7711d/47b2904e-6229-4f79-9cc1-d7e722175c0d/5_media.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ca3fd93b9e357a5b1eab3d7ef9f08092aaa0bedd9cfd0a44a4b8dd8442d71711

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 11:36:01 GMT
content-encoding: gzip
last-modified: Tue, 23 Jun 2020 13:53:59 GMT
age: 1775670
etag: "af1771734ad0865963ee730616f12ce7"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 287

GET ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 5D3F 0
0

GET
H2 200 1.png
img.connatix.com/pid-f88c779f-3ff8-46e2-a8d0-9991ffb7711d/f88c779f-3ff8-46e2-a8d0-9991ffb7711d/ 6 KB
7 KB 61ms
26ms Image
image/png 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/pid-f88c779f-3ff8-46e2-a8d0-9991ffb7711d/f88c779f-3ff8-46e2-a8d0-9991ffb7711d/1.png
Requested by: Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 739ab1cbd5fc795c806cfbc012e937834a1d566f02ed72ff02af2700c0629eb4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.turtlediary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 11:36:01 GMT
content-encoding: br
age: 2423244
etag: "DumiNnuNu90/b0QD3JCDdge4FCERvGoUsGg502wu/VY"
access-control-max-age: 86400
fastly-io-info: ifsz=8114 idim=288x42 ifmt=png ofsz=6487 odim=288x42 ofmt=png
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/png
content-length: 6487

POST
H/1.1 200
OK / Show response
nodeaws.turtlediary.com/socket.io/ 2 B
261 B 107ms
106ms XHR
text/html 3.210.193.120
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://nodeaws.turtlediary.com:3000/socket.io/?EIO=4&transport=polling&t=OBkYNC9&sid=P0N9iA0FcioFNT2GAyqV
Requested by: Host: nodeaws.turtlediary.com
URL: https://nodeaws.turtlediary.com:3000/socket.io/socket.io.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.210.193.120 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-210-193-120.compute-1.amazonaws.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept: */*
Referer: https://www.turtlediary.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-type: text/plain;charset=UTF-8

Response headers

Date: Tue, 30 Aug 2022 11:36:01 GMT
Vary: Origin
Content-Type: text/html
Access-Control-Allow-Origin: https://www.turtlediary.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=5
Content-Length: 2

GET
H/1.1 200
OK / Show response
nodeaws.turtlediary.com/socket.io/ 32 B
308 B 213ms
106ms XHR
text/plain 3.210.193.120
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://nodeaws.turtlediary.com:3000/socket.io/?EIO=4&transport=polling&t=OBkYNCB&sid=P0N9iA0FcioFNT2GAyqV
Requested by: Host: nodeaws.turtlediary.com
URL: https://nodeaws.turtlediary.com:3000/socket.io/socket.io.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.210.193.120 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-210-193-120.compute-1.amazonaws.com
Software: /
Resource Hash: 5f5ea9437798f017c4ecfa19b98617e4a2a07e49402a520b9d6eda8e5e7a2309

Request headers

Accept: */*
Referer: https://www.turtlediary.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 11:36:01 GMT
Vary: Origin
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: https://www.turtlediary.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=5
Content-Length: 32

POST ao
capi-tier-2-us-east-2.connatix.com/tr/ Frame 5D3F 0
0

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
495 B 50ms
49ms XHR
text/javascript 65.9.71.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.turtlediary.com%2F&pid=KbTEBnXFYvsbb&cb=1&ws=1600x1200&v=22.8.221912&t=2000&slots=%5B%7B%22id%22%3A%22Amazon_400x225%22%2C%22mt%22%3A%22v%22%7D%5D&cfgv=1&pubid=cb8cfc89-e83e-44aa-a3a2-ff78eda781ef&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.71.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-71-118.fra56.r.cloudfront.net

Software

Server /

Resource Hash

89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.turtlediary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 11:36:01 GMT
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-C1
x-amz-rid: 7186634QGDD8ZF7KFYRM
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.turtlediary.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: gYdfR79u6hF1k5-3Q0YHDkYA_LpWB_Eh16bD6-jGxOzfqu3-9Yuidw==

POST g
capi-tier-2-us-east-2.connatix.com/rtb/ Frame 5D3F 0
0

POST ps
capi-tier-2-us-east-2.connatix.com/tr/ Frame 5D3F 0
0

GET
H2 200 4_th.jpg
img.connatix.com/pid-f88c779f-3ff8-46e2-a8d0-9991ffb7711d/47b2904e-6229-4f79-9cc1-d7e722175c0d/ 6 KB
6 KB 27ms
26ms Image
image/jpeg 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/pid-f88c779f-3ff8-46e2-a8d0-9991ffb7711d/47b2904e-6229-4f79-9cc1-d7e722175c0d/4_th.jpg?crop=400:225,smart&width=400&height=225&format=jpeg&quality=60&fit=crop
Requested by: Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 582875c2460910782c8c8c60ca682ccc29e581f10beb6d3d6f781789fe23ff62

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.turtlediary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 11:36:01 GMT
content-encoding: br
age: 1464234
etag: "4f0A06UUSU0owCT0aX70YP5gc/5YiH3aPU80PEp8XzY"
access-control-max-age: 86400
fastly-io-info: ifsz=52433 idim=455x256 ifmt=png ofsz=6567 odim=400x225 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 6076

GET
H2 206 360_h264.mp4
vid.connatix.com/pid-f88c779f-3ff8-46e2-a8d0-9991ffb7711d/47b2904e-6229-4f79-9cc1-d7e722175c0d/ 260 KB
0 26ms
25ms Media
video/mp4 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/pid-f88c779f-3ff8-46e2-a8d0-9991ffb7711d/47b2904e-6229-4f79-9cc1-d7e722175c0d/360_h264.mp4
Requested by: Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.turtlediary.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Range: bytes=0-

Response headers

date: Tue, 30 Aug 2022 11:36:01 GMT
last-modified: Tue, 21 Jan 2020 17:58:13 GMT
age: 1826707
etag: "6af11578565fd884f0b7a7d55eb84478"
access-control-max-age: 86400
content-type: video/mp4
Content-Range: bytes 0-3627454/3627455
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
access-control-allow-origin: *
Content-Length: 3627455

GET
H2 200 prebid6.20.0-4.js Show response
cds.connatix.com/p/plugins/ 461 KB
121 KB 52ms
51ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/plugins/prebid6.20.0-4.js
Requested by: Host: dm0le9ta2f1vc.cloudfront.net
URL: https://dm0le9ta2f1vc.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d6cb3641a88d23be3e45023d313bfd54dd3640a4bfe07b3b88d63e3fba328d19

Request headers

Referer: https://www.turtlediary.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Tue, 30 Aug 2022 11:36:01 GMT
content-encoding: br
last-modified: Fri, 08 Jul 2022 12:47:31 GMT
age: 4574819
etag: "aacab17b3b3de88c898ee654d218646f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 123905

POST
H/1.1 200
OK / Show response
nodeaws.turtlediary.com/socket.io/ 2 B
261 B 108ms
107ms XHR
text/html 3.210.193.120
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://nodeaws.turtlediary.com:3000/socket.io/?EIO=4&transport=polling&t=OBkYNFZ&sid=P0N9iA0FcioFNT2GAyqV
Requested by: Host: nodeaws.turtlediary.com
URL: https://nodeaws.turtlediary.com:3000/socket.io/socket.io.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.210.193.120 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-210-193-120.compute-1.amazonaws.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept: */*
Referer: https://www.turtlediary.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-type: text/plain;charset=UTF-8

Response headers

Date: Tue, 30 Aug 2022 11:36:01 GMT
Vary: Origin
Content-Type: text/html
Access-Control-Allow-Origin: https://www.turtlediary.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=5
Content-Length: 2

GET
H/1.1 200
OK / Show response
nodeaws.turtlediary.com/socket.io/ 1 B
276 B 393ms
393ms XHR
text/plain 3.210.193.120
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://nodeaws.turtlediary.com:3000/socket.io/?EIO=4&transport=polling&t=OBkYNFZ.0&sid=P0N9iA0FcioFNT2GAyqV
Requested by: Host: nodeaws.turtlediary.com
URL: https://nodeaws.turtlediary.com:3000/socket.io/socket.io.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.210.193.120 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-210-193-120.compute-1.amazonaws.com
Software: /
Resource Hash: e7f6c011776e8db7cd330b54174fd76f7d0216b612387a5ffcfb81e6f0919683

Request headers

Accept: */*
Referer: https://www.turtlediary.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 11:36:02 GMT
Vary: Origin
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: https://www.turtlediary.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=5
Content-Length: 1

GET
H3 200 container.html Show response
3667980415a81f45328c5a4170e33ed7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C1CB 6 KB
3 KB 61ms
24ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3667980415a81f45328c5a4170e33ed7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: dm0le9ta2f1vc.cloudfront.net
URL: https://dm0le9ta2f1vc.cloudfront.net/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.turtlediary.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 30 Aug 2022 11:36:01 GMT
expires: Wed, 30 Aug 2023 11:36:01 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css2
fonts.googleapis.com/ Frame C1CB 4 KB
636 B 60ms
26ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: 3667980415a81f45328c5a4170e33ed7.safeframe.googlesyndication.com
URL: https://3667980415a81f45328c5a4170e33ed7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3667980415a81f45328c5a4170e33ed7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 30 Aug 2022 10:03:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 30 Aug 2022 11:36:02 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 30 Aug 2022 11:36:02 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 5CFE 8 KB
893 B 26ms
26ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: www.turtlediary.com
URL: https://www.turtlediary.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3667980415a81f45328c5a4170e33ed7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 30 Aug 2022 10:04:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 30 Aug 2022 11:36:02 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 30 Aug 2022 11:36:02 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220825/r20110914/client/ Frame 5CFE 2 KB
982 B 75ms
31ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220825/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: www.turtlediary.com
URL: https://www.turtlediary.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3667980415a81f45328c5a4170e33ed7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 11:32:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 227
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Sep 2022 11:32:15 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220825/r20110914/ Frame 5CFE 23 KB
10 KB 59ms
16ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220825/r20110914/abg_lite_fy2021.js

Requested by

Host: www.turtlediary.com
URL: https://www.turtlediary.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f63e08b18115b72e6d2cbe9db5f7527d2731545d38beae54317e10cfe0f58fc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3667980415a81f45328c5a4170e33ed7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 11:20:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 937
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9615
x-xss-protection: 0
server: cafe
etag: 5965352936607719246
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Sep 2022 11:20:25 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220825/r20110914/client/ Frame 5CFE 3 KB
1 KB 74ms
32ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220825/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.turtlediary.com
URL: https://www.turtlediary.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3667980415a81f45328c5a4170e33ed7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 11:30:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 346
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Sep 2022 11:30:16 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5CFE 141 KB
44 KB 76ms
34ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.turtlediary.com
URL: https://www.turtlediary.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d94a91612f816c172c583d17bb06e140969a22fae663e7b8cae7d18d55eb2c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3667980415a81f45328c5a4170e33ed7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 11:36:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44757
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661773661488070"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 30 Aug 2022 11:36:02 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220825/r20110914/client/ Frame 5CFE 17 KB
8 KB 60ms
19ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220825/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: www.turtlediary.com
URL: https://www.turtlediary.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3667980415a81f45328c5a4170e33ed7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 11:23:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 767
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Sep 2022 11:23:15 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 5CFE 0
0 68ms
25ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaShhx8cehqORgAE_nsBYM0EUKE4Mb3Ql7e5z6ZpAfos44kjmatBAlJn6QN_7cuAGUU-LnR0u-dTJi_yeizdyJI__hSV5Q
Requested by: Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3667980415a81f45328c5a4170e33ed7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H2 200 e3ca5db921b3b46420ba257a4c2f6b26.js Show response
www.gstatic.com/mysidia/ Frame 5CFE 33 KB
14 KB 59ms
17ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e3ca5db921b3b46420ba257a4c2f6b26.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: www.turtlediary.com
URL: https://www.turtlediary.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24302eeb5b736bcc9f610299a37ac5dcf7e5b4c11591489fe9ad89f1533bd09b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3667980415a81f45328c5a4170e33ed7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 22:39:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 478600
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13683
x-xss-protection: 0
last-modified: Mon, 22 Aug 2022 19:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 22 Nov 2022 22:39:22 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220825/r20110914/elements/html/ Frame C1CB 19 KB
8 KB 58ms
21ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220825/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: 3667980415a81f45328c5a4170e33ed7.safeframe.googlesyndication.com
URL: https://3667980415a81f45328c5a4170e33ed7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b3d58bcf272258d6dde92e0123d8bd16f3caf1c4a025147c5964fe778e064e6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3667980415a81f45328c5a4170e33ed7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 11:08:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1681
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8311
x-xss-protection: 0
server: cafe
etag: 13410161823615325117
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Sep 2022 11:08:01 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame C1CB 205 B
518 B 55ms
21ms Image
image/png 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: 3667980415a81f45328c5a4170e33ed7.safeframe.googlesyndication.com
URL: https://3667980415a81f45328c5a4170e33ed7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3667980415a81f45328c5a4170e33ed7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 11:21:31 GMT
x-content-type-options: nosniff
age: 871
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 30 Aug 2023 11:21:31 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame C1CB 604 B
694 B 56ms
22ms Image
image/png 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: 3667980415a81f45328c5a4170e33ed7.safeframe.googlesyndication.com
URL: https://3667980415a81f45328c5a4170e33ed7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3667980415a81f45328c5a4170e33ed7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 09:58:51 GMT
x-content-type-options: nosniff
age: 5831
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 30 Aug 2023 09:58:51 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 8CE0 1 KB
749 B 17ms
16ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 3667980415a81f45328c5a4170e33ed7.safeframe.googlesyndication.com
URL: https://3667980415a81f45328c5a4170e33ed7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3667980415a81f45328c5a4170e33ed7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 75838
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Aug 2022 14:32:04 GMT
etag: 48472445140208031
expires: Tue, 30 Aug 2022 14:32:04 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dpixel
cms.quantserve.com/ Frame 8CE0 35 B
463 B 71ms
18ms Image
image/gif 2620:116:800d:21:ef75:8280:f209:5ba1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELfTfNoFVnsFZNLH9lVp2jk&google_cver=1&google_push=AehlK4Cqo_QIK7LCz5ooUMEM-p_ueu-8oJOIw1stUNxVEnbxw6EM0syGhwHMwJ6f_oC2piT3I-uhSo8TUzScUGURYRRgcNuFaNVbVQ

Requested by

Host: 3667980415a81f45328c5a4170e33ed7.safeframe.googlesyndication.com
URL: https://3667980415a81f45328c5a4170e33ed7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Aug 2022 11:36:02 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8CE0
Redirect Chain

https://fksnk.com/cs/google?google_gid=CAESEPh4IBusxZUDifnz6AmKF9Y&google_cver=1&google_push=AehlK4Ax7W4-aOEjGkGvx8_AE6r3W0SFvr5g5Gk8dgbu4Qw_TMd8I4K_D5zFUZnuA-B_O9RurbpUQ4QWl-cBRVH3Hj-UHIWh4sXN5w
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=NDQ2OERCNTY4NTA3NDVENw==

170 B
188 B

26ms
26ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=NDQ2OERCNTY4NTA3NDVENw==

Requested by

Host: www.turtlediary.com
URL: https://www.turtlediary.com/

Protocol

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Aug 2022 11:36:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=NDQ2OERCNTY4NTA3NDVENw==
date: Tue, 30 Aug 2022 11:36:02 GMT
content-language: en-US
content-type: text/html;charset=ISO-8859-1

GET match
um.wbtrk.net/doubleclick/user/ Frame 8CE0 0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8CE0
Redirect Chain

https://s.uuidksinc.net/match/47/?remote_uid=CAESEF-elem8zd47PuD2JBIgfZA&c_param1=AehlK4AVurUytG5-PcXCLLrv8QtjvNg0vs67dwCqo93ckv-hI442QJUZCGY0A3vkjMK9YBZi4-aKhv9IPtvv3Az4Pv1AUdz8RsDF&gdpr=%%GDPR%%&...
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AehlK4AVurUytG5-PcXCLLrv8QtjvNg0vs67dwCqo93ckv-hI442QJUZCGY0A3vkjMK9YBZi4-aKhv9IPtvv3Az4Pv1AUdz8RsDF

170 B
188 B

79ms
34ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AehlK4AVurUytG5-PcXCLLrv8QtjvNg0vs67dwCqo93ckv-hI442QJUZCGY0A3vkjMK9YBZi4-aKhv9IPtvv3Az4Pv1AUdz8RsDF

Requested by

Host: www.turtlediary.com
URL: https://www.turtlediary.com/

Protocol

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Aug 2022 11:36:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AehlK4AVurUytG5-PcXCLLrv8QtjvNg0vs67dwCqo93ckv-hI442QJUZCGY0A3vkjMK9YBZi4-aKhv9IPtvv3Az4Pv1AUdz8RsDF
date: Tue, 30 Aug 2022 11:36:02 GMT
server: nginx/1.19.0
content-length: 0

GET
H2 200 dds
rtb.openx.net/sync/ Frame 8CE0 43 B
351 B 80ms
29ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESECqUD0axWOMa-hGyJWGqDdo&google_cver=1&google_push=AehlK4AQm6mGSXutkbobkfPSnpsf3zjN2ABodLKOnOJGRpcgJRCBBNJ9Gz4_gGIjaGagYe_3Zim15yC4f4RP9P3luLn2ggjq3Kuc9Q
Requested by: Host: 3667980415a81f45328c5a4170e33ed7.safeframe.googlesyndication.com
URL: https://3667980415a81f45328c5a4170e33ed7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Aug 2022 11:36:01 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 5cm7f3dedr3fa9k1kavcfbgcesqptn32

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8CE0
Redirect Chain

https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEJ-h5wuuSbmy7X_IaiqNNMc&google_cver=1&google_push=AehlK4CTf8hXARudbj9DJeKkK-FQE2abdOterRiSFYNcmO4AiwjA2L17WkgFONMR5w-UZI0iHF9y5...
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AehlK4CTf8hXARudbj9DJeKkK-FQE2abdOterRiSFYNcmO4AiwjA2L17WkgFONMR5w-UZI0iHF9y5tXZpP1JrbX8wzZX6XnNJsO0ig&google_hm=WXczMkk4Q...

170 B
188 B

34ms
33ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AehlK4CTf8hXARudbj9DJeKkK-FQE2abdOterRiSFYNcmO4AiwjA2L17WkgFONMR5w-UZI0iHF9y5tXZpP1JrbX8wzZX6XnNJsO0ig&google_hm=WXczMkk4Q284WDBBQU1SQ0ZVb0FBQUFB

Requested by

Host: www.turtlediary.com
URL: https://www.turtlediary.com/

Protocol

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Aug 2022 11:36:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

X-SO-Cluster-ID: 9
Date: Tue, 30 Aug 2022 11:36:03 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/rtb\/sync_before?google_cver=1&google_gid=CAESEJ-h5wuuSbmy7X_IaiqNNMc&google_push=AehlK4CTf8hXARudbj9DJeKkK-FQE2abdOterRiSFYNcmO4AiwjA2L17WkgFONMR5w-UZI0iHF9y5tXZpP1JrbX8wzZX6XnNJsO0ig&proto=google_ebda","cluster_id":9,"gdpr":true,"ipv4":"0.0.0.0","key":"Yw32I8Co8X0AAMRCFUoAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad393"}
X-SO-Ads-Time: 143
X-SO-Key: Yw32I8Co8X0AAMRCFUoAAAAA
Server: nginx
X-SO-Upstream-ID: m-ad393
P3P: CP="See also http://www.scaleout.jp/privacy/"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AehlK4CTf8hXARudbj9DJeKkK-FQE2abdOterRiSFYNcmO4AiwjA2L17WkgFONMR5w-UZI0iHF9y5tXZpP1JrbX8wzZX6XnNJsO0ig&google_hm=WXczMkk4Q284WDBBQU1SQ0ZVb0FBQUFB
Cache-Control: private
X-SO-HostName: m-ad393.dc4p.scaleout.jp
Connection: keep-alive
Content-Length: 0
X-SO-LB-Hostname: m-tgng25.dc4p.scaleout.jp
X-SO-IP: 193.27.14.21

GET
H/1.1

200
OK

/
b1sync.zemanta.com/usersync/googleadx/ Frame 8CE0
Redirect Chain

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEL9fJhX3-e1KM36s5A-JxFU&google_cver=1&google_push=AehlK4C-dK3ilL-iQFN_zoF7YoH_fhrSAiDq-rWQgUiN90-40Awf2l65izXW1mO1QjnXtfrelSFswB0HcpCk8...
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEL9fJhX3-e1KM36s5A-JxFU&google_push=AehlK4C-dK3ilL-iQFN_zoF7YoH_fhrSAiDq-rWQgUiN90-40Awf2l65izXW1mO1QjnXtfrelSFswB0HcpCk8...
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AehlK4C-dK3ilL-iQFN_zoF7YoH_fhrSAiDq-rWQgUiN90-40Awf2l65izXW1mO1QjnXtfrelSFswB0HcpCk86U6GbRiqr21oBDszQ&google_hm=cVpnYWRzRHdZb18yb3...
https://b1sync.zemanta.com/usersync/googleadx/?google_error=5

26 B
127 B

126ms
126ms

Image
image/gif

64.74.236.63
INTERNAP-BLK5

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b1sync.zemanta.com/usersync/googleadx/?google_error=5
Requested by: Host: www.turtlediary.com
URL: https://www.turtlediary.com/
Protocol: HTTP/1.1
Server: 64.74.236.63 , United States, ASN19024 (INTERNAP-BLK5, US),
Reverse DNS: chi.outbrain.com
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 11:36:02 GMT
Content-Length: 26
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 30 Aug 2022 11:36:02 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://b1sync.zemanta.com/usersync/googleadx/?google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 258
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 8CE0 0
232 B 75ms
25ms Image
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L2M_6fcvpNoxTobYdTex9Srzm-5f8ATMjpHJT73aA3Qdlx6szabYyCPERw3AjIZlpxbS4Mig

Requested by

Host: 3667980415a81f45328c5a4170e33ed7.safeframe.googlesyndication.com
URL: https://3667980415a81f45328c5a4170e33ed7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 11:36:02 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 OjkVMSBLCKffYYJCcR1sndQZ2h8-FW78sMeE84aZbRQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 0233 36 KB
16 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/OjkVMSBLCKffYYJCcR1sndQZ2h8-FW78sMeE84aZbRQ.js

Requested by

Host: www.turtlediary.com
URL: https://www.turtlediary.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a391531204b08a7df618242711d6c9dd419da1f3e156efcb0c784f386996d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3667980415a81f45328c5a4170e33ed7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 09:26:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7795
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15855
x-xss-protection: 0
last-modified: Mon, 22 Aug 2022 11:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 30 Aug 2023 09:26:07 GMT

GET
H2 200 sync.html Show response
public.servenobid.com/ Frame 0685 9 KB
4 KB 99ms
15ms Document
text/html 99.86.4.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://public.servenobid.com/sync.html
Requested by: Host: dm0le9ta2f1vc.cloudfront.net
URL: https://dm0le9ta2f1vc.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-25.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7efdca1ce8a8ee4fb50887d9f88bdace1026e0f76ea1e64a802b97402d825a79

Request headers

Referer: https://www.turtlediary.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 14404
cache-control: max-age=86400
content-encoding: br
content-type: text/html
date: Tue, 30 Aug 2022 07:36:03 GMT
etag: W/"3b058e9cd661ca6990301a82cf5d448f"
last-modified: Wed, 17 Aug 2022 23:23:08 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
x-amz-cf-id: _rgrrHn3gNk_6jfVHEunPwDB0f_AD4mkrp0R06LlDUZI6S06ju2VTw==
x-amz-cf-pop: FRA6-C1
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:049b4e88-3480-44ce-bc71-9207efe847a1
x-amz-meta-codebuild-content-md5: 77e8f986028c7819a018b65a51e4d1c5
x-amz-meta-codebuild-content-sha256: 4cf0411e60b9185dacd3ae0196e3adabe45eed1b64ea27e89ed58c43c33d4297
x-cache: Hit from cloudfront

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame FE0D 3 KB
2 KB 329ms
31ms Document
text/html 23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: dm0le9ta2f1vc.cloudfront.net
URL: https://dm0le9ta2f1vc.cloudfront.net/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://www.turtlediary.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1387
Content-Type: text/html; charset=UTF-8
Date: Tue, 30 Aug 2022 11:36:06 GMT
ETag: "e20015-b68-5e4a60c97afb7"
Last-Modified: Mon, 25 Jul 2022 19:18:30 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server: Apache
Vary: Accept-Encoding

GET
H2 200 2000891.html Show response
sync.serverbid.com/ss/ Frame 0CC3 3 KB
1 KB 97ms
16ms Document
text/html 18.66.97.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.serverbid.com/ss/2000891.html
Requested by: Host: dm0le9ta2f1vc.cloudfront.net
URL: https://dm0le9ta2f1vc.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-42.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1e6113fa95a41038fb32382334e134009323370c3d81fe93cb814df2e7a3b882

Request headers

Referer: https://www.turtlediary.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 20800
content-encoding: gzip
content-type: text/html
date: Tue, 30 Aug 2022 05:49:27 GMT
etag: W/"9d38f19b1f72497b7d28393d5a032ecc"
last-modified: Mon, 22 Aug 2022 16:28:40 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 367a4718be97a49df7ac0500a986437a.cloudfront.net (CloudFront)
x-amz-cf-id: NZDo25B4-rYqlhsv85ZJXPFhurVjUwYNBPxAzWaNkbhymItphfX0xA==
x-amz-cf-pop: FRA56-P2
x-cache: Hit from cloudfront

GET
H2 200 sync Show response
eb2.3lift.com/ Frame 1571 37 B
140 B 73ms
32ms Document
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: dm0le9ta2f1vc.cloudfront.net
URL: https://dm0le9ta2f1vc.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://www.turtlediary.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Tue, 30 Aug 2022 11:36:06 GMT

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 23B7 15 KB
6 KB 323ms
33ms Document
text/html 23.47.208.212
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156858&gdpr=0&gdpr_consent=
Requested by: Host: dm0le9ta2f1vc.cloudfront.net
URL: https://dm0le9ta2f1vc.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.47.208.212 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-47-208-212.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://www.turtlediary.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=91195
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Tue, 30 Aug 2022 11:36:06 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Wed, 31 Aug 2022 12:56:01 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 4FD2 15 KB
6 KB 34ms
33ms Document
text/html 23.47.208.212
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.47.208.212 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-47-208-212.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=91195
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Tue, 30 Aug 2022 11:36:06 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Wed, 31 Aug 2022 12:56:01 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

GET
H2 200 13926 Show response
g2.gumgum.com/usync/ Frame 1B10 4 KB
2 KB 151ms
39ms Document
text/html 34.248.206.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.248.206.77 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-206-77.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1e501df799a3585e46d1ee32ab18e0d4b1e2dc85109e9bba45b1b76db430159a

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Tue, 30 Aug 2022 11:36:06 GMT
etag: W/"0fd947a8195ec1b93dca79e57ff3cd75e"
server: nginx
timing-allow-origin: *

GET
H2 204 /
onetag-sys.com/usync/ Frame C41F 0
0 87ms
17ms Document
text/plain 51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D

Requested by

Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 , France, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK sync Show response
ssbsync.smartadserver.com/api/ Frame F988 818 B
1 KB 458ms
33ms Document
text/html 185.86.139.101
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.101 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 2224fe26ae24310a1f78b4ff06be32ff8eab0a041fb96c1ba8ee0fed627b75db

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 818
content-type: text/html
date: Tue, 30 Aug 2022 11:36:05 GMT

GET
H2

200

usermatch Show response
r.casalemedia.com/ Frame 0270
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1

2 KB
1 KB

109ms
53ms

Document
text/html

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d0644e2907fb452263b836128cfcd08881774d5394856fb62326cb21456f804

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 742d3a10888e9134-FRA
content-encoding: br
content-type: text/html
date: Tue, 30 Aug 2022 11:36:06 GMT
dropped-udsids: 39|241|45|230|8|17|152|26
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4j84ocpGQ1jEpIvDe%2BVtBh0vuNZqXkBzVIoHy3ZhfIi0YRN%2FaBPva2yiMKkHF17E0dmq7l9aHyXvr2EETZPJxvxv%2BSZbSAT9d08b9y0yQedQ9IRQvTR9Wvjgd5sFnK%2BdnYU%2B"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Is-Traffic-Usersync, Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 742d3a0fe94b916b-FRA
content-type: text/html; charset=iso-8859-1
date: Tue, 30 Aug 2022 11:36:06 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: 0
location: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dd34CgZveBTjuPxWSFfTzM4w9mA%2F5jyzrpTW%2FsFMRQSCqD%2B%2Bc8dJC5ilI%2BA0UbaNMEbwSVaQkbYBLCtiddwXbOuZ5PN36yGONWNRwrbbjQvMZNBCWsOik7LfTQX%2BcapR367T3iP5%2FyPHrw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 6729
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east

281 B
554 B

110ms
26ms

Document
text/html

23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 30 Aug 2022 11:36:06 GMT
ETag: "40014-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Tue, 30 Aug 2022 11:36:06 GMT
location: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server: AkamaiGHost

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 0685 0
239 B 87ms
18ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=13702&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Content-Type: image/gif

GET
H2

200

sync
ads.servenobid.com/ Frame 0685
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fads.servenobid.com%252Fsync%253Fpid%253D312%2526uid%253D%2524UID
https://ads.servenobid.com/sync?pid=312&uid=50711754162459423

0
342 B

39ms
39ms

Image
image/avif

52.212.200.243
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=312&uid=50711754162459423
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 52.212.200.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-200-243.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 11:36:06 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

Pragma: no-cache
Date: Tue, 30 Aug 2022 11:36:06 GMT
X-Proxy-Origin: 193.27.14.21; 193.27.14.21; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 4ca378e5-5c1a-46a7-9a91-9ec041cdf122
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ads.servenobid.com/sync?pid=312&uid=50711754162459423
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sync
ads.servenobid.com/ Frame 0685
Redirect Chain

https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
https://ads.servenobid.com/sync?pid=310&uid=FO24pBZH6xtvluSYRCK66vHq

0
350 B

39ms
39ms

Image
image/avif

52.212.200.243
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=310&uid=FO24pBZH6xtvluSYRCK66vHq
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 52.212.200.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-200-243.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 11:36:06 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

Pragma: no-cache
Date: Tue, 30 Aug 2022 11:36:06 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ads.servenobid.com/sync?pid=310&uid=FO24pBZH6xtvluSYRCK66vHq
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1ams1
Content-Length: 0
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame 0685 0
277 B 33ms
31ms Image
text/plain 72.251.249.14
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 30 Aug 2022 11:36:06 GMT
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT

GET
H2

200

sync
ads.servenobid.com/ Frame 0685
Redirect Chain

https://x.yieldlift.com/getuid?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D314%26uid%3D%24UID
https://ads.servenobid.com/sync?pid=314&uid=eyJ4dWlkIjoiYjc4ZWQ1YjItYmVhNy00M2E0LTk4NGMtZmQzNDlhYTFhMGQ0IiwiZHAiOnt9LCJiZGF5IjoiMjAyMi0wOC0zMFQxMTozNjowNi43NDQ3NloifQ==

0
431 B

41ms
39ms

Image
image/avif

52.212.200.243
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=314&uid=eyJ4dWlkIjoiYjc4ZWQ1YjItYmVhNy00M2E0LTk4NGMtZmQzNDlhYTFhMGQ0IiwiZHAiOnt9LCJiZGF5IjoiMjAyMi0wOC0zMFQxMTozNjowNi43NDQ3NloifQ==
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 52.212.200.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-200-243.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 11:36:06 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

Location: https://ads.servenobid.com/sync?pid=314&uid=eyJ4dWlkIjoiYjc4ZWQ1YjItYmVhNy00M2E0LTk4NGMtZmQzNDlhYTFhMGQ0IiwiZHAiOnt9LCJiZGF5IjoiMjAyMi0wOC0zMFQxMTozNjowNi43NDQ3NloifQ==
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: 0

GET
H2

200

generic
match.adsrvr.org/track/cmf/ Frame 0685
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1661859366416
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6436506920

70 B
265 B

129ms
38ms

Image
image/gif

52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6436506920
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Aug 2022 11:36:06 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

pragma: no-cache
date: Tue, 30 Aug 2022 11:36:06 GMT
etag: RX17409a6b7d1841e0814aa5c6c4ad9bb5003
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6436506920
cache-control: no-store, no-cache, must-revalidate
content-type: text/html
expires: 0

GET
H2

200

sync
ads.servenobid.com/ Frame 0685
Redirect Chain

https://p.rfihub.com/cm?pub=44007&in=1
https://ads.servenobid.com/sync?pid=324&uid=5142336719710155790

0
344 B

39ms
38ms

Image
image/avif

52.212.200.243
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=324&uid=5142336719710155790
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 52.212.200.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-200-243.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 11:36:06 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

Location: https://ads.servenobid.com/sync?pid=324&uid=5142336719710155790
Date: Tue, 30 Aug 2022 11:36:06 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK usa
sync.go.sonobi.com/ Frame 0685 0
498 B 685ms
323ms Image
text/plain 69.166.1.10
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D

Requested by

Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 30 Aug 2022 11:36:06 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-5-51
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

sync
ads.servenobid.com/ Frame 0685
Redirect Chain

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
https://ads.servenobid.com/sync?pid=327&uid=7c7c2717-ce4a-4c61-9992-0b5cc4ab0123&gdpr=0&gdpr_consent=&us_privacy=1YN-

0
355 B

41ms
40ms

Image
image/avif

52.212.200.243
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=327&uid=7c7c2717-ce4a-4c61-9992-0b5cc4ab0123&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 52.212.200.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-200-243.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 11:36:06 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

location: https://ads.servenobid.com/sync?pid=327&uid=7c7c2717-ce4a-4c61-9992-0b5cc4ab0123&gdpr=0&gdpr_consent=&us_privacy=1YN-
date: Tue, 30 Aug 2022 11:36:06 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 1
server: envoy
content-length: 0

GET
H2

200

sync
ads.servenobid.com/ Frame 0685
Redirect Chain

https://ups.analytics.yahoo.com/ups/58559/occ
https://ups.analytics.yahoo.com/ups/58559/occ?verify=true
https://ads.servenobid.com/sync?pid=337&uid=y-Rr0egXNE2uH5CNZdSio.Zx7EgGs_q2Lr0lBj.wc-~A

0
366 B

40ms
39ms

Image
image/avif

52.212.200.243
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=337&uid=y-Rr0egXNE2uH5CNZdSio.Zx7EgGs_q2Lr0lBj.wc-~A
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 52.212.200.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-200-243.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 11:36:06 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

location: https://ads.servenobid.com/sync?pid=337&uid=y-Rr0egXNE2uH5CNZdSio.Zx7EgGs_q2Lr0lBj.wc-~A
date: Tue, 30 Aug 2022 11:36:06 GMT
server: ATS/9.1.10.25
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

us
sync.go.sonobi.com/ Frame 0685
Redirect Chain

https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS0yZTUyOTJjOC0xZDc2LTNlZGUtODkzZC00ODE5NWRkY2NlYzEqU2h0dHBzOi8vYWRzLnNlcnZlbm9iaWQuY29tL3N5bmM_cGlkP...
https://ssp.disqus.com/match?bidder=6&r=Cid1YS0yZTUyOTJjOC0xZDc2LTNlZGUtODkzZC00ODE5NWRkY2NlYzEqU2h0dHBzOi8vYWRzLnNlcnZlbm9iaWQuY29tL3N5bmM_cGlkPTM0NiZ1aWQ9dWEtMmU1MjkyYzgtMWQ3Ni0zZWRlLTg5M2QtNDgxO...
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS0yZTUyOTJjOC0xZDc2LTNlZGUtODkzZC00ODE5NWRkY2NlYzEqU2h0dHBzOi8vYWRzLnNlcnZlbm9...

0
411 B

129ms
129ms

Image
text/plain

69.166.1.10
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS0yZTUyOTJjOC0xZDc2LTNlZGUtODkzZC00ODE5NWRkY2NlYzEqU2h0dHBzOi8vYWRzLnNlcnZlbm9iaWQuY29tL3N5bmM_cGlkPTM0NiZ1aWQ9dWEtMmU1MjkyYzgtMWQ3Ni0zZWRlLTg5M2QtNDgxOTVkZGNjZWMxMgIGEjgC

Requested by

Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html

Protocol

HTTP/1.1

Server

69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 30 Aug 2022 11:36:07 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-5-82
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS0yZTUyOTJjOC0xZDc2LTNlZGUtODkzZC00ODE5NWRkY2NlYzEqU2h0dHBzOi8vYWRzLnNlcnZlbm9iaWQuY29tL3N5bmM_cGlkPTM0NiZ1aWQ9dWEtMmU1MjkyYzgtMWQ3Ni0zZWRlLTg5M2QtNDgxOTVkZGNjZWMxMgIGEjgC
pragma: no-cache
date: Tue, 30 Aug 2022 11:36:06 GMT
cache-control: no-store
content-length: 0
vary: origin
expires: 0

GET
H2

200

sync
ads.servenobid.com/ Frame 0685
Redirect Chain

https://ups.analytics.yahoo.com/ups/58632/occ
https://ups.analytics.yahoo.com/ups/58632/occ?verify=true
https://ads.servenobid.com/sync?pid=339&uid=y-Rr0egXNE2uH5CNZdSio.Zx7EgGs_q2Lr0lBj.wc-~A

0
366 B

39ms
39ms

Image
image/avif

52.212.200.243
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=339&uid=y-Rr0egXNE2uH5CNZdSio.Zx7EgGs_q2Lr0lBj.wc-~A
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 52.212.200.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-200-243.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 11:36:06 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

location: https://ads.servenobid.com/sync?pid=339&uid=y-Rr0egXNE2uH5CNZdSio.Zx7EgGs_q2Lr0lBj.wc-~A
date: Tue, 30 Aug 2022 11:36:06 GMT
server: ATS/9.1.10.25
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 204 /
onetag-sys.com/usync/ Frame B3BD 0
0 80ms
16ms Document
text/plain 51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=6c68086c0c61793

Requested by

Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000891.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 , France, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://sync.serverbid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 5E36 15 KB
6 KB 35ms
33ms Document
text/html 23.47.208.212
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000891.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.47.208.212 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-47-208-212.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://sync.serverbid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=91195
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Tue, 30 Aug 2022 11:36:06 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Wed, 31 Aug 2022 12:56:01 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

GET
H2 200 rid Show response
match.adsrvr.org/track/ Frame 0CC3 63 B
392 B 128ms
40ms Fetch
application/json 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=prebid&fmt=json
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000891.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: fcbabccaea79a3c9d12177851138a270b4a0cfbcdddc24b0c68ee238f53d16a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 11:36:06 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://sync.serverbid.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Thu, 29 Sep 2022 11:36:06 GMT

GET
H2

200

usersync
x.serverbid.com/ Frame 0CC3
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D4%26spui%3D%26dpui%3D%24UID
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=4&spui=&dpui=FO24pBZH6xtvluSYRCK66vHq

35 B
268 B

119ms
119ms

Image
image/gif

159.89.246.130
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=4&spui=&dpui=FO24pBZH6xtvluSYRCK66vHq
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000891.html
Protocol: H2
Server: 159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 11:36:05 GMT
content-encoding: gzip
access-control-max-age: 10080
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: https://sync.serverbid.com
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept
content-length: 58

Redirect headers

Date: Tue, 30 Aug 2022 11:36:06 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=4&spui=&dpui=FO24pBZH6xtvluSYRCK66vHq
Access-Control-Allow-Credentials: true
Connection: close
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H2 204 um
cs.emxdgt.com/ Frame 0CC3 0
55 B 78ms
15ms Image
text/html 18.156.32.70
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.emxdgt.com/um?ssp=pbs&redirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D9%26spui%3D%26dpui%3D%24UID
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000891.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.156.32.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-32-70.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 11:36:06 GMT
content-length: 0
content-type: text/html

GET
H2

200

i.gif
e.serverbid.com/udb/9969/sync/ Frame 0CC3
Redirect Chain

https://p.rfihub.com/cm?pub=42786&in=1
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=53&userId=5124322322947701753

35 B
99 B

109ms
109ms

Image
image/gif

159.89.246.130
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=53&userId=5124322322947701753
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000891.html
Protocol: H2
Server: 159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 11:36:06 GMT
content-encoding: gzip
access-control-max-age: 10080
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: https://sync.serverbid.com
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept
content-length: 58

Redirect headers

Location: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=53&userId=5124322322947701753
Date: Tue, 30 Aug 2022 11:36:06 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

usersync
x.serverbid.com/ Frame 0CC3
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D&s=185073&C=1
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=Yw32Jv8Bq1LdL.qE.D5HswAA%265135

35 B
217 B

110ms
106ms

Image
image/gif

159.89.246.130
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=Yw32Jv8Bq1LdL.qE.D5HswAA%265135
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000891.html
Protocol: H2
Server: 159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 11:36:06 GMT
content-encoding: gzip
access-control-max-age: 10080
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: https://sync.serverbid.com
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept
content-length: 58

Redirect headers

pragma: no-cache
date: Tue, 30 Aug 2022 11:36:06 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rAtRWdtCNUvl%2FLh%2FdLN2qyNVQcsUpOctO1SOzH3c2Ze4xmgpPRq7lEqF5Z3fcX4IKbEz3Nco41H3fyNcXwJ9goxmM%2BWbCU4H5HlDi33Z%2F6qyost5UjbtlD6csR2S5RtLqEnkBYLkjkRrCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=Yw32Jv8Bq1LdL.qE.D5HswAA%265135
cache-control: no-cache
cf-ray: 742d3a107bd2d263-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2

200

usersync
x.serverbid.com/ Frame 0CC3
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5551%26spui%3D%26dpui%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fx.serverbid.com%252Fusersync%253Fttt%253D1%2526src%253D2%2526cspi%253D0%2526cn%253D5551%2526spui%253D%2526dpui%253D%2524UID
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=50711754162459423

35 B
217 B

115ms
115ms

Image
image/gif

159.89.246.130
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=50711754162459423
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000891.html
Protocol: H2
Server: 159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 11:36:05 GMT
content-encoding: gzip
access-control-max-age: 10080
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: https://sync.serverbid.com
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept
content-length: 58

Redirect headers

Pragma: no-cache
Date: Tue, 30 Aug 2022 11:36:06 GMT
X-Proxy-Origin: 193.27.14.21; 193.27.14.21; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 25fb2de5-ac7b-4211-a85a-06b822dff185
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=50711754162459423
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK usa
sync.go.sonobi.com/ Frame 0CC3 0
498 B 546ms
181ms Image
text/plain 69.166.1.10
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5444%26spui%3D%26dpui%3D

Requested by

Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000891.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 30 Aug 2022 11:36:06 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-5-82
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

i.gif
e.serverbid.com/udb/9969/sync/ Frame 0CC3
Redirect Chain

https://pixel.advertising.com/ups/56621/occ
https://ups.analytics.yahoo.com/ups/56621/occ
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=

35 B
122 B

108ms
107ms

Image
image/gif

159.89.246.130
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000891.html
Protocol: H2
Server: 159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 11:36:06 GMT
content-encoding: gzip
access-control-max-age: 10080
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: https://sync.serverbid.com
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept
content-length: 58

Redirect headers

location: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=
date: Tue, 30 Aug 2022 11:36:06 GMT
server: ATS/9.1.10.25
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

usermatch Show response
r.casalemedia.com/ Frame 22B0
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.turtlediary.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.turtlediary.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
2 KB

95ms
42ms

Document
text/html

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.turtlediary.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b10398fbe4d144a9ff0bae80b18a62ae1c4744b74344392923e2afd5a3bbc48

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 742d3a1088919134-FRA
content-encoding: br
content-type: text/html
date: Tue, 30 Aug 2022 11:36:06 GMT
dropped-udsids: 39|45|230|241|3|156|176|88
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=veepaapDH2MHOL76KKtmZt5Soz7F5%2F7kLDBeREi8qPZmzL%2FWeXKZjJZAgd846vCnyXI%2By7%2B46qP7AnbYOe6DQ7YRSEThAOq8Rx8lcsq6G%2Bd%2FZXOSj5eBogJI6NBR%2BANMffzY"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Is-Traffic-Usersync, Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 742d3a0fe950916b-FRA
content-type: text/html; charset=iso-8859-1
date: Tue, 30 Aug 2022 11:36:06 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: 0
location: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.turtlediary.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0qrH3MiX599THmhvC7VWZBsSbq%2FW2WpC%2BCHjmE6f%2BoJ9S%2FXWEJpBlW8KiakMITuH597DAQm13%2BXLhapqxYo%2Bvk2It4WRHylyqQ1cZmA97oUSf4ZttmoJ7f9idRpm1%2FkCSeF%2FdVuHM%2BXAfg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 23B7 0
42 B 106ms
56ms Script
text/plain 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=89898844&p=156858&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156858&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 11:36:04 GMT
content-length: 0

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 1B10
Redirect Chain

https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
https://usersync.gumgum.com/usersync?b=apn&i=50711754162459423

35 B
250 B

309ms
39ms

Image
image/gif

34.247.233.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=apn&i=50711754162459423
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 30 Aug 2022 11:36:06 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: 0

Redirect headers

Pragma: no-cache
Date: Tue, 30 Aug 2022 11:36:06 GMT
X-Proxy-Origin: 193.27.14.21; 193.27.14.21; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: f5972b3f-2db1-4f17-b091-d73a04a5a77a
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://usersync.gumgum.com/usersync?b=apn&i=50711754162459423
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 1B10
Redirect Chain

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_2d6a8a89-342e-40e3-82c8-4fd05634b791&gdpr=0&gdpr_consent=&us_privacy=1---
https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_2d6a8a89-342e-40e3-82c8-4fd05634b791&gdpr=0&gdpr_consent=&us_privacy=1---
https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=ca95b234-7d8d-460b-98f0-63c290e6bfd2
https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=gumgum2&expires=10&bsw_param=ca95b234-7d8d-460b-98f0-63c290e6bfd2
https://usersync.gumgum.com/usersync?b=bsw&i=ca95b234-7d8d-460b-98f0-63c290e6bfd2

35 B
250 B

39ms
38ms

Image
image/gif

34.247.233.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=bsw&i=ca95b234-7d8d-460b-98f0-63c290e6bfd2
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 30 Aug 2022 11:36:06 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: 0

Redirect headers

Location: //usersync.gumgum.com/usersync?b=bsw&i=ca95b234-7d8d-460b-98f0-63c290e6bfd2
Date: Tue, 30 Aug 2022 11:36:06 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame 1B10
Redirect Chain

https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobR...
https://usersync.gumgum.com/usersync?b=obn&i=ENC%281SrUa1wfyxU1r1j5fHwP-oGprVN0u_eicyAO1WZO93DOf4OPV4akU7i7lObd4xX6%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_2d6a8a89-342e-40e3-82c8-4fd05634b791&obuid=ENC(1SrUa1wfyxU1r1j5fHwP-oGprVN0u_eicyAO1WZO93DOf4OPV4akU7i7lObd4xX6)
https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
https://creativecdn.com/cm-notify?pi=outbrain
https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=kLM4dvYWRxcyUjIDYyJA&pi=outbrain

0
145 B

106ms
105ms

Image
text/plain

70.42.32.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=kLM4dvYWRxcyUjIDYyJA&pi=outbrain
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 70.42.32.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 11:36:07 GMT
Cache-Control: no-cache
X-TraceId: 3895cee2ec9a36faccb8b806189ad6aa
Content-Length: 0

Redirect headers

location: https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=kLM4dvYWRxcyUjIDYyJA&pi=outbrain
pragma: no-cache
date: Tue, 30 Aug 2022 11:36:07 GMT, Tue, 30 Aug 2022 11:36:07 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 1B10
Redirect Chain

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
https://usersync.gumgum.com/usersync?b=opx&i=ea6f2dca-4063-4719-93a4-97aad3ee151e

35 B
250 B

240ms
44ms

Image
image/gif

34.247.233.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=opx&i=ea6f2dca-4063-4719-93a4-97aad3ee151e
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 30 Aug 2022 11:36:06 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: 0

Redirect headers

date: Tue, 30 Aug 2022 11:36:06 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://usersync.gumgum.com/usersync?b=opx&i=ea6f2dca-4063-4719-93a4-97aad3ee151e
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
via: 1.1 google

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 1B10
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
https://usersync.gumgum.com/usersync?b=sta&i=0-1c406ebe-fe00-4789-4deb-d6edbb04d066$ip$193.27.14.21

35 B
250 B

44ms
44ms

Image
image/gif

34.247.233.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=sta&i=0-1c406ebe-fe00-4789-4deb-d6edbb04d066$ip$193.27.14.21
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 30 Aug 2022 11:36:06 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: 0

Redirect headers

Location: https://usersync.gumgum.com/usersync?b=sta&i=0-1c406ebe-fe00-4789-4deb-d6edbb04d066$ip$193.27.14.21
Date: Tue, 30 Aug 2022 11:36:06 GMT
Connection: keep-alive
Content-Length: 126
Content-Type: text/html; charset=utf-8

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 1B10
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
https://usersync.gumgum.com/usersync?b=oth&i=y-xJKCM91E2pero_w34Yw2riQSZ9egxD6rrX4l~A

35 B
250 B

60ms
43ms

Image
image/gif

34.247.233.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=oth&i=y-xJKCM91E2pero_w34Yw2riQSZ9egxD6rrX4l~A
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 30 Aug 2022 11:36:06 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: 0

Redirect headers

date: Tue, 30 Aug 2022 11:36:06 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://usersync.gumgum.com/usersync?b=oth&i=y-xJKCM91E2pero_w34Yw2riQSZ9egxD6rrX4l~A
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
content-length: 0
x-content-type-options: nosniff

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 1B10
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
https://usersync.gumgum.com/usersync?b=vnt&i=9b226f8f-4cc0-4346-92e2-302f2f850fde

35 B
250 B

40ms
40ms

Image
image/gif

34.247.233.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=vnt&i=9b226f8f-4cc0-4346-92e2-302f2f850fde
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 30 Aug 2022 11:36:06 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: 0

Redirect headers

Location: https://usersync.gumgum.com/usersync?b=vnt&i=9b226f8f-4cc0-4346-92e2-302f2f850fde
Date: Tue, 30 Aug 2022 11:36:06 GMT
X-CI-RTID: 1b6c4287-49c3-4216-b66e-4a2565bc6b71
Connection: keep-alive
Content-Length: 108
Content-Type: text/html; charset=utf-8

GET
H2 204 services
sync.technoratimedia.com/ Frame 1B10 0
293 B 394ms
105ms Image
text/plain 141.148.45.191
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.148.45.191 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 11:36:06 GMT
via: 1.1 varnish
server: nginx
age: 0
access-control-allow-methods: POST,GET,HEAD,OPTIONS
x-varnish: 1073320387
access-control-allow-origin: https://g2.gumgum.com/
access-control-allow-credentials: true

GET
H2 200 142
match.deepintent.com/usersync/ Frame 1B10 0
39 B 365ms
102ms Image
text/plain 38.91.45.7
DEEPINTENT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software: b /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 11:36:05 GMT
content-length: 0
server: b

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 1B10
Redirect Chain

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_2d6a8a89-342e-40e3-82c8-4fd05634b791&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
https://stags.bluekai.com/site/23178?id=qZgadsDwYo_2oqlsktG4&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT24K2M5QWI42EO5MW6XZSN5YWY43LORDTI...
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=qZgadsDwYo_2oqlsktG4&us_privacy=1---

35 B
250 B

43ms
43ms

Image
image/gif

34.247.233.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=qZgadsDwYo_2oqlsktG4&us_privacy=1---
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 30 Aug 2022 11:36:07 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: 0

Redirect headers

Pragma: no-cache
Date: Tue, 30 Aug 2022 11:36:07 GMT
P3p: CP="We do not support P3P header."
Location: https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=qZgadsDwYo_2oqlsktG4&us_privacy=1---
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=utf-8
Content-Length: 123
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 1B10
Redirect Chain

https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
https://usersync.gumgum.com/usersync?b=idi&i=04f9c826-ea95-402f-9735-74085eefe9a6

35 B
250 B

39ms
39ms

Image
image/gif

34.247.233.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=idi&i=04f9c826-ea95-402f-9735-74085eefe9a6
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 30 Aug 2022 11:36:07 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: 0

Redirect headers

location: https://usersync.gumgum.com/usersync?b=idi&i=04f9c826-ea95-402f-9735-74085eefe9a6
date: Tue, 30 Aug 2022 11:36:07 GMT
access-control-allow-origin: *
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

generic
match.adsrvr.org/track/cmf/ Frame 1B10
Redirect Chain

https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8476832798

70 B
264 B

48ms
40ms

Image
image/gif

52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8476832798
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Aug 2022 11:36:06 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

pragma: no-cache
date: Tue, 30 Aug 2022 11:36:06 GMT
etag: RX17409a6b7d1841e0814aa5c6c4ad9bb5003
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8476832798
cache-control: no-store, no-cache, must-revalidate
content-type: text/html
expires: 0

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 1B10
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
https://usersync.gumgum.com/usersync?b=pln&i=hg47PwVMY0fM&ev=1&pid=558355

35 B
250 B

40ms
40ms

Image
image/gif

34.247.233.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=pln&i=hg47PwVMY0fM&ev=1&pid=558355
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 30 Aug 2022 11:36:07 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: 0

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: de-DE
location: https://usersync.gumgum.com/usersync?b=pln&i=hg47PwVMY0fM&ev=1&pid=558355
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-dd6bdcf45-6ms57
expires: -1

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 1B10
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
https://usersync.gumgum.com/usersync?b=sad&i=3255878002942032043

35 B
250 B

41ms
40ms

Image
image/gif

34.247.233.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=sad&i=3255878002942032043
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 30 Aug 2022 11:36:06 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: 0

Redirect headers

location: https://usersync.gumgum.com/usersync?b=sad&i=3255878002942032043
date: Tue, 30 Aug 2022 11:36:06 GMT
content-length: 0

GET
H2 200 sync
ads.servenobid.com/ Frame 1B10 0
358 B 44ms
39ms Image
image/avif 52.212.200.243
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=309&uid=e_2d6a8a89-342e-40e3-82c8-4fd05634b791
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.200.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-200-243.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 11:36:06 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame 83EE
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
https://usersync.gumgum.com/usersync?b=mmh&i=6f44630d-f627-4c00-9fff-aa55b725371c&gdpr=0&gdpr_consent=

35 B
250 B

40ms
40ms

Document
image/gif

34.247.233.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=mmh&i=6f44630d-f627-4c00-9fff-aa55b725371c&gdpr=0&gdpr_consent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Tue, 30 Aug 2022 11:36:07 GMT
Expires: 0
Pragma: no-cache

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Content-Type: image/gif
Date: Tue, 30 Aug 2022 11:36:07 GMT
Expires: Tue, 30 Aug 2022 11:36:06 GMT
Keep-Alive: timeout=360
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 4505 5b23575 master nrt-pixel-x21 config:1.0.0
location: https://usersync.gumgum.com/usersync?b=mmh&i=6f44630d-f627-4c00-9fff-aa55b725371c&gdpr=0&gdpr_consent=

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame 4429
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Yw32JgAKNDhbOABC
https://usersync.gumgum.com/usersync?b=atm&i=Yw32JgAKNDhbOABC&gdpr=0&gdpr_consent=&_test=Yw32JgAKNDhbOABC

35 B
250 B

79ms
45ms

Document
image/gif

34.247.233.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=atm&i=Yw32JgAKNDhbOABC&gdpr=0&gdpr_consent=&_test=Yw32JgAKNDhbOABC
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Tue, 30 Aug 2022 11:36:06 GMT
Expires: 0
Pragma: no-cache

Redirect headers

accept-ranges: bytes
cache-control: no-cache
content-length: 0
date: Tue, 30 Aug 2022 11:36:06 GMT
location: https://usersync.gumgum.com/usersync?b=atm&i=Yw32JgAKNDhbOABC&gdpr=0&gdpr_consent=&_test=Yw32JgAKNDhbOABC
pragma: no-cache
retry-after: 0
server: Varnish
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-hhn4049-HHN
x-timer: S1661859367.752202,VS0,VE0

GET
H3 200 pixel Show response
cm.g.doubleclick.net/ Frame A1E1 170 B
188 B 35ms
31ms Document
image/png 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8yZDZhOGE4OS0zNDJlLTQwZTMtODJjOC00ZmQwNTYzNGI3OTE=&gdpr=0&gdpr_consent=

Requested by

Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 170
content-type: image/png
cross-origin-resource-policy: cross-origin
date: Tue, 30 Aug 2022 11:36:06 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: HTTP server (unknown)
x-xss-protection: 0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 0F25 15 KB
6 KB 39ms
36ms Document
text/html 23.47.208.212
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.47.208.212 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-47-208-212.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=91195
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Tue, 30 Aug 2022 11:36:06 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Wed, 31 Aug 2022 12:56:01 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

GET
H2 200 generic Show response
match.adsrvr.org/track/cmf/ Frame 0CC1 70 B
264 B 83ms
42ms Document
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-length: 70
content-type: image/gif
date: Tue, 30 Aug 2022 11:36:06 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame 196A
Redirect Chain

https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY2...
https://cs.emxdgt.com/umcheck?apnxid=50711754162459423&redirect=https://usersync.gumgum.com/usersync?b=emx&i=$EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY29tL3VzZXJzeW5jP2I9ZW14Jmk9JEVNWFV...
https://usersync.gumgum.com/usersync?b=emx&i=50711754162459423brt50801661859366508559f1

35 B
250 B

268ms
38ms

Document
image/gif

34.247.233.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=emx&i=50711754162459423brt50801661859366508559f1
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Tue, 30 Aug 2022 11:36:06 GMT
Expires: 0
Pragma: no-cache

Redirect headers

content-length: 0
content-type: text/html
date: Tue, 30 Aug 2022 11:36:06 GMT
location: https://usersync.gumgum.com/usersync?b=emx&i=50711754162459423brt50801661859366508559f1

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame 3799
Redirect Chain

https://tg.socdm.com/aux/idsync?proto=gumgum
https://usersync.gumgum.com/usersync?b=sus&i=Yw32JsCo8X0AAMRCFnIAAAAA

35 B
250 B

43ms
43ms

Document
image/gif

34.247.233.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=sus&i=Yw32JsCo8X0AAMRCFnIAAAAA
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Tue, 30 Aug 2022 11:36:06 GMT
Expires: 0
Pragma: no-cache

Redirect headers

Cache-Control: private
Connection: keep-alive
Content-Length: 0
Date: Tue, 30 Aug 2022 11:36:06 GMT
Location: https://usersync.gumgum.com/usersync?b=sus&i=Yw32JsCo8X0AAMRCFnIAAAAA
P3P: CP="See also http://www.scaleout.jp/privacy/"
Server: nginx
X-SO-Ads-Time: 160
X-SO-Cluster-ID: 35
X-SO-HostName: m-ad291.dc4p.scaleout.jp
X-SO-IP: 193.27.14.21
X-SO-Key: Yw32JsCo8X0AAMRCFnIAAAAA
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":35,"gdpr":true,"ipv4":"0.0.0.0","key":"Yw32JsCo8X0AAMRCFnIAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad291"}
X-SO-LB-Hostname: m-tgng25.dc4p.scaleout.jp
X-SO-Upstream-ID: m-ad291

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame EB2B
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
https://usersync.gumgum.com/usersync?b=iex&i=Yw32Jv8Bq1LdL.qE.D5HswAA%265135

35 B
250 B

86ms
38ms

Document
image/gif

34.247.233.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=iex&i=Yw32Jv8Bq1LdL.qE.D5HswAA%265135
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Tue, 30 Aug 2022 11:36:06 GMT
Expires: 0
Pragma: no-cache

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 742d3a10bc1fd263-CDG
content-length: 0
date: Tue, 30 Aug 2022 11:36:06 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: 0
location: https://usersync.gumgum.com/usersync?b=iex&i=Yw32Jv8Bq1LdL.qE.D5HswAA%265135
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PcACVSqGpePUkEUsLi%2FICcXDBAkLqsVPYxiKK694VMAJX8DBMb2a5L5u6PMbD1pQ3bbrjWZ2oHJhpA%2FqshqVzxLCZdl8LdzBZ%2BoPm9uHi4n3d6pw1rT6oRbZUIvs4GBAXeVBlOk907IpZA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame B739
Redirect Chain

https://creativecdn.com/cm-notify?pi=gumgum
https://creativecdn.com/cm-notify?pi=gumgum&tc=1
https://usersync.gumgum.com/usersync?b=rth&i=kLM4dvYWRxcyUjIDYyJA&pi=gumgum&tc=1

35 B
250 B

100ms
40ms

Document
image/gif

34.247.233.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=rth&i=kLM4dvYWRxcyUjIDYyJA&pi=gumgum&tc=1
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Tue, 30 Aug 2022 11:36:06 GMT
Expires: 0
Pragma: no-cache

Redirect headers

cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
date: Tue, 30 Aug 2022 11:36:06 GMT Tue, 30 Aug 2022 11:36:06 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://usersync.gumgum.com/usersync?b=rth&i=kLM4dvYWRxcyUjIDYyJA&pi=gumgum&tc=1
pragma: no-cache

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame DDBC
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
https://eus.rubiconproject.com/usync.html?p=gumgum

281 B
554 B

47ms
24ms

Document
text/html

23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 30 Aug 2022 11:36:06 GMT
ETag: "40014-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Tue, 30 Aug 2022 11:36:06 GMT
location: https://eus.rubiconproject.com/usync.html?p=gumgum
server: AkamaiGHost

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 22B0 70 B
264 B 50ms
39ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.turtlediary.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Aug 2022 11:36:06 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 22B0
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yw32Jti5Yq9oyb.Glqj9ggAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIYKuxqUf3rhbMJht5N5y7c&google_cver=1&gdpr=1&google_hm=2

43 B
907 B

157ms
56ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIYKuxqUf3rhbMJht5N5y7c&google_cver=1&gdpr=1&google_hm=2
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.turtlediary.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray: 742d3a1238996928-FRA
pragma: no-cache
date: Tue, 30 Aug 2022 11:36:06 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nic89HkvsVwqUHBDRTjojOk98%2BYn1gvkTN10DHv7mNU91EWbseCpd2MD4dTIHWlMW9eyXTEMLNuVgf1DVLIHYAPjr%2B6z7GGiyR9ouH57ahHUeP3ZKjQaneDvS1HRrvKbNbRaQwHku8hFOw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 30 Aug 2022 11:36:06 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIYKuxqUf3rhbMJht5N5y7c&google_cver=1&gdpr=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 341
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 22B0 170 B
188 B 30ms
26ms Image
image/png 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yw32Ju-nxkvK5wzREW4zVQAABLsAAAIB&gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.turtlediary.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Aug 2022 11:36:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 22B0
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yw32Ju-nxkvK5wzREW4zVQAABLsAAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yw32Ju-nxkvK5wzREW4zVQAABLsAAAIB&dcc=t

43 B
645 B

112ms
109ms

Image
image/gif

209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yw32Ju-nxkvK5wzREW4zVQAABLsAAAIB&dcc=t

Requested by

Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.turtlediary.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 30 Aug 2022 11:36:07 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: HP2VD9TTS1BDJMYD40ZV
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 30 Aug 2022 11:36:06 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: TTW30BTAYGJP573QWW88
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yw32Ju-nxkvK5wzREW4zVQAABLsAAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 22B0
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=f17f630d-f627-4100-a862-f297629c55a1&gdpr=1&gdpr_consent=

43 B
914 B

48ms
48ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=f17f630d-f627-4100-a862-f297629c55a1&gdpr=1&gdpr_consent=
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.turtlediary.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray: 742d3a18298e6928-FRA
pragma: no-cache
date: Tue, 30 Aug 2022 11:36:07 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jAQHyex0ymnnNwNCRqRCWqFj%2BqfM8RAXC%2BvaYdhYID%2B0QlgaqB68f0pQYKRcVbCwjQ%2Bvi0QC1xd0vrZOUfikW%2BD4e%2FDNeHkUe5JLOmhYk%2B9fJ72fnBmEvaR6UpnebG7kz7FNbCFFaHCJng%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

Date: Tue, 30 Aug 2022 11:36:07 GMT
Server: MT3 4505 5b23575 master nrt-pixel-x3 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=f17f630d-f627-4100-a862-f297629c55a1&gdpr=1&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 30 Aug 2022 11:36:06 GMT

GET
H2 200 cookiesync
bttrack.com/pixel/ Frame 22B0 35 B
263 B 334ms
110ms Image
image/gif 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.turtlediary.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-servername: Track003-iad
pragma: no-cache
date: Tue, 30 Aug 2022 11:35:41 GMT
x-aspnetmvc-version: 5.2
server: Microsoft-IIS/8.5
x-aspnet-version: 4.0.30319
p3p: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
cache-control: private,no-cache
content-type: image/gif
content-length: 35
expires: -1

GET
H2 200 113
match.deepintent.com/usersync/ Frame 22B0 0
44 B 323ms
101ms Image
text/plain 38.91.45.7
DEEPINTENT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.deepintent.com/usersync/113
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.turtlediary.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software: b /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 11:36:06 GMT
content-length: 0
server: b

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 22B0
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=Yw32JgAKN7y6mAAK
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Yw32JgAKN7y6mAAK&gdpr=1&_test=Yw32JgAKN7y6mAAK

43 B
908 B

114ms
50ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Yw32JgAKN7y6mAAK&gdpr=1&_test=Yw32JgAKN7y6mAAK
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.turtlediary.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray: 742d3a1248a76928-FRA
pragma: no-cache
date: Tue, 30 Aug 2022 11:36:06 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pkfgQgbKpD%2BF%2F6MOjKkEOWzDHbx61NVPJw6OGAYBgwCjKrTKW18N9xtXLdlGYiEWw6Z76SU05eeCTTyT6bTVJedSRSl48jmg9iuN7F0xusiqXhgZBgPcFyVFgzCVmC2d1edhYBPdxzDPjA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 30 Aug 2022 11:36:06 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1661859367.685163,VS0,VE0
x-served-by: cache-hhn4049-HHN
x-cache: HIT
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Yw32JgAKN7y6mAAK&gdpr=1&_test=Yw32JgAKN7y6mAAK
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame 22B0 43 B
425 B 256ms
34ms Image
image/gif 2606:4700::6812:c4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?Yw32Ju.nxkvK5wzREW4zVQAA%261211
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.turtlediary.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 11:36:06 GMT
cf-cache-status: HIT
age: 297
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
content-length: 43
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
etag: "761e21-2b-546dc3a097100"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 742d3a125ded0221-ZRH
expires: Tue, 30 Aug 2022 15:36:06 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 0270 70 B
264 B 46ms
46ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Aug 2022 11:36:06 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 0270
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yw32Jti5Yq9oyb-Glqj9ggAABKwAAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yw32Jti5Yq9oyb-Glqj9ggAABKwAAAIB&dcc=t

43 B
645 B

114ms
112ms

Image
image/gif

209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yw32Jti5Yq9oyb-Glqj9ggAABKwAAAIB&dcc=t

Requested by

Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1

Protocol

HTTP/1.1

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 30 Aug 2022 11:36:07 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: RBHEET0KAWNDMY29DSQS
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 30 Aug 2022 11:36:06 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 2WT3D4RS5XTD2SB4SR27
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yw32Jti5Yq9oyb-Glqj9ggAABKwAAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 0270
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yw32Jv8Bq1LdL.qE.D5HswAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIYKuxqUf3rhbMJht5N5y7c&google_cver=1&gdpr=1&google_hm=2

43 B
949 B

145ms
51ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIYKuxqUf3rhbMJht5N5y7c&google_cver=1&gdpr=1&google_hm=2
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray: 742d3a1238956928-FRA
pragma: no-cache
date: Tue, 30 Aug 2022 11:36:06 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HuYlyvUGlJS41fuRX7wvdBRZYCUYL9kKID7ImkRwLN%2BrdSk2ggf00g3BWl7G89HMTh5uKYhk%2FaZPuq3mVc9pkoUXGA9kSwGEnrF3DZ8%2BTqslIzkerE6tDn%2FpS65V4NmwNfTRV%2F4fBUZOdg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 30 Aug 2022 11:36:06 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIYKuxqUf3rhbMJht5N5y7c&google_cver=1&gdpr=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 341
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 0270 170 B
188 B 28ms
26ms Image
image/png 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yw32Jti5Yq9oyb-Glqj9ggAABKwAAAIB&gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Aug 2022 11:36:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 0270
Redirect Chain

https://beacon.lynx.cognitivlabs.com/ix.gif
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=a83a2f5e-ae6c-46dd-8232-f58703962902&expiration=1693395366

43 B
910 B

33ms
31ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=a83a2f5e-ae6c-46dd-8232-f58703962902&expiration=1693395366
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray: 742d3a13badc6928-FRA
pragma: no-cache
date: Tue, 30 Aug 2022 11:36:07 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J2vYd0SUXHUBO7BoNI3HUunvsDDGEBoJ8yCqgY03SKpQbgTrQQ4aJ7KuEPNA2DMHPVON7%2BtLNB6RcI5kjHu37WGEJ5SVyqI25rzKvG2HPwU9Mh8%2B2cu8zBw%2Fwqa56Rx19294KE6U4%2Bi0aQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=a83a2f5e-ae6c-46dd-8232-f58703962902&expiration=1693395366
Date: Tue, 30 Aug 2022 11:36:06 GMT
Server: Kestrel
Connection: keep-alive
Content-Length: 0

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 0270
Redirect Chain

https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=1&gdpr_consent=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=qZgadsDwYo_2oqlsktG4&gdpr=1

43 B
908 B

75ms
52ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=qZgadsDwYo_2oqlsktG4&gdpr=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray: 742d3a1248a96928-FRA
pragma: no-cache
date: Tue, 30 Aug 2022 11:36:06 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gVSuv1wfDDzUuuSm8uc3keD2I4DADuJWVH3ZYG8X1ZNRX%2FlFcU8zJlNjkxADLe7M9xCF9SbB5fKJgkAAE7YwyCm7PyNmDgYRZ57bqwcsuTMzz%2BzXH5wKyvaDeJ1kbfRb2wm6HQJssYjy4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=qZgadsDwYo_2oqlsktG4&gdpr=1
Pragma: no-cache
Date: Tue, 30 Aug 2022 11:36:06 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 126
Content-Type: text/html; charset=utf-8

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 0270
Redirect Chain

https://sync.extend.tv/r.gif?exchange=index
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=feef4ff1-2370-451f-be4b-7fa7c6a3ed5b

43 B
908 B

31ms
31ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=feef4ff1-2370-451f-be4b-7fa7c6a3ed5b
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray: 742d3a13cafc6928-FRA
pragma: no-cache
date: Tue, 30 Aug 2022 11:36:07 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SCfYv0E9YYwFohmXQKLr0PnteNr0OnYwd2odMWgiUkCjoV%2B0aKp3JZJGDJuMav8ddzrmNVON%2BMIHUOB2IXK6vJgJXOTOvs%2BbueKznvZGU9zTNhgykoppmN5ipJotrgNw0Rt1ebcH5gblZg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

Pragma: no-cache
Date: Tue, 30 Aug 2022 11:36:06 GMT
Access-Control-Allow-Origin: *
Content-Type: text/html; charset=utf-8
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=feef4ff1-2370-451f-be4b-7fa7c6a3ed5b
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 132
Expires: Tue, 29 May 1984 15:00:00 GMT

GET
H2 200 /
sync.taboola.com/sg/indexscod/1/cm/ Frame 0270 0
99 B 223ms
24ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=1&gdpr_consent=&id=Yw32Jti5Yq9oyb.Glqj9ggAA%261196
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 11:36:06 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 23042

GET
H2 200 sync
ads.servenobid.com/ Frame 0270 0
356 B 51ms
49ms Image
image/avif 52.212.200.243
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=333&uid=Yw32Jti5Yq9oyb-Glqj9ggAABKwAAAIB
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.200.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-200-243.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 11:36:06 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 6729 31 KB
10 KB 47ms
29ms Script
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: c65209840749be7df4eb7f2c6d291d39d51594aa86afaf30e550d2cb2b3d1368

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 11:36:06 GMT
Content-Encoding: gzip
Last-Modified: Wed, 24 Aug 2022 20:46:19 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=62728
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9378
Expires: Wed, 31 Aug 2022 05:01:34 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 6729 284 B
536 B 166ms
18ms Image
image/jpg 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Content-Type: image/jpg

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame DDBC 31 KB
10 KB 42ms
42ms Script
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: c65209840749be7df4eb7f2c6d291d39d51594aa86afaf30e550d2cb2b3d1368

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 11:36:06 GMT
Content-Encoding: gzip
Last-Modified: Wed, 24 Aug 2022 20:46:19 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=62728
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9378
Expires: Wed, 31 Aug 2022 05:01:34 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame DDBC 284 B
536 B 18ms
18ms Image
image/jpg 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Content-Type: image/jpg

GET
H/1.1 204
No Content sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 6729 0
239 B 463ms
105ms Image
image/gif 8.43.72.98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: c57992b917a1c5de787b922c662fdf18
Content-Type: image/gif

GET
H2 200 sync
ads.servenobid.com/ Frame F988 0
344 B 43ms
41ms Image
image/avif 52.212.200.243
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=317&uid=3255878002942032043&gdpr=0&gdpr_consent=
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.200.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-200-243.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 11:36:06 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

GET
H2 200 bsync
visitor.omnitagjs.com/visitor/ Frame F988 0
158 B 111ms
25ms Image
text/plain 185.255.84.152
IGUANE-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/bsync?uid=627080440e659fbe0f85333c665ae1de&name=SMARTADSERVER&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D117%26partneruserid%3DPARTNER_USER_ID%26gdpr%3DGDPR%26gdpr_consent%3DGDPR_CONSENT&gdpr=0&gdpr_consent=

Requested by

Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.152 Ivry-sur-Seine, France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Aug 2022 11:36:06 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 0
content-length: 0
expires: 0

GET
H/1.1 200 9.gif
id5-sync.com/i/102/ Frame F988 43 B
1 KB 17ms
16ms Image
image/gif 141.95.98.67
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/i/102/9.gif?gdpr=0&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.67 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216533.ip-141-95-98.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 11:36:06 GMT
transfer-encoding: chunked
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/gif;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/ Frame F988
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=5&gdpr=0&gdpr_consent=
https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7137631627541936277&gdpr=0&gdpr_consent=

43 B
408 B

112ms
34ms

Image
image/gif

185.86.139.115
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7137631627541936277&gdpr=0&gdpr_consent=
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol: HTTP/1.1
Server: 185.86.139.115 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Aug 2022 11:36:06 GMT
cache-control: no-cache,no-store
content-type: image/gif
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Location: https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7137631627541936277&gdpr=0&gdpr_consent=
Date: Tue, 30 Aug 2022 11:36:06 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame F988
Redirect Chain

https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=135&partneruserid=TAM_OK&redirurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fdcm%3Fpid%3D72348060-38ad-4586-8e4f-f1e2a8e789b3%26id%3DSMART_USE...
https://s.amazon-adsystem.com/dcm?pid=72348060-38ad-4586-8e4f-f1e2a8e789b3&id=3255878002942032043&gdpr=0&gdpr_consent=
https://s.amazon-adsystem.com/dcm?pid=72348060-38ad-4586-8e4f-f1e2a8e789b3&id=3255878002942032043&gdpr=0&gdpr_consent=&dcc=t

43 B
932 B

128ms
128ms

Image
image/gif

209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=72348060-38ad-4586-8e4f-f1e2a8e789b3&id=3255878002942032043&gdpr=0&gdpr_consent=&dcc=t

Requested by

Protocol

HTTP/1.1

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 30 Aug 2022 11:36:07 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: V2C78P5YH2A0XQYN0JC7
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 30 Aug 2022 11:36:07 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: PAT3TPAYW3DVVVXPC44B
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=72348060-38ad-4586-8e4f-f1e2a8e789b3&id=3255878002942032043&gdpr=0&gdpr_consent=&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame DDBC 0
239 B 19ms
18ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Content-Type: image/gif

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: code.jquery.com
URL: https://code.jquery.com/jquery-3.5.1.min.js

Domain: capi-tier-2-us-east-2.connatix.com
URL: https://capi-tier-2-us-east-2.connatix.com/tr/sr?v=178828

Domain: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Domain: capi-tier-2-us-east-2.connatix.com
URL: https://capi-tier-2-us-east-2.connatix.com/tr/ao?v=178828

Domain: capi-tier-2-us-east-2.connatix.com
URL: https://capi-tier-2-us-east-2.connatix.com/rtb/g?v=178828

Domain: capi-tier-2-us-east-2.connatix.com
URL: https://capi-tier-2-us-east-2.connatix.com/tr/ps?v=178828

Domain: um.wbtrk.net
URL: https://um.wbtrk.net/doubleclick/user/match?google_gid=CAESEI9qDXJQbpjLqhdWmKk8RmA&google_cver=1&google_push=AehlK4CYDTKBNypfKE7XvQm8b9qcQYq4X-uIRmMtvCZOtq_xhdLwieaIsEC1i2u6BFiF2yJGWQ9A3eNp7g5Xb61yr4GUqsLMz6nZmA

Verdicts & Comments Add Verdict or Comment

211 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

77 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.turtlediary.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: a0ufu8c057dib8elj8gfnt4ve3
www.turtlediary.com/	1970-01-20 06:20:51	Name: _pbjs_userid_consent_data Value: 6683316680106290
.turtlediary.com/	1970-01-20 15:13:39	Name: _ga Value: GA1.2.961022126.1661859361
.turtlediary.com/	1970-01-20 05:39:05	Name: _gid Value: GA1.2.811299509.1661859361
.turtlediary.com/	1970-01-20 05:37:39	Name: _gat Value: 1
.prebid.a-mo.net/	1970-01-20 14:23:15	Name: __amc Value: 1_1661859360_1661859360
.lijit.com/	1970-01-20 14:23:15	Name: ljtrtb Value: eJyrrgUAAXUA%2BQ%3D%3D
.lijit.com/	1970-01-20 14:23:15	Name: ljt_reader Value: FO24pBZH6xtvluSYRCK66vHq
.serverbid.com/	1970-01-20 05:59:15	Name: CONSUMABLEID Value: 41118ec4e6c549c8918ec4e6c5d9c8f5
.doubleclick.net/	1970-01-20 14:59:15	Name: IDE Value: AHWqTUmWC9ImlIESRC93rZVsH6ccRrcU2jjq2uBtI3vcyfejTRhEFNykPXVBvgHmIZ4
.turtlediary.com/	1970-01-20 14:59:15	Name: __gads Value: ID=017cf80bd786211a:T=1661859361:S=ALNI_MZZP951g7wmN3houck_DUsK4ENfBQ
.quantserve.com/	1970-01-20 07:47:15	Name: d Value: EEMBCQH9JoEA
.quantserve.com/	1970-01-20 15:07:53	Name: mc Value: 630df622-4e803-f877f-ca40f
.uuidksinc.net/	1970-01-20 14:23:15	Name: jcsuuid Value: UbfeVHnT5CLY0tm9JCJR
fksnk.com/	1970-01-20 05:47:44	Name: AWSALBCORS Value: /aZ1VS7Ko1ePNFRUrP/8OLqdN2oN2TMc4a9YSwRGkc1dNjxv2FIYujU0y3WjRPoHh7hA2+AtlOzcuXByjoWAEJ0nr3NwsTG3wLvwejEyJGEaFY/u0phrUVS7V/t3
.fksnk.com/	1970-01-20 07:47:15	Name: f_001 Value: 4468DB56850745D7
.fksnk.com/	1970-01-20 05:39:05	Name: g_001 Value: 1
.zemanta.com/	1970-01-20 14:23:15	Name: zuid Value: qZgadsDwYo_2oqlsktG4
.adnxs.com/	1970-01-20 07:47:15	Name: uuid2 Value: 50711754162459423
.lijit.com/	1970-01-20 14:23:15	Name: _ljtrtb_273657 Value: 273657
.servenobid.com/	1970-01-20 05:47:44	Name: pid_327 Value: 7c7c2717-ce4a-4c61-9992-0b5cc4ab0123
.casalemedia.com/	1970-01-20 07:47:15	Name: CMPS Value: 5135
.yahoo.com/	1970-01-20 14:23:36	Name: A3 Value: d=AQABBCb2DWMCEO3iHo4Z8m-3RxBlDVlz64YFEgEBAQFHD2MXYwAAAAAA_eMAAA&S=AQAAAg3xA1wbON8zWuLF_85KfWQ
.servenobid.com/	1970-01-20 05:47:44	Name: pid_310 Value: FO24pBZH6xtvluSYRCK66vHq
.servenobid.com/	1970-01-20 05:47:44	Name: pid_312 Value: 50711754162459423
.analytics.yahoo.com/	1970-01-20 14:23:15	Name: IDSYNC Value: 17ot~26vn
.gumgum.com/	1970-01-20 14:23:15	Name: vst Value: e_2d6a8a89-342e-40e3-82c8-4fd05634b791
.servenobid.com/	1970-01-20 05:47:44	Name: pid_339 Value: y-Rr0egXNE2uH5CNZdSio.Zx7EgGs_q2Lr0lBj.wc-~A
.servenobid.com/	1970-01-20 05:47:44	Name: pid_337 Value: y-Rr0egXNE2uH5CNZdSio.Zx7EgGs_q2Lr0lBj.wc-~A
.rfihub.com/	1970-01-20 14:59:15	Name: rud Value: H4sIAAAAAAAA_-MSNjU0MjE2MgIiSxNzcwNDc1NjIT5D3WSjgsJQy3Qf48KMMgDeLKRXJQAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjU0MjE2MgIiSxNzcwNDc1NjIT5D3WSjgsJQy3Qf48KMMgDeLKRXJQAAAA
.rfihub.com/	1970-01-20 14:59:15	Name: eud Value: H4sIAAAAAAAA_-sS5zU0MzO0MLU0NjMzsTAHACYnydoQAAAA
.emxdgt.com/	1970-01-20 06:20:51	Name: euid Value: 50801661859366508559f1
.casalemedia.com/	1970-01-20 05:39:05	Name: CMST Value: Yw32JmMN9iYA
.1rx.io/	1970-01-20 14:23:15	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-17409a6b-7d18-41e0-814a-a5c6c4ad9bb5-003%22%2C%22zdxidn%22%3A%221506%22%2C%22nxtrdr%22%3A%22https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D%22%7D
.casalemedia.com/	1970-01-20 14:23:15	Name: CMRUM3 Value: 1a630df62605a0&08630df62605a00&f1630df62605a0&98630df62605a00&2d630df62605a0&27630df6260b40&11630df62605a0&e6630df6262760
.servenobid.com/	1970-01-20 05:47:44	Name: pid_309 Value: e_2d6a8a89-342e-40e3-82c8-4fd05634b791
.servenobid.com/	1970-01-20 05:47:44	Name: pid_324 Value: 5142336719710155790
.emxdgt.com/	1970-01-20 06:20:51	Name: eapn_id Value: 50711754162459423
.openx.net/	1970-01-20 14:23:15	Name: i Value: cefeb6e3-c1f1-40b8-ae09-4faf7f9927a5\|1661859366
.creativecdn.com/	1970-01-20 14:23:15	Name: u Value: kLM4dvYWRxcyUjIDYyJA
.creativecdn.com/	1970-01-20 14:23:15	Name: ts Value: 1661859366
.servenobid.com/	1970-01-20 05:47:44	Name: pid_333 Value: Yw32Jti5Yq9oyb-Glqj9ggAABKwAAAIB
.casalemedia.com/	1970-01-20 14:23:15	Name: CMID Value: Yw32Jv8Bq1LdL.qE.D5HswAA
.casalemedia.com/	1970-01-20 07:47:15	Name: CMPRO Value: 5135
.everesttech.net/	1970-01-20 14:23:15	Name: everest_g_v2 Value: g_surferid~Yw32JgAKNDhbOABC
.smartadserver.com/	1970-01-20 15:07:53	Name: pid Value: 3255878002942032043
.yieldlift.com/	1970-01-20 14:23:15	Name: xuids Value: eyJ4dWlkIjoiYjc4ZWQ1YjItYmVhNy00M2E0LTk4NGMtZmQzNDlhYTFhMGQ0IiwiZHAiOnt9LCJiZGF5IjoiMjAyMi0wOC0zMFQxMTozNjowNi43NDQ3NloifQ==
.bidswitch.net/	1970-01-20 14:23:15	Name: tuuid Value: ca95b234-7d8d-460b-98f0-63c290e6bfd2
.bidswitch.net/	1970-01-20 14:23:15	Name: c Value: 1661859366
.bidswitch.net/	1970-01-20 14:23:15	Name: tuuid_lu Value: 1661859366
.id5-sync.com/	1970-01-20 05:37:39	Name: cf Value:
.id5-sync.com/	1970-01-20 05:37:39	Name: cip Value:
.id5-sync.com/	1970-01-20 05:37:39	Name: cnac Value:
.id5-sync.com/	1970-01-20 05:37:39	Name: car Value:
.id5-sync.com/	1970-01-20 05:37:39	Name: gdpr Value:
.id5-sync.com/	1970-01-20 05:37:39	Name: callback Value:
.servenobid.com/	1970-01-20 05:47:44	Name: pid_317 Value: 3255878002942032043
.servenobid.com/	1970-01-20 05:47:44	Name: pid_314 Value: eyJ4dWlkIjoiYjc4ZWQ1YjItYmVhNy00M2E0LTk4NGMtZmQzNDlhYTFhMGQ0IiwiZHAiOnt9LCJiZGF5IjoiMjAyMi0wOC0zMFQxMTozNjowNi43NDQ3NloifQ==
.disqus.com/	1970-01-20 14:23:15	Name: zeta-ssp-user-id Value: ua-2e5292c8-1d76-3ede-893d-48195ddccec1
.adfarm1.adition.com/	1970-01-20 07:47:15	Name: UserID1 Value: 7137631627541936277
.technoratimedia.com/	1970-01-20 15:13:39	Name: tads_uid Value: GDPR
.outbrain.com/	1970-01-20 07:47:15	Name: obuid Value: 00f78381-7fbc-4c14-b3b5-0e22f52fd2ec
.ipredictive.com/	1970-01-20 14:23:15	Name: cu Value: 9b226f8f-4cc0-4346-92e2-302f2f850fde\|1661859366913
sync.srv.stackadapt.com/	1970-01-20 14:23:15	Name: sa-user-id Value: s%3A0-1c406ebe-fe00-4789-4deb-d6edbb04d066.jTgfqxVxQQyzrzVrNkkLKUFzylTTTJX17IR21XzALFo
.srv.stackadapt.com/	1970-01-20 14:23:15	Name: sa-user-id-v2 Value: s%3AHEBuvv4AR4lN69btuwTQZsEbDhU.%2F8g3ulwNqCXMF9851as1dpWmmIk1W%2BOgdreFzwEKndQ
beacon.lynx.cognitivlabs.com/	1970-01-20 14:23:15	Name: UID Value: a83a2f5e-ae6c-46dd-8232-f58703962902
beacon.lynx.cognitivlabs.com/	1970-01-20 14:23:15	Name: ss Value: us52aJWucm83klggb1x44VVEnXOd5tarDOaNwiKjujBbsA4Z93gWJEPpIWWjFIfUWjQTF4hIAx7NxD%2ByIQB4Yg%3D%3D
.smartadserver.com/	1970-01-20 14:23:15	Name: csync Value: 135:TAM_OK
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8S Value: s8551\|Yw32G
.360yield.com/	1970-01-20 07:47:15	Name: tuuid Value: 04f9c826-ea95-402f-9735-74085eefe9a6
.360yield.com/	1970-01-20 07:47:15	Name: tuuid_lu Value: 1661859367
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: f588308cf57702d8
.amazon-adsystem.com/	1970-01-20 10:45:48	Name: ad-id Value: A1ZL7Foz20OQgB184OjG2Z4
.amazon-adsystem.com/	1970-01-20 15:13:39	Name: ad-privacy Value: 0
.mathtag.com/	1970-01-20 15:03:34	Name: uuid Value: f17f630d-f627-4100-a862-f297629c55a1
.casalemedia.com/	1970-01-20 07:47:15	Name: CMTS Value: 1209

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://www.turtlediary.com/(Line 13) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://dm0le9ta2f1vc.cloudfront.net/script.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.turtlediary.com/(Line 13) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://dm0le9ta2f1vc.cloudfront.net/script.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.turtlediary.com/(Line 13) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/tag/js/gpt.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.turtlediary.com/(Line 13) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://qd.admetricspro.com/js/turtlediary/home-layout.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.turtlediary.com/(Line 13) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://qd.admetricspro.com/js/turtlediary/cmp.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.turtlediary.com/(Line 13) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://qd.admetricspro.com/js/turtlediary/prebid.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.turtlediary.com/(Line 13) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://qd.admetricspro.com/js/turtlediary/engine.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://dm0le9ta2f1vc.cloudfront.net/script.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://dm0le9ta2f1vc.cloudfront.net/script.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://dm0le9ta2f1vc.cloudfront.net/script.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cds.connatix.com/p/plugins/prebid6.20.0-4.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://dm0le9ta2f1vc.cloudfront.net/script.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cds.connatix.com/p/plugins/prebid6.20.0-4.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3667980415a81f45328c5a4170e33ed7.safeframe.googlesyndication.com
ad.360yield.com
ads.pubmatic.com
ads.servenobid.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
ap.lijit.com
b1sync.zemanta.com
beacon.lynx.cognitivlabs.com
bh.contextweb.com
bidswitch-eu.splicky.com
btlr.sharethrough.com
bttrack.com
c.amazon-adsystem.com
c2shb.pubgw.yahoo.com
capi-tier-2-us-east-2.connatix.com
capi.connatix.com
cd.connatix.com
cdn.id5-sync.com
cdn.indexww.com
cdn.turtlediary.com
cdnjs.cloudflare.com
cds.connatix.com
ce.lijit.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
creativecdn.com
cs.emxdgt.com
dm0le9ta2f1vc.cloudfront.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
e.serverbid.com
eb2.3lift.com
eus.rubiconproject.com
fksnk.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
googleads.g.doubleclick.net
hb.yellowblue.io
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.clean.gg
ib.adnxs.com
id5-sync.com
image6.pubmatic.com
imasdk.googleapis.com
img.connatix.com
ins.connatix.com
js-sec.indexww.com
lb.eu-1-id5-sync.com
match.adsrvr.org
match.deepintent.com
mp.4dex.io
nodeaws.turtlediary.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-us-east.rubiconproject.com
pixel.advertising.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
public.servenobid.com
qd.admetricspro.com
r.casalemedia.com
rtb-csync.smartadserver.com
rtb.openx.net
s.amazon-adsystem.com
s.uuidksinc.net
script.4dex.io
secure-assets.rubiconproject.com
secure.adnxs.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
ssp.disqus.com
ssum-sec.casalemedia.com
stags.bluekai.com
sync-tm.everesttech.net
sync.1rx.io
sync.extend.tv
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.serverbid.com
sync.srv.stackadapt.com
sync.taboola.com
sync.technoratimedia.com
tag.1rx.io
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
turtlediary.com
um.wbtrk.net
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
vid.connatix.com
visitor.omnitagjs.com
web.hb.ad.cpe.dotomi.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.turtlediary.com
x.bidswitch.net
x.serverbid.com
x.yieldlift.com
capi-tier-2-us-east-2.connatix.com
code.jquery.com
imasdk.googleapis.com
um.wbtrk.net
103.229.205.242
104.111.215.191
104.18.18.126
104.18.19.126
124.146.215.49
13.248.245.213
141.148.45.191
141.226.228.48
141.95.98.67
142.250.186.98
142.250.74.194
147.75.85.234
151.101.130.137
151.101.194.137
151.101.66.49
152.199.20.123
159.89.246.130
162.19.138.119
168.119.168.202
18.156.0.31
18.156.32.70
18.184.125.137
18.192.150.185
18.205.75.24
18.66.97.42
185.184.8.90
185.255.84.152
185.86.139.101
185.86.139.115
192.132.33.46
193.0.160.129
198.148.27.140
198.47.127.19
198.47.127.22
209.54.182.161
213.19.147.42
213.19.147.44
23.111.151.121
23.205.235.133
23.35.236.247
23.47.208.212
23.75.240.210
2600:9000:223f:7400:1:efdc:4e00:21
2606:4700:10::6816:3556
2606:4700:20::681a:6da
2606:4700:20::681a:9a9
2606:4700::6811:180e
2606:4700::6812:272
2606:4700::6812:c4c
2620:116:800d:21:ef75:8280:f209:5ba1
2a00:1450:4001:801::2002
2a00:1450:4001:802::2002
2a00:1450:4001:806::2002
2a00:1450:4001:806::200a
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2002
2a00:1450:4001:813::200e
2a00:1450:4001:828::2002
2a00:1450:4001:828::2003
2a00:1450:4001:829::2002
2a00:1450:4001:829::2004
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2001
2a02:fa8:8806:20::2100
2a05:d018:d29:3605:a43d:cfec:dc69:3aee
3.210.193.120
3.229.251.39
3.231.251.159
3.72.120.129
3.92.9.222
31.220.27.134
34.247.233.198
34.248.206.77
34.95.69.49
34.98.64.218
35.169.131.238
35.227.252.103
37.252.172.123
37.252.172.250
38.91.45.7
51.38.120.206
52.2.126.119
52.204.206.216
52.212.200.243
52.223.40.198
52.28.203.152
52.57.12.251
52.59.71.86
52.71.211.74
64.74.236.63
65.9.71.118
69.166.1.10
69.173.144.138
69.173.144.139
70.42.32.31
72.251.249.14
8.43.72.98
85.114.159.118
92.123.21.200
99.86.4.25
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0b10398fbe4d144a9ff0bae80b18a62ae1c4744b74344392923e2afd5a3bbc48
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ca951c59281d7d5aec5e39ec7e692594187ebc5acbb82904b6473d3f7922f98
0d6271f6c1c509d78ee10f14174542be0db49486fe7c23201c1b517a063f578e
0dbea748cd27d89085b880816c4b0bc480cf1fc1b347468d008f3272ac07221c
1030fc8851425c20e532acd288aa03d709507bcd3d55367f980d55de309ead68
1c6bc9437ad433852a67980dcc243d11144706735505a7375108a18cbb1fc598
1c9aec4f2b8e548c9177d6710f4edf73f020c9a68f5ac7458fdd2895e337c42e
1d4ee19b918d965bcd79df0e57ea9b99e928e0302a09e534a587975126f2f920
1e501df799a3585e46d1ee32ab18e0d4b1e2dc85109e9bba45b1b76db430159a
1e6113fa95a41038fb32382334e134009323370c3d81fe93cb814df2e7a3b882
2035db0b019a7673dcaaf2c423ee7f2164d1bd54d71d69c85ad13a7b738ee136
205541a490bb02a734619166dbc224c3c37c66a387ea8a3f0e0a622a5ab9fd6d
2224fe26ae24310a1f78b4ff06be32ff8eab0a041fb96c1ba8ee0fed627b75db
24302eeb5b736bcc9f610299a37ac5dcf7e5b4c11591489fe9ad89f1533bd09b
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2b6a20a52a3fc9be588d2a7bffee058f4336e48f1582bb9177821af323888fde
32bd2356e4f658c4e1709bb7bade6927b655e4c3feb635538673d38b97e0059b
334416c325a77993e33c282928a7f6b05d28c54ed5aaebfc9fd1614008c81ab7
35981b6766cb407cfcff7271ceff3057e9ad15da9a56bf9cac2dfe5bb9f5cf47
3a391531204b08a7df618242711d6c9dd419da1f3e156efcb0c784f386996d14
3b325dc4cc400ce5817dd28c5bfaabdce34e9e637f8a25840665055ead80d727
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3d94a91612f816c172c583d17bb06e140969a22fae663e7b8cae7d18d55eb2c6
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4636f9de97f8fb6bb4b047765bc28efe8baf9e8fee333f78b127c543816818d6
467cb53d6936e5e9402ab0b891aa1cce6f3a0d474925440d11158c0730d2deed
4890ec8826894b4d58a2ac0857eacf719f4417ca54e595915fae5f0570dc2145
48b35b7bd62aa098dcccdcd0323caf2ae8ca0273ac6ae80e62a86bf0103e2a84
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4bb3c40a43446eab98cb29c3b7981dee8aa8be1be445fdcbf2e50067e39e6875
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
4d0644e2907fb452263b836128cfcd08881774d5394856fb62326cb21456f804
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f2721fcaed5436f55432318b274d1542e96753b56c6ec6cdbd1c0fdd46bc66d
505fbdd965819f7e704b5749476d6ff9373347a21684ee7fd43b41406ba95ee3
50696977642f55d63c9abe745bb931ceb1f132242accd9afc4249f340302883d
519815bc4a3dd9a571cb56f57c7c6abfbda2b4e2de8c4b884a7535a1705438f2
53687e4ae8005f36a979037115ea1bee8ada96a1fa467c175071912bb431b644
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
580862e36ae2250047584533ef0a3cedeb941bfce494888f4998ca3024a27604
582875c2460910782c8c8c60ca682ccc29e581f10beb6d3d6f781789fe23ff62
5871778f6ee047af0d2aa445d97b568e374fab1f88da69e5f1041939f3474fc4
59617143549980e1251db4886467b59693549fdfee7fb6e63490c4fd3485ce02
5ab5df89c99435090a4fc5b31ac41d5d520deafabc93a2c20f1d4bc7034042b2
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5f5ea9437798f017c4ecfa19b98617e4a2a07e49402a520b9d6eda8e5e7a2309
6279b0a9b0b726dea78e23ea4489a5454b243f9f5520169cee39b9a424cc8ccd
6493fe707262fb8d9bc0e4d487e319fc9ebe7de26ebe7e3b4f58a5d17f03a9ea
66be9f44d52117bba411612fe7ab3f66b6c30ea28db10b8e4c0dd035f7dce6cc
68fb114544676a7ff3da526d1c5944d17659f972759f4d6712dc03989ca078a0
6935aeb7ce0d9da986f062094e9d6fe081cd13f29517c42bd770b72e551895b9
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6e6377776a1104aed9b11142115b22dcaad3cf78ae76d255e454b04b7189af32
722fefa695bdf5a6a1b6c2e6f0fda474edbf575098f18310f69e4540ead991df
739ab1cbd5fc795c806cfbc012e937834a1d566f02ed72ff02af2700c0629eb4
7479d4ef40ffd56d5fa5dce55e300b60785d624df0f763a780f82002b3483d9a
74f43d2382f98d0dc87ca776afb2223d2df5d11e7ed7bc4e41dfc700c263b6e6
781a26644f200441299dd3f071392c63fcf15cab6a77f699936866a2b9d6c883
78f843d3abb760189d189f74b3f80bb0ca13e40ede8caad1c05c321ffeb78cf4
7b08eca7e48d4cdb0c939b874869d7e2f404de6328519c758e70301cffb01afd
7efdca1ce8a8ee4fb50887d9f88bdace1026e0f76ea1e64a802b97402d825a79
81a161d5793ac2a33f02ddcd64fb0dc2d028616dac084e4f64e77f4898b0c4e4
82b1ac7bac4f54d30e2a421e5bc0a1e9fc338eb18acb299f0edd64462daf9cf7
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
84655379562b78b8ceaad516ea420fd1a7fa635689478374b493302fbed0ffde
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a2e2fb6f3fb55c6e082d8761acce94483842596ef9cbcf2792290ed07e9a314
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8c51666dc597f3c00d8b96c9cdcea12f28b4add101103868b0df81fbaa0b069f
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c
9094ec434576a0f54487e7576a0c577c9716ac652a76e40dcfab3637f6a4b2aa
92033b58253abb0529325a307ee85442a1fdea546a274288480595391784a510
94250919b0ff8ec072aa2503949b2aa0d54064c771413d59f9e688f4edff260d
953eff9ab0eb40b8c203e6aaf624ffb713a696b07d611ad7fa78d4373d55308d
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
99ff24f75b4bfc2b9efa57f859eb63434ffc42ca2d5f6253ef60d14f72043ad1
9a7e2f2daef118825ab8bb58bc3cd9dbb3c83cb84772a08f6c5758d706fef173
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c5eab6657a64c3738f572154f23d884c4d15da744a4eea7f6cc0d4a942d2bd9
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a17bf5a5e1a1e1c69faa10ec7a45118181b51ca287bb2374c32798eff7edbb09
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a434845061ab9f9342679399368a6b04a447068acfa407e8a6e316ee71a9e15c
a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ee1ee672866c689ca31e8c8ed157d602f67f0e25125cadebff402152a5f0e4
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7a26b8135736404f185ffee33d6e5e1f58bddb55206e5880c41ac662f25a5c3
a7e8ed2d7bbdbcaeeee81c3433f057d64a32c000112bbd09b5969fc658d0a655
a9ffbab2d89c48fa501a00c4ca9cbd4ec46eb3fb2c3db797a053425d890feed0
aad48e612efa9d7364a3ad0e06aaa0d46320b7a57cc13697a8997ee9ef7c9101
abb60e7cf9f019236835676934158d2c4ab822b64e56b9afa627bde68c0e4a5b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3d58bcf272258d6dde92e0123d8bd16f3caf1c4a025147c5964fe778e064e6a
b55131eaef425cb84b957a28df5881c3c83eb11ca9c01e3abccb00baf0e377b6
b886a752090d608a97e591463d5d26c58c9871ae59eec813e86fb8b2e0f4951e
b9d88c1280c412b1bccb32e6d99da3369feeb3fae8b64900e7066a1829385699
bad4155111cfa8d146fe8dcdcf3935651d730dfd8fc67550c14f8ae8fe41bb69
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bf49e27fc683ba28a41f55094272531e6b8375d5c37e90392a671f5c551a2888
bfff50bcb36b80b74e247520c693eb6fb98acf98846ec881bee58f40621bad04
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c561d7fffec8bd07961d6d60c7be2d27f6898d162b603329254f6dcef7394d53
c65209840749be7df4eb7f2c6d291d39d51594aa86afaf30e550d2cb2b3d1368
c9c48bbf1a2d7eef0e21de8b0024c680ce39da23fa6d375622a0e058e6d9b4d2
ca3fd93b9e357a5b1eab3d7ef9f08092aaa0bedd9cfd0a44a4b8dd8442d71711
cfdf39f9929a41d5c797c60c9f2c5d4d1361d7f522336a7fff5171351e8c06ab
d037ba3209044db2ccff64a55106d5e69f4f0e4b78429fcdf1ca12936edb519e
d2531c060499a31d29528942642ecaf731ca7d26f8c2ffe3b9aba20f79a51419
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d30c6e1404518a06afa28827e3a6e8b0366bcf81b04a3c92215a04092b303bd2
d6cb3641a88d23be3e45023d313bfd54dd3640a4bfe07b3b88d63e3fba328d19
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
dfb95277447e40b12c0841ece47ecc7b56e0e596e2ba986c31fb09db7d76c844
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e62a00258a2118faad7754b5c5c19174124e4b2ec83a330bd5f9515c19529b94
e7f6c011776e8db7cd330b54174fd76f7d0216b612387a5ffcfb81e6f0919683
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
ea63f459f94ada608a16ba2f78f60ff25369c53ea9ec652068a10fd508045be2
eaa593bcfe485f4b5a8ac997cf9936604f9fbef91652db94a8e22b75d612bfc1
eacd6f9fb90913a5ca306a9892074cfbf833c7818d0280fb03b02a11540d38b0
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
eed80dfe398c646f792fa412f76ba7a538d1b784c851b5aaddd07a9fe948eb01
f1e15b14e81404fef6d664d9c1cbbbac696e3c7e61a91be65191197518140631
f4a9c7e802b59da407d928f885788fca893d1e025169c9c2e32806143c23fdc0
f60e27beae5e9a24ea8ed0d3873df32ff43600cef161c320ec199c714bc79420
f63e08b18115b72e6d2cbe9db5f7527d2731545d38beae54317e10cfe0f58fc6
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f9a10012eb69419243defffa007806bdfe0ae259bc68394458ea6bcfdf806c1a
fb0804bac34ff93677c0caf83c0b156f58e81b5958d50756f2c065da6e8b237f
fbb90307b405341490aac22199b3cb709ba27d6659a83d18c8bf42ccb912a29a
fc76ad27ec124c4daa115980a9bea11d31252e3f7a580b455e5578f90a2ef98d
fcbabccaea79a3c9d12177851138a270b4a0cfbcdddc24b0c68ee238f53d16a5
fdf89d1a74034d42ce15ca995a045aa9a3dac6a12209cba90445d6a0ca2368d5
ffe461772c4b9ad4357f0c9b843d14199091bacacca645bf0a38a9bee0f8ce05

www.turtlediary.com Open in urlscan Pro 152.199.20.123 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

244 Requests

80 %HTTPS

24 %IPv6

72 Domains

114 Subdomains

74 IPs

9 Countries

2505 kBTransfer

6755 kBSize

77 Cookies

0 Outgoing links

Page URL History

Redirected requests

244 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.turtlediary.com Open in urlscan Pro
152.199.20.123 Public Scan

Screenshot
Live screenshot

Full Image

244
Requests

80 %
HTTPS

24 %
IPv6

72
Domains

114
Subdomains

74
IPs

9
Countries

2505 kB
Transfer

6755 kB
Size

77
Cookies

244 HTTP transactions
0 data transactions