turkeypetrolerri.online Open in urlscan Pro
172.67.148.186 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://turkeypetrolerri.online/
Effective URL:
https://turkeypetrolerri.online/
Submission: On July 08 via api (July 8th 2024, 3:17:25 pm UTC) from TR — Scanned from DE

Summary HTTP 52 Redirects Behaviour Indicators

Summary

This website contacted 13 IPs in 3 countries across 9 domains to perform 52 HTTP transactions. The main IP is 172.67.148.186, located in United States and belongs to CLOUDFLARENET, US. The main domain is turkeypetrolerri.online.
TLS certificate: Issued by WE1 on July 5th 2024. Valid for: 3 months.

This is the only time turkeypetrolerri.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	172.67.148.186 172.67.148.186	13335 (CLOUDFLAR...) (CLOUDFLARENET)
29	104.18.24.205 104.18.24.205	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6816:4bd8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2620:116:800d... 2620:116:800d:21:de2e:c7b3:55c0:d5a0	16509 (AMAZON-02) (AMAZON-02)
1	130.211.23.194 130.211.23.194	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2606:4700:20:... 2606:4700:20::ac43:4513	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.186.38 142.250.186.38	15169 (GOOGLE) (GOOGLE)
1	2600:9000:217... 2600:9000:2176:5e00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
1	142.250.186.100 142.250.186.100	15169 (GOOGLE) (GOOGLE)
52	13

5 172.67.148.186 (United States)

ASN13335 (CLOUDFLARENET, US)

turkeypetrolerri.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 104.18.24.205 (None, )

ASN13335 (CLOUDFLARENET, US)

c.tadst.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:4bd8 (United States)

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:de2e:c7b3:55c0:d5a0 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.23.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4513 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.38 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2176:5e00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

84ccd868fbf7dc5eb7ba733ab9d75982.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.100 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	tadst.com c.tadst.com — Cisco Umbrella Rank: 60878	82 KB
6	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 279 ad.doubleclick.net — Cisco Umbrella Rank: 215	177 KB
5	turkeypetrolerri.online turkeypetrolerri.online	398 KB
4	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 157 84ccd868fbf7dc5eb7ba733ab9d75982.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 211	19 KB
2	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 1620	1 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 2321 pixel.quantserve.com — Cisco Umbrella Rank: 1666	10 KB
2	btloader.com btloader.com — Cisco Umbrella Rank: 1597 api.btloader.com — Cisco Umbrella Rank: 1817	19 KB
1	google.com www.google.com — Cisco Umbrella Rank: 10
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 2117	2 KB
52	9

	Domain	Requested by
29	c.tadst.com	turkeypetrolerri.online c.tadst.com
5	securepubads.g.doubleclick.net	turkeypetrolerri.online securepubads.g.doubleclick.net
5	turkeypetrolerri.online	turkeypetrolerri.online
2	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
2	ad-delivery.net	turkeypetrolerri.online
1	www.google.com	tpc.googlesyndication.com
1	84ccd868fbf7dc5eb7ba733ab9d75982.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	pagead2.googlesyndication.com	securepubads.g.doubleclick.net
1	pixel.quantserve.com	turkeypetrolerri.online
1	rules.quantcount.com	secure.quantserve.com
1	ad.doubleclick.net	turkeypetrolerri.online
1	api.btloader.com	btloader.com
1	secure.quantserve.com	turkeypetrolerri.online
1	btloader.com	turkeypetrolerri.online
52	14

This site contains no links.

Subject Issuer	Validity	Valid
turkeypetrolerri.online WE1	`2024-07-05` - `2024-10-03`	3 months	crt.sh
c.tadst.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-24` - `2024-08-23`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
btloader.com WE1	`2024-06-12` - `2024-09-10`	3 months	crt.sh
quantserve.com R10	`2024-06-24` - `2024-09-22`	3 months	crt.sh
api.btloader.com GTS CA 1D4	`2024-06-04` - `2024-09-02`	3 months	crt.sh
ad-delivery.net GTS CA 1P5	`2024-05-17` - `2024-08-15`	3 months	crt.sh
*.doubleclick.net WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
tpc.googlesyndication.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.google.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://turkeypetrolerri.online/
Frame ID: AEF8F691D5DBC67EAA2BCB0B9FD82863
Requests: 48 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: 17EF8288A96C20BA3291A65EAB382F8F
Requests: 1 HTTP requests in this frame

Frame: https://84ccd868fbf7dc5eb7ba733ab9d75982.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: CE0AD91034D8AA4CC00DEED3238929B0
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 45A0F39C696CF9A9AEF794C5C08C708B
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2B92C41A0A60571139FFAB4F4AF629B3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Current Local Time in Denizli, Turkey

Page URL History Show full URLs

http://turkeypetrolerri.online/ HTTP 307
https://turkeypetrolerri.online/ Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Page Statistics

52
Requests

100 %
HTTPS

46 %
IPv6

9
Domains

14
Subdomains

13
IPs

3
Countries

707 kB
Transfer

1356 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://turkeypetrolerri.online/ HTTP 307
https://turkeypetrolerri.online/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

52 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
turkeypetrolerri.online/
Redirect Chain

http://turkeypetrolerri.online/
https://turkeypetrolerri.online/

87 KB
18 KB

281ms
199ms

Document
text/html

172.67.148.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://turkeypetrolerri.online/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.148.186 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7bfd6b7faea18715c35ccc9e6dee5c18778bc3f231e86e4ec82a020024e5a24a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8a010a667ade3a9d-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 08 Jul 2024 15:17:21 GMT
expires: Mon, 08 Jul 2024 15:17:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UpAG21AK407NaGGIMYMKCz0IEOOmW0OocS%2BNCJwFLw0qrLepYyVifFxyMGue%2Bz23ity%2FHkE%2B%2B%2ByctRUqngRJeLYpFg1KUGipcVb8BGiTsv7u4dQf%2FNkxZ6SY%2FN6ECOy%2FkMMRXcTbqkIOeA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

Location: https://turkeypetrolerri.online/
Non-Authoritative-Reason: HttpsUpgrades

GET
H3 200 iconfont.woff2@v8
turkeypetrolerri.online/lander/white-tr-mesmero2/ 5 KB
6 KB 76ms
76ms Font
application/octet-stream 172.67.148.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://turkeypetrolerri.online/lander/white-tr-mesmero2/iconfont.woff2@v8

Requested by

Host: turkeypetrolerri.online
URL: https://turkeypetrolerri.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.148.186 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef4479b867b50cb063a81ff5d78c68ca95b732ef59591375cdecc79d1a57a958

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://turkeypetrolerri.online/
Origin: https://turkeypetrolerri.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 15:17:21 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Wed, 24 Apr 2024 11:23:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6628eba1-15a0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y%2FFoN6%2BVuVWcw9uxY6nZbg3E59MZnnFHP07iL2YA0Pb3hFn3drb8HH3xqyPqZnMffBtEpRRpE3KcgF8QHTxojPa7UIXBTuUjaTal5ZXRGdKMnQ92c0IoCSyjXSxotzsT05fN8MjWKdbtfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
accept-ranges: bytes
cf-ray: 8a010a680cef3a9d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 5536

GET
H3 200 global_31.css.br
c.tadst.com/com/common/ 80 KB
18 KB 271ms
187ms Stylesheet
text/css 104.18.24.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tadst.com/com/common/global_31.css.br
Requested by: Host: turkeypetrolerri.online
URL: https://turkeypetrolerri.online/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.24.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85c10f32ac3cf1d4e831179577e732883d99e9215405c0f3506847ebc5687351

Request headers

Referer: https://turkeypetrolerri.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 15:17:21 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 30 Apr 2024 10:15:45 GMT
server: cloudflare
vary: Accept-Encoding,Origin
content-type: text/css
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 8a010a688c3bb5fd-WAW
alt-svc: h3=":443"; ma=86400
content-length: 17967
expires: Mon, 22 Jul 2024 15:17:21 GMT

GET
H3 200 prebidtad.reg.desk_3.js.br Show response
turkeypetrolerri.online/lander/white-tr-mesmero2/ 371 KB
371 KB 102ms
100ms Script
application/octet-stream 172.67.148.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://turkeypetrolerri.online/lander/white-tr-mesmero2/prebidtad.reg.desk_3.js.br

Requested by

Host: turkeypetrolerri.online
URL: https://turkeypetrolerri.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.148.186 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

04f51db40dc1ecb0d0661e836432a08de8e5c2556e24c20d179c547c5d6a30f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://turkeypetrolerri.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 15:17:21 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Wed, 24 Apr 2024 11:23:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6628eba1-5cb6e"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EXgIBUEdCJOhYpds8CW9TUvum%2B8cnzqfryxvdXMkFCIXDJ2LMJg8ETpzKWL9M9xwbH3oM2VRbMPtmLxb7dAuh%2F74XxQbXzDwwteYY9wyWXjdlayZW1SiXt922mJlpwnL4GC7e0ohCs%2BMbw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
accept-ranges: bytes
cf-ray: 8a010a680cf93a9d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 379758

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 97 KB
31 KB 163ms
79ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: turkeypetrolerri.online
URL: https://turkeypetrolerri.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

abb2128f302aeffebae42fece5d2e262b01fa933b6ead7183d7e91a3a1738381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://turkeypetrolerri.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 15:17:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31286
x-xss-protection: 0
server: cafe
etag: 628 / 19912 / m202407020101 / config-hash: 17426915506310892404
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 08 Jul 2024 15:17:21 GMT

GET
H2 200 tag Show response
btloader.com/ 55 KB
19 KB 140ms
52ms Script
application/javascript 2606:4700:10::6816:4bd8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=5174239513018368&upapi=true
Requested by: Host: turkeypetrolerri.online
URL: https://turkeypetrolerri.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4bd8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cfac83eb8b84117970a7ab50846917c73d922bef5862c3cb46bc2cf2b27eceee

Request headers

Referer: https://turkeypetrolerri.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 15:17:21 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
last-modified: Mon, 08 Jul 2024 14:48:32 GMT
server: cloudflare
age: 1725
etag: "5b63c43357912321305eb27e5f39f5b1"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges: bytes
cf-ray: 8a010a68a95471ac-FRA
content-length: 18695

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
10 KB 253ms
46ms Script
application/javascript 2620:116:800d:21:de2e:c7b3:55c0:d5a0
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: turkeypetrolerri.online
URL: https://turkeypetrolerri.online/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 76c46df9a6ba94318fafe8023e3f52e28b1b9a1eaf16dcd4d7ce95ab6942859b

Request headers

Referer: https://turkeypetrolerri.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 15:17:21 GMT
content-encoding: gzip
etag: "tIg8n6xaLBY4WwNLLw9OGA=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Mon, 15 Jul 2024 15:17:21 GMT

GET
H3 200 tpl_banner_22.css.br
c.tadst.com/com/common/ 9 KB
2 KB 143ms
59ms Stylesheet
text/css 104.18.24.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tadst.com/com/common/tpl_banner_22.css.br
Requested by: Host: turkeypetrolerri.online
URL: https://turkeypetrolerri.online/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.24.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09db698e1c40227a81ec4886e65dcc230b544324c7981cd203b5455058a7476f

Request headers

Referer: https://turkeypetrolerri.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 15:17:21 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 23 Jan 2024 10:09:18 GMT
server: cloudflare
age: 1131207
vary: Accept-Encoding,Origin
content-type: text/css
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 8a010a688c3eb5fd-WAW
alt-svc: h3=":443"; ma=86400
content-length: 1536
expires: Mon, 22 Jul 2024 15:17:21 GMT

GET
H3 200 citypages_53.css.br
c.tadst.com/com/common/ 10 KB
3 KB 182ms
97ms Stylesheet
text/css 104.18.24.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tadst.com/com/common/citypages_53.css.br
Requested by: Host: turkeypetrolerri.online
URL: https://turkeypetrolerri.online/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.24.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3140d841459c7dc7b848d1ddc37c07120d8b2558decb24450b0c4aa9d1d2d866

Request headers

Referer: https://turkeypetrolerri.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 15:17:21 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 23 Jan 2024 10:09:22 GMT
server: cloudflare
age: 1131207
vary: Accept-Encoding,Origin
content-type: text/css
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 8a010a688c3fb5fd-WAW
alt-svc: h3=":443"; ma=86400
content-length: 2738
expires: Mon, 22 Jul 2024 15:17:21 GMT

GET
H3 200 city_overview_26.css.br
c.tadst.com/com/common/ 12 KB
3 KB 143ms
58ms Stylesheet
text/css 104.18.24.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tadst.com/com/common/city_overview_26.css.br
Requested by: Host: turkeypetrolerri.online
URL: https://turkeypetrolerri.online/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.24.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d17e6d55bf3d47e1932a1bafbe4f9a6737e79e982c38dfc2981cad4918d59e2

Request headers

Referer: https://turkeypetrolerri.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 15:17:21 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 23 Jan 2024 10:09:15 GMT
server: cloudflare
age: 1130846
vary: Accept-Encoding,Origin
content-type: text/css
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 8a010a688c45b5fd-WAW
alt-svc: h3=":443"; ma=86400
content-length: 2921
expires: Mon, 22 Jul 2024 15:17:21 GMT

GET
H3 200 tr.png
c.tadst.com/gfx/n/fl/48/ 861 B
1 KB 113ms
111ms Image
image/png 104.18.24.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.tadst.com/gfx/n/fl/48/tr.png
Requested by: Host: turkeypetrolerri.online
URL: https://turkeypetrolerri.online/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.24.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5571293335b57878844fbad3aea3f8af9e9909f90f00249b6f0b676e86a01333

Request headers

Referer: https://turkeypetrolerri.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 15:17:21 GMT
cf-cache-status: HIT
last-modified: Sat, 05 Sep 2015 22:17:25 GMT
server: cloudflare
age: 1129795
vary: Origin, Accept-Encoding
content-type: image/png
cache-control: public, max-age=10000000
accept-ranges: bytes
cf-ray: 8a010a68ecbdb5fd-WAW
alt-svc: h3=":443"; ma=86400
content-length: 861
expires: Fri, 01 Nov 2024 09:04:01 GMT

GET
H3 200 tr-10.png
c.tadst.com/gfx/citymap/ 7 KB
7 KB 141ms
58ms Image
image/png 104.18.24.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.tadst.com/gfx/citymap/tr-10.png?9
Requested by: Host: turkeypetrolerri.online
URL: https://turkeypetrolerri.online/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.24.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f7f8f2d1ccc10a6e92fc58f6818f26ab3385765b92f46b84678f739c5cc31a6

Request headers

Referer: https://turkeypetrolerri.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 15:17:21 GMT
cf-cache-status: HIT
last-modified: Thu, 21 Jul 2016 13:41:05 GMT
server: cloudflare
age: 1129795
vary: Origin, Accept-Encoding
content-type: image/png
cache-control: public, max-age=10000000
accept-ranges: bytes
cf-ray: 8a010a688c3cb5fd-WAW
alt-svc: h3=":443"; ma=86400
content-length: 6939
expires: Fri, 01 Nov 2024 09:04:01 GMT

GET
H3 200 icon-map-pin.png
c.tadst.com/gfx/n/icon/ 441 B
650 B 71ms
69ms Image
image/png 104.18.24.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.tadst.com/gfx/n/icon/icon-map-pin.png
Requested by: Host: turkeypetrolerri.online
URL: https://turkeypetrolerri.online/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.24.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa052601ef12ee9562dfc62b446d1a8a3ebad33ed9e9108bf0675f3a09ef7b65

Request headers

Referer: https://turkeypetrolerri.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 15:17:21 GMT
cf-cache-status: HIT
last-modified: Sun, 11 Jan 2015 02:07:33 GMT
server: cloudflare
age: 1145794
vary: Origin, Accept-Encoding
content-type: image/png
cache-control: public, max-age=10000000
accept-ranges: bytes
cf-ray: 8a010a68ecbeb5fd-WAW
alt-svc: h3=":443"; ma=86400
content-length: 441
expires: Fri, 01 Nov 2024 09:04:01 GMT

GET
H3 200 wt-7.svg
c.tadst.com/gfx/w/svg/ 2 KB
803 B 114ms
112ms Image
image/svg+xml 104.18.24.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.tadst.com/gfx/w/svg/wt-7.svg
Requested by: Host: turkeypetrolerri.online
URL: https://turkeypetrolerri.online/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.24.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee3e3c9a4c1c88c2490b22a3c2811657ca2ba50e38426ae5bbc985e8bf19f33c

Request headers

Referer: https://turkeypetrolerri.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 15:17:21 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 25 Feb 2020 15:57:01 GMT
server: cloudflare
age: 1146335
vary: Accept-Encoding,Origin
content-type: image/svg+xml
cache-control: public, max-age=10000000
accept-ranges: bytes
cf-ray: 8a010a68ecc0b5fd-WAW
alt-svc: h3=":443"; ma=86400
content-length: 581
expires: Fri, 01 Nov 2024 09:04:01 GMT

GET
H3 200 wt-2.svg
c.tadst.com/gfx/w/svg/ 2 KB
790 B 114ms
112ms Image
image/svg+xml 104.18.24.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.tadst.com/gfx/w/svg/wt-2.svg
Requested by: Host: turkeypetrolerri.online
URL: https://turkeypetrolerri.online/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.24.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d160e1776e304d37c9c2b636563d7dfce97d3a4db4ed05025c7c9df951ae058

Request headers

Referer: https://turkeypetrolerri.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 15:17:21 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 30 Mar 2020 11:44:13 GMT
server: cloudflare
age: 1146336
vary: Accept-Encoding,Origin
content-type: image/svg+xml
cache-control: public, max-age=10000000
accept-ranges: bytes
cf-ray: 8a010a68ecc2b5fd-WAW
alt-svc: h3=":443"; ma=86400
content-length: 568
expires: Fri, 01 Nov 2024 09:04:01 GMT

GET
H3 200 wc-tmz.png
c.tadst.com/gfx/n/i/ 987 B
1 KB 187ms
103ms Image
image/png 104.18.24.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.tadst.com/gfx/n/i/wc-tmz.png
Requested by: Host: turkeypetrolerri.online
URL: https://turkeypetrolerri.online/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.24.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a0dddcb62bcc681f8cda02134c3216e93ec701bfcb19adbf311935600eacb8f

Request headers

Referer: https://turkeypetrolerri.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 15:17:21 GMT
cf-cache-status: HIT
last-modified: Sun, 11 Jan 2015 02:07:10 GMT
server: cloudflare
age: 1144360
vary: Origin, Accept-Encoding
content-type: image/png
cache-control: public, max-age=10000000
accept-ranges: bytes
cf-ray: 8a010a688c42b5fd-WAW
alt-svc: h3=":443"; ma=86400
content-length: 987
expires: Fri, 01 Nov 2024 09:04:01 GMT

GET
H3 200 wc-nodst.png
c.tadst.com/gfx/n/i/ 717 B
926 B 114ms
112ms Image
image/png 104.18.24.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.tadst.com/gfx/n/i/wc-nodst.png
Requested by: Host: turkeypetrolerri.online
URL: https://turkeypetrolerri.online/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.24.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c00280650f672626c573272512b1ccb326c2a8bc16ee87b1c41ca88f7f80da94

Request headers

Referer: https://turkeypetrolerri.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 15:17:21 GMT
cf-cache-status: HIT
last-modified: Sun, 11 Jan 2015 02:07:09 GMT
server: cloudflare
age: 1144236
vary: Origin, Accept-Encoding
content-type: image/png
cache-control: public, max-age=10000000
accept-ranges: bytes
cf-ray: 8a010a68ecc4b5fd-WAW
alt-svc: h3=":443"; ma=86400
content-length: 717
expires: Fri, 01 Nov 2024 09:04:01 GMT

GET
H3 200 wc-dff.png
c.tadst.com/gfx/n/i/ 716 B
925 B 73ms
71ms Image
image/png 104.18.24.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.tadst.com/gfx/n/i/wc-dff.png
Requested by: Host: turkeypetrolerri.online
URL: https://turkeypetrolerri.online/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.24.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5aa51ea20ae2ea52cd995c3dd0002e1bf9d8d014a72f8d7b519a1adf673522a

Request headers

Referer: https://turkeypetrolerri.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 15:17:21 GMT
cf-cache-status: HIT
last-modified: Sun, 11 Jan 2015 02:07:06 GMT
server: cloudflare
age: 1144360
vary: Origin, Accept-Encoding
content-type: image/png
cache-control: public, max-age=10000000
accept-ranges: bytes
cf-ray: 8a010a68ecb1b5fd-WAW
alt-svc: h3=":443"; ma=86400
content-length: 716
expires: Fri, 01 Nov 2024 09:04:01 GMT

GET
H3 200 wc-snr.png
c.tadst.com/gfx/n/i/ 469 B
678 B 73ms
72ms Image
image/png 104.18.24.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.tadst.com/gfx/n/i/wc-snr.png
Requested by: Host: turkeypetrolerri.online
URL: https://turkeypetrolerri.online/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.24.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8138b7a7a9081c3cfe1a7c96f85f4d92b6e66f55700356dec892b8e28509b44

Request headers

Referer: https://turkeypetrolerri.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 15:17:21 GMT
cf-cache-status: HIT
last-modified: Sun, 11 Jan 2015 02:07:10 GMT
server: cloudflare
age: 1144360
vary: Origin, Accept-Encoding
content-type: image/png
cache-control: public, max-age=10000000
accept-ranges: bytes
cf-ray: 8a010a68ecb3b5fd-WAW
alt-svc: h3=":443"; ma=86400
content-length: 469
expires: Fri, 01 Nov 2024 09:04:01 GMT

GET
H3 200 wc-sns.png
c.tadst.com/gfx/n/i/ 466 B
675 B 90ms
89ms Image
image/png 104.18.24.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.tadst.com/gfx/n/i/wc-sns.png
Requested by: Host: turkeypetrolerri.online
URL: https://turkeypetrolerri.online/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.24.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9aa1e94039ec3e2d657e3dc598c5ba7f67fb68a48e330fd9832b3cb50f949f0

Request headers

Referer: https://turkeypetrolerri.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 15:17:21 GMT
cf-cache-status: HIT
last-modified: Sun, 11 Jan 2015 02:07:10 GMT
server: cloudflare
age: 1144360
vary: Origin, Accept-Encoding
content-type: image/png
cache-control: public, max-age=10000000
accept-ranges: bytes
cf-ray: 8a010a68ecb5b5fd-WAW
alt-svc: h3=":443"; ma=86400
content-length: 466
expires: Fri, 01 Nov 2024 09:04:01 GMT

GET
H3 200 wc-dln.png
c.tadst.com/gfx/n/i/ 607 B
816 B 115ms
113ms Image
image/png 104.18.24.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.tadst.com/gfx/n/i/wc-dln.png
Requested by: Host: turkeypetrolerri.online
URL: https://turkeypetrolerri.online/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.24.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7690fe188596a70bfd1cf255a78a79947dcba2e9cc46481cef75db835ee38fa3

Request headers

Referer: https://turkeypetrolerri.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 15:17:21 GMT
cf-cache-status: HIT
last-modified: Sun, 11 Jan 2015 02:07:08 GMT
server: cloudflare
age: 1144360
vary: Origin, Accept-Encoding
content-type: image/png
cache-control: public, max-age=10000000
accept-ranges: bytes
cf-ray: 8a010a68ecc5b5fd-WAW
alt-svc: h3=":443"; ma=86400
content-length: 607
expires: Fri, 01 Nov 2024 09:04:01 GMT

GET
H3 200 moon.php@m=1&i=0.998&p=3.845&r=0.266
turkeypetrolerri.online/lander/white-tr-mesmero2/ 1 KB
2 KB 69ms
68ms Image
application/octet-stream 172.67.148.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://turkeypetrolerri.online/lander/white-tr-mesmero2/moon.php@m=1&i=0.998&p=3.845&r=0.266

Requested by

Host: turkeypetrolerri.online
URL: https://turkeypetrolerri.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.148.186 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

541a25ed4f2a16dbfae243dd9885cc998b09649e06d37b318e732f92c637fe01

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://turkeypetrolerri.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 15:17:21 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Wed, 24 Apr 2024 11:23:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6628eba1-4e7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NbpWL8Or8eyfl4Q%2Bjb9tEGYSk53Uiece7L3t7pHHX3%2BVfdZ%2FsFNCR%2Fz2V7%2FAbkS%2FRjciQTTOX9P9o%2FOa6gos%2FDhAiTlW%2FL1Fl9j%2FtPT24vGoK1l9rgLTwF%2F6CYGgPctLtWqXSlVemnyGPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
accept-ranges: bytes
cf-ray: 8a010a682d253a9d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1255

GET
H3 200 wc-clc.png
c.tadst.com/gfx/n/i/ 457 B
669 B 116ms
113ms Image
image/png 104.18.24.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.tadst.com/gfx/n/i/wc-clc.png
Requested by: Host: turkeypetrolerri.online
URL: https://turkeypetrolerri.online/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.24.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b342157b6e91ecd217341928d5fe8b2b723aabfd9a9cadbbb8c1094b250ef12d

Request headers

Referer: https://turkeypetrolerri.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 15:17:21 GMT
cf-cache-status: HIT
last-modified: Sun, 11 Jan 2015 02:07:04 GMT
server: cloudflare
age: 1144360
vary: Origin, Accept-Encoding
content-type: image/png
cache-control: public, max-age=10000000
accept-ranges: bytes
cf-ray: 8a010a68ecc7b5fd-WAW
alt-svc: h3=":443"; ma=86400
content-length: 457
expires: Fri, 01 Nov 2024 09:04:01 GMT

GET
H3 200 wc-cal.png
c.tadst.com/gfx/n/i/ 423 B
632 B 116ms
114ms Image
image/png 104.18.24.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.tadst.com/gfx/n/i/wc-cal.png
Requested by: Host: turkeypetrolerri.online
URL: https://turkeypetrolerri.online/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.24.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f0fd4c6fc5db5f1ea9fe9eba9ad25901cd6c38964915f235ebbf02332a0128e

Request headers

Referer: https://turkeypetrolerri.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 15:17:21 GMT
cf-cache-status: HIT
last-modified: Sun, 11 Jan 2015 02:07:02 GMT
server: cloudflare
age: 1144360
vary: Origin, Accept-Encoding
content-type: image/png
cache-control: public, max-age=10000000
accept-ranges: bytes
cf-ray: 8a010a68ecc8b5fd-WAW
alt-svc: h3=":443"; ma=86400
content-length: 423
expires: Fri, 01 Nov 2024 09:04:01 GMT

GET
H3 200 wc-nrb.png
c.tadst.com/gfx/n/i/ 426 B
635 B 117ms
114ms Image
image/png 104.18.24.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.tadst.com/gfx/n/i/wc-nrb.png
Requested by: Host: turkeypetrolerri.online
URL: https://turkeypetrolerri.online/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.24.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2a5fc560c5b46a79385b2c425fccfdb13808281bc2fa3ab7f4960ea597561ce

Request headers

Referer: https://turkeypetrolerri.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 15:17:21 GMT
cf-cache-status: HIT
last-modified: Sun, 11 Jan 2015 02:07:10 GMT
server: cloudflare
age: 1144360
vary: Origin, Accept-Encoding
content-type: image/png
cache-control: public, max-age=10000000
accept-ranges: bytes
cf-ray: 8a010a68ecc9b5fd-WAW
alt-svc: h3=":443"; ma=86400
content-length: 426
expires: Fri, 01 Nov 2024 09:04:01 GMT

GET
H3 200 logo-2021--horizontal-inverted-darkbg.svg
c.tadst.com/gfx/n/logo/ 3 KB
1 KB 118ms
116ms Image
image/svg+xml 104.18.24.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.tadst.com/gfx/n/logo/logo-2021--horizontal-inverted-darkbg.svg
Requested by: Host: turkeypetrolerri.online
URL: https://turkeypetrolerri.online/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.24.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 297cd8b0fe160762ae89400620fd42a099b16af38aeceae08e7c48b681313e0e

Request headers

Referer: https://turkeypetrolerri.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 15:17:21 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 26 May 2023 07:30:21 GMT
server: cloudflare
age: 1146336
vary: Accept-Encoding,Origin
content-type: image/svg+xml
cache-control: public, max-age=10000000
accept-ranges: bytes
cf-ray: 8a010a68eccab5fd-WAW
alt-svc: h3=":443"; ma=86400
content-length: 1112
expires: Fri, 01 Nov 2024 09:04:01 GMT

GET
H3 200 tr.png
c.tadst.com/gfx/n/fl/128/ 2 KB
3 KB 120ms
117ms Image
image/png 104.18.24.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.tadst.com/gfx/n/fl/128/tr.png
Requested by: Host: turkeypetrolerri.online
URL: https://turkeypetrolerri.online/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.24.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 876dc1a0b2578479bb9c086e503dd0ea5bb9d5fabef5302419ceadde930d2727

Request headers

Referer: https://turkeypetrolerri.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 15:17:21 GMT
cf-cache-status: HIT
last-modified: Sat, 04 Jul 2015 22:20:13 GMT
server: cloudflare
age: 1113585
vary: Origin, Accept-Encoding
content-type: image/png
cache-control: public, max-age=10000000
accept-ranges: bytes
cf-ray: 8a010a68eccbb5fd-WAW
alt-svc: h3=":443"; ma=86400
content-length: 2366
expires: Fri, 01 Nov 2024 09:04:01 GMT

GET
H3 200 wcommon_27.js.br Show response
c.tadst.com/com/common/ 51 KB
21 KB 74ms
72ms Script
application/javascript 104.18.24.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tadst.com/com/common/wcommon_27.js.br
Requested by: Host: turkeypetrolerri.online
URL: https://turkeypetrolerri.online/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.24.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 077572536e8c66c7d44492376cc4d7f749633ed420bebdd00bdddfc4971539c4

Request headers

Referer: https://turkeypetrolerri.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 15:17:21 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 12 Jun 2024 07:42:26 GMT
server: cloudflare
age: 1101569
vary: Accept-Encoding,Origin
content-type: application/javascript
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 8a010a68ecb7b5fd-WAW
alt-svc: h3=":443"; ma=86400
content-length: 20953
expires: Mon, 22 Jul 2024 15:17:21 GMT

GET
H3 200 togglefullscreen_11.js.br Show response
c.tadst.com/com/common/ 2 KB
1 KB 91ms
89ms Script
application/javascript 104.18.24.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tadst.com/com/common/togglefullscreen_11.js.br
Requested by: Host: turkeypetrolerri.online
URL: https://turkeypetrolerri.online/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.24.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d6c1eb6129a6eda2d6622390def01b906dba2a1fafc75beed913ea76b0813b2

Request headers

Referer: https://turkeypetrolerri.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 15:17:21 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 12 Jun 2024 07:42:02 GMT
server: cloudflare
age: 1130846
vary: Accept-Encoding,Origin
content-type: application/javascript
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 8a010a68ecbab5fd-WAW
alt-svc: h3=":443"; ma=86400
content-length: 1012
expires: Mon, 22 Jul 2024 15:17:21 GMT

GET
H3 200 classonhover.js Show response
turkeypetrolerri.online/lander/white-tr-mesmero2/ 1 KB
1 KB 59ms
57ms Script
application/javascript 172.67.148.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://turkeypetrolerri.online/lander/white-tr-mesmero2/classonhover.js
Requested by: Host: turkeypetrolerri.online
URL: https://turkeypetrolerri.online/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.148.186 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11477603ff1a8a307c02a1463df2d4a3da182b85a15bedd5e0e557733de17401

Request headers

Referer: https://turkeypetrolerri.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 15:17:21 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 28554
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 24 Apr 2024 11:23:13 GMT
server: cloudflare
etag: W/"6628eba1-5cc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N8XUEX9trJI1xgxUvv5U1sk%2BrCpwO3Rc9uJh%2BR6jzOazVdnUU3rMmxMOvFyQTt4u100vtAKz7ddNPT%2Bn6usG1K0hoz%2FmdFMLXvZm356h6aAblQAz2UffUu0tbHPc310dbzKLIa1GkJ14Pw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=864000
cf-ray: 8a010a682d1d3a9d-FRA
expires: Thu, 18 Jul 2024 07:21:27 GMT

GET
H2 204 state Show response
api.btloader.com/mw/ 0
101 B 243ms
153ms Fetch 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/mw/state?bt_env=prod
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5174239513018368&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://turkeypetrolerri.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 08 Jul 2024 15:17:21 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

GET
H2 200 px.gif
ad-delivery.net/ 43 B
914 B 145ms
52ms Image
image/gif 2606:4700:20::ac43:4513
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: turkeypetrolerri.online
URL: https://turkeypetrolerri.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://turkeypetrolerri.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 15:17:21 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 320938
x-guploader-uploadid: ABPtcPoL0XC8KArbJKu6QSTO5pu3I7XO1ez8eat0_1lzuzKPQaVq7bmvAaf7dM4JhcAllFEoxdxPFL7-Zw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YfGdstWVixLVU775fuYoGXWKKC2sILaqjpBa3HqT35XdHPd7Dw5GC00LNw2TEkTI1GJJZXvSR9vWYwgzugqK6iElmM2JJxKq6mQNNUb8KJhLKFAN0WlSpo4y98TyatCWEoSmkjZMAo5BrXgk7w%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 8a010a69ac9d9220-FRA
expires: Thu, 04 Jul 2024 23:05:42 GMT

GET
H3 200 favicon.ico
ad.doubleclick.net/ 1 KB
130 B 92ms
40ms Image
image/x-icon 142.250.186.38
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: turkeypetrolerri.online
URL: https://turkeypetrolerri.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://turkeypetrolerri.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 14:24:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3192
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 09 Jul 2024 14:24:09 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
338 B 148ms
56ms Image
image/gif 2606:4700:20::ac43:4513
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.18972283438514492
Requested by: Host: turkeypetrolerri.online
URL: https://turkeypetrolerri.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://turkeypetrolerri.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 15:17:21 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 320938
x-guploader-uploadid: ABPtcPoL0XC8KArbJKu6QSTO5pu3I7XO1ez8eat0_1lzuzKPQaVq7bmvAaf7dM4JhcAllFEoxdxPFL7-Zw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5n%2BHVJnhMpGzXSKDYsUzjU3P8MOoL9nnCDxg16gQr9bNv9%2FLu14RjsV3IqYTBZRobBhMTmhKMhr7Xe0jLNWQTtK62W8%2BSMo1JSKYkrS9xRneXwAk29TrAJmNB4hJwK239ehqWszopwOClVE7Vg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 8a010a69ac9a9220-FRA
expires: Thu, 04 Jul 2024 23:05:42 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407020101/ 467 KB
145 KB 44ms
43ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407020101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

4416286665bbc024eb7d80114a57625e9f57ea495844950d060293b230599af5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://turkeypetrolerri.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 12:28:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10133
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 148860
x-xss-protection: 0
server: cafe
etag: 3071004405367439963
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 08 Jul 2025 12:28:28 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 71 B
72 B 267ms
187ms XHR
application/json 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=turkeypetrolerri.online

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

5f769ae744006105bd03d79005f3bd722a6a5ce45aa44f631d0495fe1444df87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://turkeypetrolerri.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 15:17:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48
x-xss-protection: 0
expires: Mon, 08 Jul 2024 15:17:21 GMT

GET
H3 200 banner--2023.svg
c.tadst.com/gfx/n/ 2 KB
1 KB 61ms
61ms Image
image/svg+xml 104.18.24.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.tadst.com/gfx/n/banner--2023.svg
Requested by: Host: c.tadst.com
URL: https://c.tadst.com/com/common/global_31.css.br
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.24.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a03058e53c7d4a03d7348a052995ff28c6577433179cbfd930d4d6bb6efa406

Request headers

Referer: https://c.tadst.com/com/common/global_31.css.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 15:17:21 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 20 Sep 2023 13:28:14 GMT
server: cloudflare
age: 1145916
vary: Accept-Encoding,Origin
content-type: image/svg+xml
cache-control: public, max-age=10000000
accept-ranges: bytes
cf-ray: 8a010a69ce2cb5fd-WAW
alt-svc: h3=":443"; ma=86400
content-length: 865
expires: Fri, 01 Nov 2024 09:04:01 GMT

GET
H3 200 logo-2021--vertical-color-whitebg.svg
c.tadst.com/gfx/n/logo/ 8 KB
4 KB 63ms
63ms Image
image/svg+xml 104.18.24.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.tadst.com/gfx/n/logo/logo-2021--vertical-color-whitebg.svg
Requested by: Host: c.tadst.com
URL: https://c.tadst.com/com/common/global_31.css.br
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.24.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f33acb319f8f8a4cf1d577a5723a232ceb2739d041eb363eb61b357b907ba69a

Request headers

Referer: https://c.tadst.com/com/common/global_31.css.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 15:17:21 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 24 Sep 2021 10:22:46 GMT
server: cloudflare
age: 1145916
vary: Accept-Encoding,Origin
content-type: image/svg+xml
cache-control: public, max-age=10000000
accept-ranges: bytes
cf-ray: 8a010a69ce2eb5fd-WAW
alt-svc: h3=":443"; ma=86400
content-length: 3481
expires: Fri, 01 Nov 2024 09:04:01 GMT

GET
H2 200 rules-p-8QLn8vj66GL9W.js Show response
rules.quantcount.com/ 4 KB
2 KB 170ms
48ms Script
application/javascript 2600:9000:2176:5e00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-8QLn8vj66GL9W.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2176:5e00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cae04a82151b0dbf40cb7c3853cb4e75761e22973b9d0d0bfe3dd8da5fee5b69

Request headers

Referer: https://turkeypetrolerri.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 14:55:17 GMT
content-encoding: gzip
via: 1.1 ff0fbc4f8c024957cfa0b6c32973a7b6.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP64-C3
age: 1325
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Wed, 02 Nov 2022 13:45:25 GMT
server: AmazonS3
etag: W/"413808edb2d8489603e145cf44d200ee"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-id: JSAXrvqzB7p6s4T2CxbQC4D3f1ifIrHgnBUCic6VdCv81c-u6cXByA==

GET
H3 200 spr-footer-social.png
c.tadst.com/gfx/n/i/ 2 KB
3 KB 67ms
66ms Image
image/png 104.18.24.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.tadst.com/gfx/n/i/spr-footer-social.png
Requested by: Host: c.tadst.com
URL: https://c.tadst.com/com/common/global_31.css.br
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.24.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10c56d84fe8a6c731b232b702f3ad71e643adc1fc118892b9834697d218aa1a0

Request headers

Referer: https://c.tadst.com/com/common/global_31.css.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 15:17:21 GMT
cf-cache-status: HIT
last-modified: Mon, 30 Oct 2023 09:22:39 GMT
server: cloudflare
age: 1146335
vary: Origin, Accept-Encoding
content-type: image/png
cache-control: public, max-age=10000000
accept-ranges: bytes
cf-ray: 8a010a6a0e8bb5fd-WAW
alt-svc: h3=":443"; ma=86400
content-length: 2451
expires: Fri, 01 Nov 2024 09:04:01 GMT

GET
H3 200 service__supporter.svg
c.tadst.com/gfx/n/i/ 964 B
719 B 64ms
64ms Image
image/svg+xml 104.18.24.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.tadst.com/gfx/n/i/service__supporter.svg
Requested by: Host: turkeypetrolerri.online
URL: https://turkeypetrolerri.online/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.24.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9de07b9af64229d0697f40ad1a422f3ef7ac84cbb1e89ed8116a2a6d5f3e3d94

Request headers

Referer: https://turkeypetrolerri.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 15:17:21 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 15 Jun 2018 08:21:10 GMT
server: cloudflare
age: 1145916
vary: Accept-Encoding,Origin
content-type: image/svg+xml
cache-control: public, max-age=10000000
accept-ranges: bytes
cf-ray: 8a010a6a1e96b5fd-WAW
alt-svc: h3=":443"; ma=86400
content-length: 497
expires: Fri, 01 Nov 2024 09:04:01 GMT

GET
H3 200 logo-2021--horizontal-color-whitebg.svg
c.tadst.com/gfx/n/logo/ 8 KB
4 KB 64ms
64ms Image
image/svg+xml 104.18.24.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.tadst.com/gfx/n/logo/logo-2021--horizontal-color-whitebg.svg
Requested by: Host: turkeypetrolerri.online
URL: https://turkeypetrolerri.online/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.24.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61b74e87662c8856f5d3bf3f8ae9f6f3405d76a6ba5df3815f548dd0f0f3f36d

Request headers

Referer: https://turkeypetrolerri.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 15:17:21 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 23 Sep 2021 08:12:11 GMT
server: cloudflare
age: 1145916
vary: Accept-Encoding,Origin
content-type: image/svg+xml
cache-control: public, max-age=10000000
accept-ranges: bytes
cf-ray: 8a010a6a1e98b5fd-WAW
alt-svc: h3=":443"; ma=86400
content-length: 3515
expires: Fri, 01 Nov 2024 09:04:01 GMT

GET
H2 200 pixel;r=1573073114;rf=0;a=p-8QLn8vj66GL9W;url=https%3A%2F%2Fturkeypetrolerri.online%2F;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-256398676-172045184155...
pixel.quantserve.com/ 35 B
455 B 71ms
49ms Image
image/gif 2620:116:800d:21:de2e:c7b3:55c0:d5a0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1573073114;rf=0;a=p-8QLn8vj66GL9W;url=https%3A%2F%2Fturkeypetrolerri.online%2F;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-256398676-1720451841551;pbc=;ns=0;ce=1;qjs=1;qv=15f23c9a-20240703164903;cm=;gdpr=0;ref=;d=turkeypetrolerri.online;dst=1;et=1720451841724;tzo=-120;ogl=image.https%3A%2F%2Fwww%252Etimeanddate%252Ecom%2Fscripts%2Fcityog%252Ephp%3Ftitle%3DCurrent%2520Local%2520Time%2520in%2Cimage%3Awidth.1366%2Cimage%3Aheight.738%2Ctype.website;ses=fece03df-ca7d-43fd-a071-daf23b194bc8;mdl=

Requested by

Host: turkeypetrolerri.online
URL: https://turkeypetrolerri.online/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://turkeypetrolerri.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jul 2024 15:17:21 GMT
attribution-reporting-register-trigger: {"event_trigger_data":[{"filters":[],"trigger_data":"1"}]}
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3 200 topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame 17EF 0
0 121ms
41ms Document
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/static/topics/topics_frame.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://turkeypetrolerri.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 583
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000, stale-while-revalidate=3600
content-encoding: br
content-length: 28552
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 08 Jul 2024 15:07:38 GMT
expires: Mon, 08 Jul 2024 15:57:38 GMT
last-modified: Mon, 01 Jul 2024 19:44:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 favicon-32x32.png
c.tadst.com/ 741 B
958 B 76ms
75ms Other
image/png 104.18.24.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tadst.com/favicon-32x32.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.24.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3323913991aeb916043c96187df36e4e4b6d59ef4349f7efbc5465089a04009b

Request headers

Referer: https://turkeypetrolerri.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 15:17:22 GMT
cf-cache-status: HIT
last-modified: Mon, 11 Sep 2023 18:39:47 GMT
server: cloudflare
age: 6223
etag: "2e5-60519a69bf3c6"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 8a010a6c69e2b5fd-WAW
alt-svc: h3=":443"; ma=86400
content-length: 741
expires: Mon, 08 Jul 2024 19:17:21 GMT

GET
H3 200 favicon-16x16.png
c.tadst.com/ 456 B
673 B 66ms
66ms Other
image/png 104.18.24.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tadst.com/favicon-16x16.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.24.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5164076595a480f57d530a850655617e7f1cfa896856492efdc28f52c8a42627

Request headers

Referer: https://turkeypetrolerri.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 15:17:22 GMT
cf-cache-status: HIT
last-modified: Mon, 11 Sep 2023 18:39:47 GMT
server: cloudflare
age: 861
etag: "1c8-60519a69b76ad"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 8a010a6cea5fb5fd-WAW
alt-svc: h3=":443"; ma=86400
content-length: 456
expires: Mon, 08 Jul 2024 19:17:22 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 170ms
91ms XHR
application/json 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202407020101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

dfbebbd4484eef9642d393394bfd128f2c34157bf32c76780f707821021e03b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://turkeypetrolerri.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 15:17:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12606
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 2 KB
469 B 407ms
407ms Fetch
text/plain 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=597683240643850&correlator=2825185570195703&eid=44809527%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202407020101&ptt=17&impl=fifs&iu_parts=1004254%2Ctadcom_300x600%2Ctadcom_970&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=300x600%7C300x250%7C160x600%7C120x600%2C970x90%7C728x90&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1720451844608&lmt=1720451844&adxs=1284%2C430&adys=338%2C10&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0&ucis=1%7C2&oid=2&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fturkeypetrolerri.online%2F&vis=1&psz=300x11%7C970x-1&msz=300x0%7C970x-1&fws=512%2C512&ohw=0%2C0&ga_vid=831641914.1720451845&ga_sid=1720451845&ga_hid=975783671&ga_fc=false&topics=1&tps=1&htps=10&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1720451841261&idt=392&cust_params=ab%3Db%26hr%3D10%26ut%3Ds%26art%3D3712%26si%3D1&adks=686471698%2C2541254599&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

bf07022d3a8e88e4874e7c8c778730703fe8bf8335c7a303768ca7096736efc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://turkeypetrolerri.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 15:17:24 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 438
x-xss-protection: 0
google-lineitem-id: -2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://turkeypetrolerri.online
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
84ccd868fbf7dc5eb7ba733ab9d75982.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CE0A 0
0 205ms
69ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://84ccd868fbf7dc5eb7ba733ab9d75982.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://turkeypetrolerri.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 08 Jul 2024 15:17:24 GMT
expires: Mon, 08 Jul 2024 15:17:24 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 148ms
49ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://turkeypetrolerri.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 15:17:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 08 Jul 2024 15:17:24 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 45A0 0
0 144ms
40ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://turkeypetrolerri.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 7835
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 08 Jul 2024 13:06:50 GMT
expires: Tue, 08 Jul 2025 13:06:50 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe
www.google.com/recaptcha/api2/ Frame 2B92 0
0 140ms
50ms Document
text/html 142.250.186.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-m5eLXP9A2SRz520vTEGj5g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://turkeypetrolerri.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-m5eLXP9A2SRz520vTEGj5g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 08 Jul 2024 15:17:25 GMT
expires: Mon, 08 Jul 2024 15:17:25 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

173 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.quantserve.com/	1970-01-21 07:24:26	Name: mc Value: 668c0301-bb9ff-7cda4-cfa19
.turkeypetrolerri.online/	1970-01-21 07:18:40	Name: __qca Value: P0-256398676-1720451841551
.doubleclick.net/	1970-01-20 21:54:12	Name: test_cookie Value: CheckForPermission
.turkeypetrolerri.online/	1970-01-21 07:15:47	Name: __gads Value: ID=f86621f3f132c90b:T=1720451844:RT=1720451844:S=ALNI_Mb4ihhkMEgIFqFhiFjn7cxusmdDOg
.turkeypetrolerri.online/	1970-01-21 07:15:47	Name: __gpi Value: UID=00000e77e98799d7:T=1720451844:RT=1720451844:S=ALNI_Mb_nMAWKMJw74qK7UP0Tb7FFC7jdQ
.turkeypetrolerri.online/	1970-01-21 02:13:23	Name: __eoi Value: ID=71a730a8362afa1d:T=1720451844:RT=1720451844:S=AA-AfjYyvpxvXpIo6gg5KN0TsWTM

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://turkeypetrolerri.online/ Message: Refused to execute script from 'https://turkeypetrolerri.online/lander/white-tr-mesmero2/prebidtad.reg.desk_3.js.br' because its MIME type ('application/octet-stream') is not executable, and strict MIME type checking is enabled.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

84ccd868fbf7dc5eb7ba733ab9d75982.safeframe.googlesyndication.com
ad-delivery.net
ad.doubleclick.net
api.btloader.com
btloader.com
c.tadst.com
pagead2.googlesyndication.com
pixel.quantserve.com
rules.quantcount.com
secure.quantserve.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
turkeypetrolerri.online
www.google.com
104.18.24.205
130.211.23.194
142.250.185.66
142.250.186.100
142.250.186.130
142.250.186.38
172.67.148.186
2600:9000:2176:5e00:6:44e3:f8c0:93a1
2606:4700:10::6816:4bd8
2606:4700:20::ac43:4513
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2a00:1450:4001:81c::2001
2a00:1450:4001:830::2001
04f51db40dc1ecb0d0661e836432a08de8e5c2556e24c20d179c547c5d6a30f8
077572536e8c66c7d44492376cc4d7f749633ed420bebdd00bdddfc4971539c4
09db698e1c40227a81ec4886e65dcc230b544324c7981cd203b5455058a7476f
10c56d84fe8a6c731b232b702f3ad71e643adc1fc118892b9834697d218aa1a0
11477603ff1a8a307c02a1463df2d4a3da182b85a15bedd5e0e557733de17401
1d6c1eb6129a6eda2d6622390def01b906dba2a1fafc75beed913ea76b0813b2
297cd8b0fe160762ae89400620fd42a099b16af38aeceae08e7c48b681313e0e
2f0fd4c6fc5db5f1ea9fe9eba9ad25901cd6c38964915f235ebbf02332a0128e
2f7f8f2d1ccc10a6e92fc58f6818f26ab3385765b92f46b84678f739c5cc31a6
3140d841459c7dc7b848d1ddc37c07120d8b2558decb24450b0c4aa9d1d2d866
3323913991aeb916043c96187df36e4e4b6d59ef4349f7efbc5465089a04009b
4416286665bbc024eb7d80114a57625e9f57ea495844950d060293b230599af5
5164076595a480f57d530a850655617e7f1cfa896856492efdc28f52c8a42627
541a25ed4f2a16dbfae243dd9885cc998b09649e06d37b318e732f92c637fe01
5571293335b57878844fbad3aea3f8af9e9909f90f00249b6f0b676e86a01333
5a03058e53c7d4a03d7348a052995ff28c6577433179cbfd930d4d6bb6efa406
5f769ae744006105bd03d79005f3bd722a6a5ce45aa44f631d0495fe1444df87
61b74e87662c8856f5d3bf3f8ae9f6f3405d76a6ba5df3815f548dd0f0f3f36d
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
7690fe188596a70bfd1cf255a78a79947dcba2e9cc46481cef75db835ee38fa3
76c46df9a6ba94318fafe8023e3f52e28b1b9a1eaf16dcd4d7ce95ab6942859b
7bfd6b7faea18715c35ccc9e6dee5c18778bc3f231e86e4ec82a020024e5a24a
7d160e1776e304d37c9c2b636563d7dfce97d3a4db4ed05025c7c9df951ae058
85c10f32ac3cf1d4e831179577e732883d99e9215405c0f3506847ebc5687351
876dc1a0b2578479bb9c086e503dd0ea5bb9d5fabef5302419ceadde930d2727
8a0dddcb62bcc681f8cda02134c3216e93ec701bfcb19adbf311935600eacb8f
9d17e6d55bf3d47e1932a1bafbe4f9a6737e79e982c38dfc2981cad4918d59e2
9de07b9af64229d0697f40ad1a422f3ef7ac84cbb1e89ed8116a2a6d5f3e3d94
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a2a5fc560c5b46a79385b2c425fccfdb13808281bc2fa3ab7f4960ea597561ce
a9aa1e94039ec3e2d657e3dc598c5ba7f67fb68a48e330fd9832b3cb50f949f0
abb2128f302aeffebae42fece5d2e262b01fa933b6ead7183d7e91a3a1738381
b342157b6e91ecd217341928d5fe8b2b723aabfd9a9cadbbb8c1094b250ef12d
b5aa51ea20ae2ea52cd995c3dd0002e1bf9d8d014a72f8d7b519a1adf673522a
bf07022d3a8e88e4874e7c8c778730703fe8bf8335c7a303768ca7096736efc1
c00280650f672626c573272512b1ccb326c2a8bc16ee87b1c41ca88f7f80da94
cae04a82151b0dbf40cb7c3853cb4e75761e22973b9d0d0bfe3dd8da5fee5b69
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfac83eb8b84117970a7ab50846917c73d922bef5862c3cb46bc2cf2b27eceee
d8138b7a7a9081c3cfe1a7c96f85f4d92b6e66f55700356dec892b8e28509b44
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
dfbebbd4484eef9642d393394bfd128f2c34157bf32c76780f707821021e03b1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee3e3c9a4c1c88c2490b22a3c2811657ca2ba50e38426ae5bbc985e8bf19f33c
ef4479b867b50cb063a81ff5d78c68ca95b732ef59591375cdecc79d1a57a958
f33acb319f8f8a4cf1d577a5723a232ceb2739d041eb363eb61b357b907ba69a
fa052601ef12ee9562dfc62b446d1a8a3ebad33ed9e9108bf0675f3a09ef7b65

turkeypetrolerri.online Open in urlscan Pro 172.67.148.186 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

52 Requests

100 %HTTPS

46 %IPv6

9 Domains

14 Subdomains

13 IPs

3 Countries

707 kBTransfer

1356 kBSize

6 Cookies

0 Outgoing links

Page URL History

Redirected requests

52 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

turkeypetrolerri.online Open in urlscan Pro
172.67.148.186 Public Scan

Screenshot
Live screenshot

Full Image

52
Requests

100 %
HTTPS

46 %
IPv6

9
Domains

14
Subdomains

13
IPs

3
Countries

707 kB
Transfer

1356 kB
Size

6
Cookies

52 HTTP transactions
0 data transactions