turkru.lol Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://turkru.lol/
Effective URL:
https://turkru.lol/turk
Submission: On May 21 via api (May 21st 2023, 3:17:14 pm UTC) from US — Scanned from NL

Summary HTTP 181 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 44 IPs in 11 countries across 55 domains to perform 181 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is turkru.lol.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 14th 2022. Valid for: a year.

This is the only time turkru.lol was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 56	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
3	2a11:27c0::93 2a11:27c0::93	210756 (EDGECENTE...) (EDGECENTERLLC)
4	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
10 17	2a02:6b8:a::a 2a02:6b8:a::a	208722 (GLOBAL_DC) (GLOBAL_DC)
1	2a02:6b8::16b 2a02:6b8::16b	208722 (GLOBAL_DC) (GLOBAL_DC)
12	2a02:6b8:20::215 2a02:6b8:20::215	208722 (GLOBAL_DC) (GLOBAL_DC)
1	195.209.111.22 195.209.111.22	52007 (ADRIVER-AS) (ADRIVER-AS)
6 14	96.46.183.20 96.46.183.20	7979 (SERVERS-COM) (SERVERS-COM)
2 3	148.251.156.238 148.251.156.238	24940 (HETZNER-AS) (HETZNER-AS)
1	194.55.244.184 194.55.244.184	34959 (PROCLOUD ...) (PROCLOUD PROCLOUD MSK)
1	37.18.16.6 37.18.16.6	205675 (HYBRID-AS) (HYBRID-AS)
2 3	193.3.184.214 193.3.184.214	50214 (QWARTA) (QWARTA)
9 9	18.158.0.92 18.158.0.92	16509 (AMAZON-02) (AMAZON-02)
3 4	167.235.177.244 167.235.177.244	24940 (HETZNER-AS) (HETZNER-AS)
2 3	88.212.201.198 88.212.201.198	39134 (UNITEDNET) (UNITEDNET)
1 22	2a02:6b8::90 2a02:6b8::90	208722 (GLOBAL_DC) (GLOBAL_DC)
1 16	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
1	151.236.118.210 151.236.118.210	204720 (CDNETWORKS) (CDNETWORKS)
3 3	194.190.76.44 194.190.76.44	48061 (UMA-TECH-AS) (UMA-TECH-AS)
2 2	3.71.149.231 3.71.149.231	16509 (AMAZON-02) (AMAZON-02)
2	194.55.244.181 194.55.244.181	34959 (PROCLOUD ...) (PROCLOUD PROCLOUD MSK)
4	2a02:6b8::158 2a02:6b8::158	208722 (GLOBAL_DC) (GLOBAL_DC)
1 1	35.177.4.157 35.177.4.157	16509 (AMAZON-02) (AMAZON-02)
1 2	34.243.85.78 34.243.85.78	16509 (AMAZON-02) (AMAZON-02)
3 5	34.240.89.45 34.240.89.45	16509 (AMAZON-02) (AMAZON-02)
1	52.45.175.185 52.45.175.185	14618 (AMAZON-AES) (AMAZON-AES)
3	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1	82.145.213.8 82.145.213.8	39832 (NO-OPERA) (NO-OPERA)
1	85.111.6.50 85.111.6.50	9121 (TTNET) (TTNET)
1	77.245.57.72 77.245.57.72	36057 (WEBAIR-IN...) (WEBAIR-INTERNET-MTL)
1 2	2001:6d0:4001... 2001:6d0:4001::226	52016 (ADFACT) (ADFACT)
2	37.18.16.22 37.18.16.22	205675 (HYBRID-AS) (HYBRID-AS)
1 2	185.15.175.132 185.15.175.132	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
4 4	89.108.108.11 89.108.108.11	197695 (AS-REG) (AS-REG)
1 1	167.235.14.51 167.235.14.51	24940 (HETZNER-AS) (HETZNER-AS)
1 1	188.72.107.228 188.72.107.228	208677 (SBERCLOUD-AS) (SBERCLOUD-AS)
5 5	217.66.147.42 217.66.147.42	29209 (SPBMTS-AS...) (SPBMTS-AS Malaya Monetnaya Street 2-A)
2 2	213.87.44.187 213.87.44.187	13174 (MTSNET Mo...) (MTSNET Moscow)
1 1	130.193.58.13 130.193.58.13	200350 (YANDEXCLOUD) (YANDEXCLOUD)
1 1	217.65.2.150 217.65.2.150	29076 (CITYTELEC...) (CITYTELECOM-AS Filanco LTD)
2 2	23.88.12.13 23.88.12.13	24940 (HETZNER-AS) (HETZNER-AS)
1 1	91.192.148.30 91.192.148.30	42481 (BEGUN-AS) (BEGUN-AS)
2 2	35.190.24.218 35.190.24.218	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::ac43:48bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	31.220.27.155 31.220.27.155	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
3 4	95.217.109.66 95.217.109.66	24940 (HETZNER-AS) (HETZNER-AS)
2	81.222.128.216 81.222.128.216	20597 (ELTEL-AS) (ELTEL-AS)
3 4	31.172.81.172 31.172.81.172	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
2 2	188.42.105.236 188.42.105.236	7979 (SERVERS-COM) (SERVERS-COM)
2 2	88.198.16.238 88.198.16.238	24940 (HETZNER-AS) (HETZNER-AS)
3 3	89.108.119.28 89.108.119.28	197695 (AS-REG) (AS-REG)
1 1	45.9.26.83 45.9.26.83	208677 (SBERCLOUD-AS) (SBERCLOUD-AS)
1 1	188.72.107.194 188.72.107.194	208677 (SBERCLOUD-AS) (SBERCLOUD-AS)
1	2a02:6b8::5:114 2a02:6b8::5:114	208722 (GLOBAL_DC) (GLOBAL_DC)
2 2	35.210.53.219 35.210.53.219	15169 (GOOGLE) (GOOGLE)
1 3	23.201.255.110 23.201.255.110	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	99.80.114.174 99.80.114.174	16509 (AMAZON-02) (AMAZON-02)
1	51.89.9.252 51.89.9.252	16276 (OVH) (OVH)
2 3	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
2 6	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
2 6	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
181	44

56 2a06:98c1:3121::3 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

turkru.lol	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a11:27c0::93 (Russian Federation)

ASN210756 (EDGECENTERLLC, RU)

cdn.adfinity.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a02:6b8:a::a (Moscow, Russian Federation) 10 redirects

ASN208722 (GLOBAL_DC, FI)

yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::16b (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

matchid.adfox.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a02:6b8:20::215 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.209.111.22 (Russian Federation)

ASN52007 (ADRIVER-AS, RU)

pb.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 96.46.183.20 (United States) 6 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 148.251.156.238 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.238.156.251.148.clients.your-server.de

exchange.buzzoola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 194.55.244.184 (Russian Federation)

ASN34959 (PROCLOUD PROCLOUD MSK, RU)

yhb.p.otm-r.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.18.16.6 (Russian Federation)

ASN205675 (HYBRID-AS, DE)

hbe199.hybrid.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 193.3.184.214 (Russian Federation) 2 redirects

ASN50214 (QWARTA, RU)

ssp-rtb.sape.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 18.158.0.92 (Frankfurt am Main, Germany) 9 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-0-92.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 167.235.177.244 (Germany) 3 redirects

ASN24940 (HETZNER-AS, DE)
PTR: hz2024479.sapientru.net

acint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 88.212.201.198 (Russian Federation) 2 redirects

ASN39134 (UNITEDNET, RU)
PTR: host198.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a02:6b8::90 (Moscow, Russian Federation) 1 redirects

ASN208722 (GLOBAL_DC, FI)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a02:6b8::1:119 (Moscow, Russian Federation) 1 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.236.118.210 (Moscow, Russian Federation)

ASN204720 (CDNETWORKS, RU)

cache.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 194.190.76.44 (Russian Federation) 3 redirects

ASN48061 (UMA-TECH-AS, RU)
PTR: hosting.adhigh.net

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.71.149.231 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 194.55.244.181 (Russian Federation)

ASN34959 (PROCLOUD PROCLOUD MSK, RU)

sync.dmp.otm-r.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:6b8::158 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

storage.mds.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.177.4.157 (London, United Kingdom) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-177-4-157.eu-west-2.compute.amazonaws.com

px.arcspire.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.243.85.78 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-243-85-78.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.240.89.45 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-240-89-45.eu-west-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
euw-ice.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.45.175.185 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-175-185.compute-1.amazonaws.com

im.bluevoox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology

t.adx.opera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.111.6.50 (Turkey)

ASN9121 (TTNET, TR)
PTR: ns2.ttidc.com.tr

rtb.programattik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 77.245.57.72 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)

sync.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:6d0:4001::226 (Russian Federation) 1 redirects

ASN52016 (ADFACT, RU)

cm.tns-counter.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.tns-counter.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.18.16.22 (Russian Federation)

ASN205675 (HYBRID-AS, DE)

dm.hybrid.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.15.175.132 (Russian Federation) 1 redirects

ASN43226 (SAFEDATA Uplinks, RU)

dmg.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 89.108.108.11 (Russian Federation) 4 redirects

ASN197695 (AS-REG, RU)
PTR: srv5.kimberlite.io

kimberlite.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 167.235.14.51 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.51.14.235.167.clients.your-server.de

sp.ohmy.bid	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.72.107.228 (Russian Federation) 1 redirects

ASN208677 (SBERCLOUD-AS, RU)
PTR: fr04.segmento.ru

solta-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 217.66.147.42 (St Petersburg, Russian Federation) 5 redirects

ASN29209 (SPBMTS-AS Malaya Monetnaya Street 2-A, RU)
PTR: host-42-147-66-217.spbmts.ru

sm.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.87.44.187 (Russian Federation) 2 redirects

ASN13174 (MTSNET Moscow, Russia, RU)
PTR: infrastructure-187-44.mts.ru

tech.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.193.58.13 (Russian Federation) 1 redirects

ASN200350 (YANDEXCLOUD, RU)

pixel.konnektu.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.65.2.150 (Moscow, Russian Federation) 1 redirects

ASN29076 (CITYTELECOM-AS Filanco LTD, RU)

match.new-programmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.88.12.13 (Gunzenhausen, Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.13.12.88.23.clients.your-server.de

nr.bidderstack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.192.148.30 (Russian Federation) 1 redirects

ASN42481 (BEGUN-AS, RU)
PTR: zvezda.ssp.rambler.ru

profile.ssp.rambler.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.24.218 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 218.24.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:48bf (United States)

ASN13335 (CLOUDFLARENET, US)

rtb-eu-warsaw.intent.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.220.27.155 (Amsterdam, Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

s.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 95.217.109.66 (Helsinki, Finland) 3 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.66.109.217.95.clients.your-server.de

sonar.semantiqo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn3.caltat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.magnitent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 81.222.128.216 (Russian Federation)

ASN20597 (ELTEL-AS, RU)
PTR: ad16.adriver.ru

ssp.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 31.172.81.172 (Germany) 3 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.42.105.236 (Luxembourg) 2 redirects

ASN7979 (SERVERS-COM, US)

sync.gonet-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.198.16.238 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: prod-hzeu-bidder-24.community.moscow

sync.upravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 89.108.119.28 (Russian Federation) 3 redirects

ASN197695 (AS-REG, RU)
PTR: d51802.reg.regrucolo.ru

x01.aidata.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.9.26.83 (Russian Federation) 1 redirects

ASN208677 (SBERCLOUD-AS, RU)
PTR: fr03.segmento.ru

yandex-dmp-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.72.107.194 (Russian Federation) 1 redirects

ASN208677 (SBERCLOUD-AS, RU)
PTR: fr08.segmento.ru

yandex-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::5:114 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

ysa-static.passport.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.210.53.219 (Brussels, Belgium) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 219.53.210.35.bc.googleusercontent.com

pool.admedo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.201.255.110 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-201-255-110.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.80.114.174 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-114-174.eu-west-1.compute.amazonaws.com

s.pubmine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.18.2 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
57	yandex.ru 12 redirects yandex.ru — Cisco Umbrella Rank: 1669 matchid.adfox.yandex.ru — Cisco Umbrella Rank: 31864 an.yandex.ru — Cisco Umbrella Rank: 3501 mc.yandex.ru — Cisco Umbrella Rank: 3734 ysa-static.passport.yandex.ru — Cisco Umbrella Rank: 29284	389 KB
56	turkru.lol 3 redirects turkru.lol	564 KB
15	betweendigital.com 6 redirects ads.betweendigital.com — Cisco Umbrella Rank: 1572 cache.betweendigital.com — Cisco Umbrella Rank: 23942	10 KB
12	yastatic.net yastatic.net — Cisco Umbrella Rank: 6671	257 KB
9	doubleclick.net 2 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 210 googleads.g.doubleclick.net — Cisco Umbrella Rank: 34	8 KB
9	bidswitch.net 9 redirects x.bidswitch.net — Cisco Umbrella Rank: 290	3 KB
7	mts.ru 7 redirects sm.rtb.mts.ru — Cisco Umbrella Rank: 39040 tech.rtb.mts.ru — Cisco Umbrella Rank: 47962	4 KB
6	google.nl www.google.nl — Cisco Umbrella Rank: 9529	995 B
6	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 2	1 KB
5	360yield.com 3 redirects match.360yield.com — Cisco Umbrella Rank: 2082 euw-ice.360yield.com — Cisco Umbrella Rank: 13342	1 KB
4	rubiconproject.com 1 redirects secure-assets.rubiconproject.com — Cisco Umbrella Rank: 953 eus.rubiconproject.com — Cisco Umbrella Rank: 566 token.rubiconproject.com — Cisco Umbrella Rank: 573	11 KB
4	bumlam.com 3 redirects sync.bumlam.com — Cisco Umbrella Rank: 3772	2 KB
4	kimberlite.io 4 redirects kimberlite.io — Cisco Umbrella Rank: 36198	2 KB
4	yandex.net storage.mds.yandex.net — Cisco Umbrella Rank: 22392	156 KB
4	acint.net 3 redirects acint.net — Cisco Umbrella Rank: 25556	1 KB
4	gstatic.com fonts.gstatic.com	57 KB
3	googleadservices.com 2 redirects www.googleadservices.com — Cisco Umbrella Rank: 174	17 KB
3	aidata.io 3 redirects x01.aidata.io — Cisco Umbrella Rank: 17662	2 KB
3	rutarget.ru 3 redirects solta-sync.rutarget.ru — Cisco Umbrella Rank: 67532 yandex-dmp-sync.rutarget.ru — Cisco Umbrella Rank: 75332 yandex-sync.rutarget.ru — Cisco Umbrella Rank: 75333	1 KB
3	adhigh.net 3 redirects px.adhigh.net — Cisco Umbrella Rank: 19115	1 KB
3	yadro.ru 2 redirects counter.yadro.ru — Cisco Umbrella Rank: 10747	2 KB
3	sape.ru 2 redirects ssp-rtb.sape.ru — Cisco Umbrella Rank: 30543	2 KB
3	hybrid.ai hbe199.hybrid.ai — Cisco Umbrella Rank: 78892 dm.hybrid.ai — Cisco Umbrella Rank: 34240	782 B
3	otm-r.com yhb.p.otm-r.com — Cisco Umbrella Rank: 45557 sync.dmp.otm-r.com — Cisco Umbrella Rank: 21479	386 B
3	buzzoola.com 2 redirects exchange.buzzoola.com — Cisco Umbrella Rank: 23185	1 KB
3	adriver.ru pb.adriver.ru — Cisco Umbrella Rank: 40480 ssp.adriver.ru — Cisco Umbrella Rank: 29243	700 B
3	adfinity.pro cdn.adfinity.pro — Cisco Umbrella Rank: 146983	21 KB
2	admedo.com 2 redirects pool.admedo.com — Cisco Umbrella Rank: 4604	749 B
2	upravel.com 2 redirects sync.upravel.com — Cisco Umbrella Rank: 39257	1 KB
2	gonet-ads.com 2 redirects sync.gonet-ads.com — Cisco Umbrella Rank: 29557	578 B
2	semantiqo.com 2 redirects sonar.semantiqo.com — Cisco Umbrella Rank: 73742	1 KB
2	weborama.fr 2 redirects redirect.frontend.weborama.fr — Cisco Umbrella Rank: 12659	593 B
2	bidderstack.com 2 redirects nr.bidderstack.com — Cisco Umbrella Rank: 38886	792 B
2	digitaltarget.ru 1 redirects dmg.digitaltarget.ru — Cisco Umbrella Rank: 24654	697 B
2	tns-counter.ru 1 redirects cm.tns-counter.ru — Cisco Umbrella Rank: 74694 www.tns-counter.ru — Cisco Umbrella Rank: 13059	801 B
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 200	2 KB
2	yahoo.com 2 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 272	588 B
1	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 729
1	pubmine.com s.pubmine.com — Cisco Umbrella Rank: 11853	286 B
1	magnitent.com sync.magnitent.com — Cisco Umbrella Rank: 342036	676 B
1	caltat.com 1 redirects cdn3.caltat.com — Cisco Umbrella Rank: 291583	336 B
1	uuidksinc.net 1 redirects s.uuidksinc.net — Cisco Umbrella Rank: 5004	205 B
1	intent.ai rtb-eu-warsaw.intent.ai — Cisco Umbrella Rank: 73325	830 B
1	rambler.ru 1 redirects profile.ssp.rambler.ru — Cisco Umbrella Rank: 48234	228 B
1	new-programmatic.com 1 redirects match.new-programmatic.com — Cisco Umbrella Rank: 42844	262 B
1	konnektu.ru 1 redirects pixel.konnektu.ru — Cisco Umbrella Rank: 80732	214 B
1	ohmy.bid 1 redirects sp.ohmy.bid — Cisco Umbrella Rank: 73544	318 B
1	adkernel.com sync.adkernel.com — Cisco Umbrella Rank: 1131	228 B
1	programattik.com rtb.programattik.com — Cisco Umbrella Rank: 35976	152 B
1	opera.com t.adx.opera.com — Cisco Umbrella Rank: 2388	466 B
1	bluevoox.com im.bluevoox.com — Cisco Umbrella Rank: 12233	241 B
1	arcspire.io 1 redirects px.arcspire.io — Cisco Umbrella Rank: 70870	317 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	1 KB
0	whiteboxdigital.ru Failed mitdmp.whiteboxdigital.ru Failed
0	bidvol.com Failed ssp.bidvol.com Failed
181	55

	Domain	Requested by
56	turkru.lol	3 redirects turkru.lol
22	an.yandex.ru	1 redirects yandex.ru
17	yandex.ru	10 redirects turkru.lol yandex.ru yastatic.net
16	mc.yandex.ru	1 redirects yandex.ru turkru.lol mc.yandex.ru yastatic.net
14	ads.betweendigital.com	6 redirects yandex.ru
12	yastatic.net	yandex.ru yastatic.net turkru.lol
9	x.bidswitch.net	9 redirects
6	www.google.nl
6	www.google.com	2 redirects
6	googleads.g.doubleclick.net	2 redirects www.googleadservices.com
5	sm.rtb.mts.ru	5 redirects
4	sync.bumlam.com	3 redirects
4	kimberlite.io	4 redirects
4	storage.mds.yandex.net	yastatic.net
4	acint.net	3 redirects
4	fonts.gstatic.com	fonts.googleapis.com
3	www.googleadservices.com	2 redirects yastatic.net
3	x01.aidata.io	3 redirects
3	cm.g.doubleclick.net
3	match.360yield.com	1 redirects
3	px.adhigh.net	3 redirects
3	counter.yadro.ru	2 redirects
3	ssp-rtb.sape.ru	2 redirects yandex.ru
3	exchange.buzzoola.com	2 redirects
3	cdn.adfinity.pro	turkru.lol
2	eus.rubiconproject.com	cache.betweendigital.com eus.rubiconproject.com
2	pool.admedo.com	2 redirects
2	sync.upravel.com	2 redirects
2	sync.gonet-ads.com	2 redirects
2	ssp.adriver.ru
2	sonar.semantiqo.com	2 redirects
2	redirect.frontend.weborama.fr	2 redirects
2	nr.bidderstack.com	2 redirects
2	tech.rtb.mts.ru	2 redirects
2	euw-ice.360yield.com	2 redirects
2	dmg.digitaltarget.ru	1 redirects
2	dm.hybrid.ai
2	dpm.demdex.net	1 redirects
2	sync.dmp.otm-r.com
2	ups.analytics.yahoo.com	2 redirects
1	onetag-sys.com	cache.betweendigital.com
1	s.pubmine.com
1	www.tns-counter.ru
1	token.rubiconproject.com	eus.rubiconproject.com
1	secure-assets.rubiconproject.com	1 redirects
1	ysa-static.passport.yandex.ru
1	yandex-sync.rutarget.ru	1 redirects
1	yandex-dmp-sync.rutarget.ru	1 redirects
1	sync.magnitent.com
1	cdn3.caltat.com	1 redirects
1	s.uuidksinc.net	1 redirects
1	rtb-eu-warsaw.intent.ai
1	profile.ssp.rambler.ru	1 redirects
1	match.new-programmatic.com	1 redirects
1	pixel.konnektu.ru	1 redirects
1	solta-sync.rutarget.ru	1 redirects
1	sp.ohmy.bid	1 redirects
1	cm.tns-counter.ru	1 redirects
1	sync.adkernel.com
1	rtb.programattik.com
1	t.adx.opera.com
1	im.bluevoox.com
1	px.arcspire.io	1 redirects
1	cache.betweendigital.com	ads.betweendigital.com
1	hbe199.hybrid.ai	yandex.ru
1	yhb.p.otm-r.com	yandex.ru
1	pb.adriver.ru	yandex.ru
1	matchid.adfox.yandex.ru	yandex.ru
1	fonts.googleapis.com	turkru.lol
0	mitdmp.whiteboxdigital.ru Failed
0	ssp.bidvol.com Failed	yandex.ru
181	71

This site contains links to these domains. Also see Links.

Domain
www.liveinternet.ru

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-09-14` - `2023-09-14`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.adfinity.pro Sectigo RSA Domain Validation Secure Server CA	`2022-12-09` - `2023-12-16`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.xn--d1acpjx3f.xn--p1ai GlobalSign ECC OV SSL CA 2018	`2023-02-01` - `2023-08-01`	6 months	crt.sh
matchid.adfox.yandex.ru GlobalSign RSA OV SSL CA 2018	`2022-12-21` - `2023-06-14`	6 months	crt.sh
*.yastatic-net.ru GlobalSign ECC OV SSL CA 2018	`2023-02-01` - `2023-08-01`	6 months	crt.sh
*.adriver.ru GlobalSign GCC R3 DV TLS CA 2020	`2023-03-07` - `2024-04-07`	a year	crt.sh
*.ads.betweendigital.com Sectigo RSA Domain Validation Secure Server CA	`2023-01-13` - `2024-02-13`	a year	crt.sh
*.p.otm-r.com AlphaSSL CA - SHA256 - G4	`2023-02-22` - `2024-03-25`	a year	crt.sh
*.hybrid.ai Sectigo RSA Domain Validation Secure Server CA	`2022-09-26` - `2023-09-26`	a year	crt.sh
*.agency.sape.ru R3	`2023-04-11` - `2023-07-10`	3 months	crt.sh
bs.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-04-08` - `2023-10-07`	6 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-03-17` - `2023-08-27`	5 months	crt.sh
cache.betweendigital.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-16` - `2024-03-18`	a year	crt.sh
*.dmp.otm-r.com AlphaSSL CA - SHA256 - G2	`2022-05-27` - `2023-06-28`	a year	crt.sh
*.mds.yandex.net GlobalSign RSA OV SSL CA 2018	`2023-03-06` - `2023-10-06`	7 months	crt.sh
*.intent.ai GTS CA 1P5	`2023-04-10` - `2023-07-09`	3 months	crt.sh
*.bumlam.com R3	`2023-05-02` - `2023-07-31`	3 months	crt.sh
ysa-static.passport.yandex.net GlobalSign ECC OV SSL CA 2018	`2023-03-06` - `2023-10-06`	7 months	crt.sh
*.rubiconproject.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-07` - `2024-04-03`	a year	crt.sh
*.tns-counter.ru GlobalSign ECC OV SSL CA 2018	`2022-12-16` - `2024-01-17`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-28` - `2024-01-28`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.google.nl GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://turkru.lol/turk
Frame ID: 9F337187E5E46FA4CEA06BDD17A97712
Requests: 96 HTTP requests in this frame

Frame: https://turkru.lol/cdn-cgi/challenge-platform/h/g/scripts/jsd/7fe8adc8/invisible.js
Frame ID: FA86D2B1E52401C81D3E2A98BED96909
Requests: 6 HTTP requests in this frame

Frame: https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
Frame ID: D2A792CA8204A9B201F6288D29A31ECB
Requests: 65 HTTP requests in this frame

Frame: https://yastatic.net/safeframe-bundles/0.83/1-1-0/protected/render.html
Frame ID: 24F7C1532A819A9992E8954F303590C9
Requests: 5 HTTP requests in this frame

Frame: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=8fa756dd-cdb1-538d-8ba4-eb77efcede83&CACHEBUSTER=12463
Frame ID: 11F17283C0FF2EA26287E9FB8AB93735
Requests: 5 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Frame ID: 6FE11DBD149C55B1A9EC3E308FF786A5
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5d1628750185ace
Frame ID: 4EF29A3EB4D2E771CE0C544945D509E4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

TurkRu – турецкие сериалы 2022 онлайн на русском языке бесплатно в хорошем качестве

Page URL History Show full URLs

https://turkru.lol/ HTTP 301
https://turkru.lol/turk Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

181
Requests

73 %
HTTPS

25 %
IPv6

55
Domains

71
Subdomains

44
IPs

11
Countries

1489 kB
Transfer

3855 kB
Size

75
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.liveinternet.ru/click

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://turkru.lol/ HTTP 301
https://turkru.lol/turk Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 57

https://turkru.lol/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
https://turkru.lol/cdn-cgi/challenge-platform/h/g/scripts/jsd/7fe8adc8/invisible.js

Request Chain 66

https://exchange.buzzoola.com/ssp/adfox HTTP 307
https://exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t

Request Chain 70

https://ads.betweendigital.com/sspmatch?p=42565&r=${CACHEBUSTER1} HTTP 302
https://ads.betweendigital.com/sspmatch?p=42565&r=${CACHEBUSTER1}&crf=1 HTTP 302
https://x.bidswitch.net/sync?ssp=between HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=between HTTP 302
https://ads.betweendigital.com/match?bidder_id=43092&gdpr=&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dbetween%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D%26gdpr_consent%3D HTTP 302
https://x.bidswitch.net/sync?dsp_id=429&user_id=8fa756dd-cdb1-538d-8ba4-eb77efcede83&ssp=between&expires=30&user_group=1&gdpr=&gdpr_consent= HTTP 302
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=05a4d2ac-9314-4b72-8864-cb742c682ddf

Request Chain 71

https://ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D HTTP 302
https://acint.net/match?dp=14&euid=2B03420AF4356A64C902F58A0258CE69 HTTP 302
https://acint.net/match?dp=14&tc=1&euid=2B03420AF4356A64C902F58A0258CE69

Request Chain 72

https://ads.betweendigital.com/sspmatch-js?p=42565&randsalt=1253054506 HTTP 302
https://ads.betweendigital.com/sspmatch-js?p=42565&randsalt=1253054506&crf=1

Request Chain 73

https://counter.yadro.ru/hit?t50.5;r;s1600*1200*24;uhttps%3A//turkru.lol/turk;hTurkRu%20%u2013%20%u0442%u0443%u0440%u0435%u0446%u043A%u0438%u0435%20%u0441%u0435%u0440%u0438%u0430%u043B%u044B%202022%20%u043E%u043D%u043B%u0430%u0439%u043D%20%u043D%u0430%20%u0440%u0443%u0441%u0441%u043A%u043E%u043C%20%u044F%u0437%u044B%u043A%u0435%20%u0431%u0435%u0441%u043F%u043B%u0430%u0442%u043D%u043E%20%u0432%20%u0445%u043E%u0440%u043E%u0448%u0435%u043C%20%u043A%u0430%u0447%u0435%u0441%u0442%u0432%u0435;0.992657488034032 HTTP 302
https://counter.yadro.ru/hit?q;t50.5;r;s1600*1200*24;uhttps%3A//turkru.lol/turk;hTurkRu%20%u2013%20%u0442%u0443%u0440%u0435%u0446%u043A%u0438%u0435%20%u0441%u0435%u0440%u0438%u0430%u043B%u044B%202022%20%u043E%u043D%u043B%u0430%u0439%u043D%20%u043D%u0430%20%u0440%u0443%u0441%u0441%u043A%u043E%u043C%20%u044F%u0437%u044B%u043A%u0435%20%u0431%u0435%u0441%u043F%u043B%u0430%u0442%u043D%u043E%20%u0432%20%u0445%u043E%u0440%u043E%u0448%u0435%u043C%20%u043A%u0430%u0447%u0435%u0441%u0442%u0432%u0435;0.992657488034032

Request Chain 88

https://x.bidswitch.net/sync?ssp=between HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=between HTTP 302
https://ads.betweendigital.com/match?bidder_id=43092&gdpr=&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dbetween%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D%26gdpr_consent%3D HTTP 302
https://x.bidswitch.net/sync?dsp_id=429&user_id=8fa756dd-cdb1-538d-8ba4-eb77efcede83&ssp=between&expires=30&user_group=1&gdpr=&gdpr_consent= HTTP 302
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=05a4d2ac-9314-4b72-8864-cb742c682ddf

Request Chain 89

https://px.adhigh.net/p/cm/btw HTTP 302
https://px.adhigh.net/p/cm/btw?bounced=1 HTTP 302
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=eQyycnORXzn.AikABlGIPuLELg

Request Chain 90

https://ups.analytics.yahoo.com/ups/58665/occ?gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58665/occ?gdpr=0&gdpr_consent=&verify=true HTTP 302
https://ads.betweendigital.com/match?bidder_id=251&external_user_id=eS1lckV5MTBaRTJ1RUNRdkZmaFBsSXJXVW1BNHE2RDQuRS5HTW1SY0EtfkE%3D&gdpr=0

Request Chain 95

https://px.arcspire.io/yndx?id=9d4cd41a-f59d-4815-8a89-9d30806f5389 HTTP 307
https://an.yandex.ru/mapuid/arcspireis/879f36d606fbf3dff77588

Request Chain 96

https://acint.net/rmatch/?dp=151&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsapeis%2F%24%7BUSER_ID%7D HTTP 302
https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fan.yandex.ru%252Fmapuid%252Fsapeis%252F%2524%257BUSER_ID%257D&dp=14 HTTP 302
https://acint.net/rmatch?dp=14&euid=2003420AF4356A64D2024C0102C4070B&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsapeis%2F%24%7BUSER_ID%7D HTTP 302
https://an.yandex.ru/mapuid/sapeis/0100007FF4356A649F07590D0277EF13

Request Chain 97

https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F%24%7BUSER_ID%7D HTTP 302
https://an.yandex.ru/mapuid/betweendigitalis/8fa756dd-cdb1-538d-8ba4-eb77efcede83

Request Chain 98

https://yandex.ru/an/mapuid/adobedmp/ HTTP 302
https://dpm.demdex.net/ibs:dpid=423652&dpuuid=C4D955C51FA0F24E HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=C4D955C51FA0F24E

Request Chain 99

https://yandex.ru/an/mapuid/azerionis/ HTTP 302
https://match.360yield.com/match?external_user_id=4111E57467FC0C46&publisher_dsp_id=429&publisher_call_type=redirect HTTP 302
https://match.360yield.com/ul_cb/match?external_user_id=4111E57467FC0C46&publisher_dsp_id=429&publisher_call_type=redirect

Request Chain 101

https://yandex.ru/an/mapuid/betweenx/ HTTP 302
https://ads.betweendigital.com/match?bidder_id=161&external_user_id=9239AA3A045D1B1

Request Chain 102

https://yandex.ru/an/mapuid/blueseaxcom/ HTTP 302
https://im.bluevoox.com/pixel?s1=1&s2=1315&s3=vldyrx2shs82pv9o&cm=1&rd=1&puid=4B043772D68A06C0

Request Chain 104

https://yandex.ru/an/mapuid/google/?partner-tag=yandex_llc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=99A348BC2E2C2AB3&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

Request Chain 105

https://yandex.ru/an/mapuid/google/?partner-tag=yandexcom HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=99A348BC2E2C2AB3&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

Request Chain 106

https://yandex.ru/an/mapuid/google/?partner-tag=yandexru HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=99A348BC2E2C2AB3&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

Request Chain 107

https://yandex.ru/an/mapuid/operacom/ HTTP 302
https://t.adx.opera.com/sync?vendor=60143&uid=88A10D147D9AF9BE

Request Chain 108

https://yandex.ru/an/mapuid/turktelekomrtb/ HTTP 302
https://rtb.programattik.com/user-sync?dsp=5&t=image&uid=9DD15464C4FBA511

Request Chain 109

https://yandex.ru/an/mapuid/xapadsssp/ HTTP 302
https://sync.adkernel.com/user-sync?dsp=94&t=image&uid=BB2CEE8D1146D8BA

Request Chain 110

https://cm.tns-counter.ru/yacm HTTP 302
https://an.yandex.ru/mapuid/mediascope/c3a835531f512a65e8dc39bb2f47d7d57ba2bedc7336f2963138e96010657f6f

Request Chain 113

https://dmg.digitaltarget.ru/1/119/i/i?i=1684682228 HTTP 307
https://dmg.digitaltarget.ru/awg/custom/119/i/i?call_source=awg&ts=1684682228817&i=1684682228

Request Chain 114

https://euw-ice.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fazerionis%2F{PUB_USER_ID} HTTP 302
https://euw-ice.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fazerionis%2F%7BPUB_USER_ID%7D HTTP 302
https://an.yandex.ru/mapuid/azerionis/6dd6971a-402d-422c-b633-0049a34bd7d9 HTTP 302
https://match.360yield.com/match?external_user_id=6dd6971a-402d-422c-b633-0049a34bd7d9&publisher_dsp_id=429&publisher_call_type=redirect

Request Chain 115

https://exchange.buzzoola.com/cookiesync/redirect/yandex?redirect_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbuzzooladspis%2F%24%7BUUID%7D HTTP 301
https://an.yandex.ru/mapuid/buzzooladspis/14250800-44de-4f5f-7a33-904751a7381b

Request Chain 116

https://kimberlite.io/rtb/sync/yandex HTTP 307
https://sp.ohmy.bid/cm?ssp=solta&redirect_url=https%3A%2F%2Fkimberlite.io%2Frtb%2Fsync%2Fohmybid2%3Fu%3D%7Buid%7D%26f%3Dhttps%253A%252F%252Fan.yandex.ru%252Fmapuid%252Fsoltadspis%252FZGo19GD9tB8%26n%3D1 HTTP 302
https://kimberlite.io/rtb/sync/ohmybid2?u=dd796d5f-5e63-4ef0-8b89-8458424bbbeb&f=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsoltadspis%2FZGo19GD9tB8&n=1 HTTP 307
https://solta-sync.rutarget.ru/sync HTTP 302
https://kimberlite.io/rtb/sync/segmento?u=ubmg1-usq7Qa HTTP 307
https://sm.rtb.mts.ru/p?ssp=toptraffic&id=ZGo19GD9tB8 HTTP 301
https://sm.rtb.mts.ru/match/second?ssp=59&exu=ZGo19GD9tB8 HTTP 301
https://tech.rtb.mts.ru/?dsp_uid=f717081e-0b3d-4352-9ac1-94ccf6c69bba&return_url=https%3A%2F%2Fpixel.konnektu.ru%2Fredirect%2Fmts%3Fcallback_url%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%253D59%2526em%253D1%2526ssp%253Dkonnektu%2526id%253D%257BUSER_ID%257D HTTP 302
https://pixel.konnektu.ru/redirect/mts?callback_url=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D59%26em%3D1%26ssp%3Dkonnektu%26id%3D%7BUSER_ID%7D HTTP 302
https://sm.rtb.mts.ru/em?next=59&em=1&ssp=konnektu&id= HTTP 301
https://kimberlite.io/rtb/sync/mts?u=f717081e-0b3d-4352-9ac1-94ccf6c69bba HTTP 307
https://an.yandex.ru/mapuid/soltadspis/ZGo19GD9tB8

Request Chain 117

https://match.new-programmatic.com/userbind?src=yandex&pbf=1&gi=1 HTTP 302
https://an.yandex.ru/mapuid/targetrtbis/

Request Chain 119

https://nr.bidderstack.com/yandex/cm?r=https://an.yandex.ru/mapuid/hyperdspis/ HTTP 302
https://nr.bidderstack.com/yandex/cm?r=https://an.yandex.ru/mapuid/hyperdspis/&pupa=1 HTTP 302
https://an.yandex.ru/mapuid/hyperdspis/d7bf92e9-808d-208d-f435-6a64601d0100

Request Chain 120

https://profile.ssp.rambler.ru/sync3.302?pid=188 HTTP 302
https://an.yandex.ru/mapuid/ramblerssp/

Request Chain 121

https://px.adhigh.net/p/cm/yandexssp HTTP 302
https://an.yandex.ru/mapuid/getintentis/eQyycnORXzn.AikABlGIPuLELg

Request Chain 122

https://redirect.frontend.weborama.fr/redirect/standard?url=https://an.yandex.ru/mapuid/dmpweborama/{WEBO_CID} HTTP 307
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fdmpweborama%2F%7BWEBO_CID%7D&bounce=1&random=291923643 HTTP 302
https://an.yandex.ru/mapuid/dmpweborama/h8moJq7qG/15YyZ7fMExyu

Request Chain 124

https://s.uuidksinc.net/match/501 HTTP 302
https://an.yandex.ru/mapuid/kadamis/IwF8gVE7htcmGP6LfRRZ

Request Chain 125

https://sm.rtb.mts.ru/p?ssp=yandex&id=map HTTP 301
https://sm.rtb.mts.ru/match/second?ssp=55 HTTP 301
https://tech.rtb.mts.ru/?dsp_uid=f717081e-0b3d-4352-9ac1-94ccf6c69bba&return_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fmtsdspis%2Ff717081e-0b3d-4352-9ac1-94ccf6c69bba HTTP 302
https://an.yandex.ru/mapuid/mtsdspis/f717081e-0b3d-4352-9ac1-94ccf6c69bba

Request Chain 126

https://sonar.semantiqo.com/dmp/scr.php HTTP 302
https://counter.yadro.ru/id127/reff-id.gif?sid=ad0c7ab560f54226a83a5e78bd83f51f HTTP 302
https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=DADD923691AE0D3A&sid=ad0c7ab560f54226a83a5e78bd83f51f HTTP 302
https://cdn3.caltat.com/fbfc504c-89b0-4a80-bef4-c8e39daeee6f/sess.php?sid=ad0c7ab560f54226a83a5e78bd83f51f&spid=DADD923691AE0D3A&v= HTTP 302
https://sync.magnitent.com/fbfli/ct_sync.php?ct=d7799b2e0ee149b0ac78f14c96d5e453&sonar=ad0c7ab560f54226a83a5e78bd83f51f&spid=DADD923691AE0D3A&v=

Request Chain 131

https://sync.gonet-ads.com/match/yandex?id=[buyerUid] HTTP 302
https://sync.gonet-ads.com/match/yandex?id=%5BbuyerUid%5D&chk=1 HTTP 302
https://an.yandex.ru/mapuid/gonetisnew/NjcyMmEwMWYyN2UyNDU2ZQ

Request Chain 132

https://sync.upravel.com/yandex/sync HTTP 302
https://sync.upravel.com/yandex/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIl19fQ HTTP 302
https://an.yandex.ru/mapuid/upravelis/cc05bc02-5e7b-41da-8eef-ccac6fe978c0

Request Chain 133

https://x01.aidata.io/0.gif?pid=YANDEX HTTP 302
https://x01.aidata.io/0.gif?pid=YANDEX&bounce=1 HTTP 302
https://an.yandex.ru/mapuid/dmpaidatame/Q6Y0V7hM8h1b2mKhg26RgQ?sign=1361673854

Request Chain 134

https://yandex-dmp-sync.rutarget.ru/sync HTTP 302
https://an.yandex.ru/mapuid/dmpsegmento/RYubvVEqJBO9?sign=1641384796

Request Chain 135

https://yandex-sync.rutarget.ru/sync HTTP 302
https://an.yandex.ru/mapuid/rutargetis/ubmg1-usq7Qa

Request Chain 137

https://mc.yandex.ru/watch/2122350?wmode=7&page-url=https%3A%2F%2Fturkru.lol%2Fturk&nohit=1&charset=utf-8&cnt-class=1&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A11sypks4ojrd92w4vnwqw7z%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1031%3Acn%3A1%3Adp%3A0%3Als%3A429005290875%3Ahid%3A257460379%3Az%3A0%3Ai%3A20230521151708%3Aet%3A1684682229%3Ac%3A1%3Arn%3A912849107%3Au%3A1684682229557803694%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Aco%3A0%3Acpf%3A1%3Ans%3A1684682226319%3Arqnl%3A1%3Ast%3A1684682229%3At%3ATurkRu%20%E2%80%93%20%D1%82%D1%83%D1%80%D0%B5%D1%86%D0%BA%D0%B8%D0%B5%20%D1%81%D0%B5%D1%80%D0%B8%D0%B0%D0%BB%D1%8B%202022%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%BD%D0%B0%20%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%BE%D0%BC%20%D1%8F%D0%B7%D1%8B%D0%BA%D0%B5%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%B2%20%D1%85%D0%BE%D1%80%D0%BE%D1%88%D0%B5%D0%BC%20%D0%BA%D0%B0%D1%87%D0%B5%D1%81%D1%82%D0%B2%D0%B5&t=clc(0-0-0)aw(1)ti(2) HTTP 302
https://mc.yandex.ru/watch/2122350/1?wmode=7&page-url=https%3A%2F%2Fturkru.lol%2Fturk&nohit=1&charset=utf-8&cnt-class=1&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A11sypks4ojrd92w4vnwqw7z%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1031%3Acn%3A1%3Adp%3A0%3Als%3A429005290875%3Ahid%3A257460379%3Az%3A0%3Ai%3A20230521151708%3Aet%3A1684682229%3Ac%3A1%3Arn%3A912849107%3Au%3A1684682229557803694%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Aco%3A0%3Acpf%3A1%3Ans%3A1684682226319%3Arqnl%3A1%3Ast%3A1684682229%3At%3ATurkRu%20%E2%80%93%20%D1%82%D1%83%D1%80%D0%B5%D1%86%D0%BA%D0%B8%D0%B5%20%D1%81%D0%B5%D1%80%D0%B8%D0%B0%D0%BB%D1%8B%202022%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%BD%D0%B0%20%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%BE%D0%BC%20%D1%8F%D0%B7%D1%8B%D0%BA%D0%B5%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%B2%20%D1%85%D0%BE%D1%80%D0%BE%D1%88%D0%B5%D0%BC%20%D0%BA%D0%B0%D1%87%D0%B5%D1%81%D1%82%D0%B2%D0%B5&t=clc%280-0-0%29aw%281%29ti%282%29

Request Chain 141

https://turkru.lol/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
https://turkru.lol/cdn-cgi/challenge-platform/h/g/scripts/jsd/7fe8adc8/invisible.js

Request Chain 144

https://x.bidswitch.net/sync?ssp=between HTTP 302
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=05a4d2ac-9314-4b72-8864-cb742c682ddf HTTP 302
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=05a4d2ac-9314-4b72-8864-cb742c682ddf HTTP 302
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=36ef74b1-3837-46a2-b150-3f836ae7edf2&user_group=1&ssp=between&bsw_param=05a4d2ac-9314-4b72-8864-cb742c682ddf HTTP 302
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=05a4d2ac-9314-4b72-8864-cb742c682ddf

Request Chain 153

https://sync.bumlam.com/?src=aid0 HTTP 302
https://sync.bumlam.com/?src=aid0&s_data=CAIQARj166ijBqIBEI4Khxj36hHtocQAJZDIJDc* HTTP 302
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=8e0a8718-f7ea-11ed-a1c4-002590c82437 HTTP 302
https://sync.bumlam.com/?src=aid1&uid=Q6Y0V7hM8h1b2mKhg26RgQ& HTTP 302
https://an.yandex.ru/mapuid/adsniperis/8e0a8718-f7ea-11ed-a1c4-002590c82437

Request Chain 154

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu

Request Chain 158

https://x.bidswitch.net/sync?dsp_id=429&user_id=8fa756dd-cdb1-538d-8ba4-eb77efcede83&expires=60 HTTP 302
https://s.pubmine.com/match?bidder_id=1&external_user_id=05a4d2ac-9314-4b72-8864-cb742c682ddf&ssp_data=&gdpr=&gdpr_consent=

Request Chain 164

https://www.googleadservices.com/pagead/conversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0 HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=9jVqZOyeL5KmxwL0lo2QDQ&random=132078154&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=132078154&crd=&is_vtc=1&random=2876207738 HTTP 302
https://www.google.nl/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=132078154&crd=&is_vtc=1&random=2876207738&ipr=y

Request Chain 165

https://www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0 HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=9jVqZK-iL8yk1gb3k6XADA&random=714622180&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=714622180&crd=&is_vtc=1&random=2287416560 HTTP 302
https://www.google.nl/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=714622180&crd=&is_vtc=1&random=2287416560&ipr=y

181 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request turk Show response
turkru.lol/
Redirect Chain

https://turkru.lol/
https://turkru.lol/turk

51 KB
12 KB

129ms
128ms

Document
text/html

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://turkru.lol/turk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a9dcd56f666978ededc9e96196dbfe8d0763e487f87a8290ae92951bfb29571

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7cadc8cb782c9273-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Sun, 21 May 2023 15:17:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=411k14hBvHHlPes7zdfExCbYoHGNxYpttVykWisf1kq9z36KQ5TLnpP7oz1iv4%2BbElDnE4XaranTWcuemz1JrsjSDoHywIW2G1W8He4f90AN7mKDOLeTLjqdFu8cyzGcqUe14rT85z6q"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7cadc8caff909273-FRA
content-type: text/html; charset=UTF-8
date: Sun, 21 May 2023 15:17:06 GMT
location: /turk
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uNS2bj%2BTQ8DuL%2B2S41A3cUmVWRyPxRwg8JS1VjbmvIMNfTjr6d5E4P7a%2BrtqY%2BqHF7F%2FeuUHnKzjTcHdEJI68XY78K4w8lfpsVS7S3uEWE%2FY%2BAvGEUJ2PZEx45licAsh5BIRi2FJRJAB"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H3 200 styles.css
turkru.lol/templates/turokserv3/style/ 36 KB
9 KB 226ms
226ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://turkru.lol/templates/turokserv3/style/styles.css
Requested by: Host: turkru.lol
URL: https://turkru.lol/turk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07c7e597a59a84708f75391012951dee90f83452889c54e6ccbe47ccfc7ad3a4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://turkru.lol/turk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 15:17:06 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 22 Feb 2022 12:41:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6214d9f9-8ee4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=haDS7LoPGVS9ILDAXNQ3oSdLpoKGa7WSUmPTGENsAxbOsK3UmTtQuTth0Fzx4W8g%2FsBZ%2BGfBdz%2BxJ%2BMGV9XvFbX54wA9SmqLpL%2FAlCeiw%2BQ8SepIrAIDZZdINrrZgPWBITx3Oi4luXWO"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 7cadc8cc5f909a39-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 engine.css
turkru.lol/templates/turokserv3/style/ 87 KB
29 KB 196ms
195ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://turkru.lol/templates/turokserv3/style/engine.css
Requested by: Host: turkru.lol
URL: https://turkru.lol/turk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88542fe4099f306da96262d4632ec517d1e6706858856b56e9d91cb87b0335fd

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://turkru.lol/turk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 15:17:06 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Fri, 05 Nov 2021 08:56:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6184f1a7-15ce5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ysB357IV0KntCpB4w59LTSydX%2BSIUecI4Tur1zhd%2B%2By43f0ElqhpH%2FptEZhBqJFrL06ZIN4o%2BwaeJZ0AbkpZoJ%2BFTeG3Nuems6u4%2FAYvwL%2BGgyyHHyNiv7%2BjZNPIjYvKeY8z7vynbd2%2B"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 7cadc8cc5f929a39-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 filter-xf.css
turkru.lol/templates/turokserv3/style/ 8 KB
4 KB 227ms
226ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://turkru.lol/templates/turokserv3/style/filter-xf.css
Requested by: Host: turkru.lol
URL: https://turkru.lol/turk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6090619497acb4b9d07b2fd4ff972891f45f8f73bf5fe5774d8827fbe53a4744

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://turkru.lol/turk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 15:17:06 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 22 Feb 2022 12:19:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6214d4cb-1f81"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lwNDVHpHHlq2eqRqGW7RYvLgRk3cDC7FRztCQMmd1nJz5c8C0ruXqPf0IIBSDzm90QAPu2wuwvps7K2HEs7AmqptnCPgq7E6dq%2BKu7GZeDaX2EewjjUTwrGBIlJDxtdRh7v4wiIhKo00"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 7cadc8cc5f949a39-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
1 KB 77ms
28ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Play:400,700&subset=cyrillic

Requested by

Host: turkru.lol
URL: https://turkru.lol/turk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

626aea4800393b27454696749a7ee9d325a66a4c3435b0a37210adca6172260c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://turkru.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 21 May 2023 15:17:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 21 May 2023 13:49:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 21 May 2023 15:17:06 GMT

GET
H2 200 adfinity_1.1.css
cdn.adfinity.pro/foralls/ 8 KB
2 KB 350ms
46ms Stylesheet
text/css 2a11:27c0::93
EDGECENTERLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adfinity.pro/foralls/adfinity_1.1.css
Requested by: Host: turkru.lol
URL: https://turkru.lol/turk
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a11:27c0::93 , Russian Federation, ASN210756 (EDGECENTERLLC, RU),
Reverse DNS
Software: nginx /
Resource Hash: ccf2fb8adab4fc0394d08fe2e04cf7e42e682e498cf8465d5e2d2e8bfdffe7c0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://turkru.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-id: blt-up-gc15
date: Sun, 21 May 2023 15:17:06 GMT
content-encoding: gzip
last-modified: Tue, 21 Feb 2023 09:19:43 GMT
server: nginx
etag: W/"63f48caf-2058"
x-cached-since: 2023-05-21T13:57:56+00:00
content-type: text/css
access-control-allow-origin: *
cache: HIT

GET
H3 200 e846ff9a4966f30a25c60612fc23be.webp
turkru.lol/uploads/mini/fullst/0a/ 6 KB
7 KB 173ms
168ms Image
image/webp 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://turkru.lol/uploads/mini/fullst/0a/e846ff9a4966f30a25c60612fc23be.webp
Requested by: Host: turkru.lol
URL: https://turkru.lol/turk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a09bdc422a00d6bae1023ed2cedfa3ede7e4b02956757b35a7318e7da8c6a1c1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://turkru.lol/turk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 15:17:06 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 22 Mar 2023 18:46:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "641b4d21-1934"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hDSBRrYwD9G5irgVPTza0%2Bnilx%2BXoFn7o2VgcQd3fLMw1evfKjJ5s3yKVmPkui98fvI68MV8eOKkjNpyqYhV4qkobd12UnRKPw93WTvRjb0wSeBRmLi%2B3phUK3nlcH3HYDnYqisD7TtA"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7cadc8cc5fb49a39-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6452
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 45e7e90c040347cef7697f1fd24095.webp
turkru.lol/uploads/mini/fullst/bf/ 10 KB
11 KB 325ms
319ms Image
image/webp 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://turkru.lol/uploads/mini/fullst/bf/45e7e90c040347cef7697f1fd24095.webp
Requested by: Host: turkru.lol
URL: https://turkru.lol/turk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 561b6b210e72096bbbed249750b35f1eda17497872c151906d77b659f4f8648d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://turkru.lol/turk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 15:17:06 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 03 Oct 2022 16:37:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "633b0fb0-29ce"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Is6deDfwPoO2WNHmdMT1xY56cUkFaDSKH5UYSP5pZWI1UJ6Cj3kZIaFrWLccdtLIVDKIvJA3kmbIWvwG4TfOL%2F4qSnDhqVDwWKfFkKnlx%2FGtNMqUs23NIilFmdll3xkTbGFRIvRyBhJ"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7cadc8cc5fb99a39-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10702
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 10a6706c3543f71de1dcd3165fc6f1.webp
turkru.lol/uploads/mini/fullst/f0/ 12 KB
13 KB 1171ms
1165ms Image
image/webp 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://turkru.lol/uploads/mini/fullst/f0/10a6706c3543f71de1dcd3165fc6f1.webp
Requested by: Host: turkru.lol
URL: https://turkru.lol/turk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5253255b999ae4cf9c71faf127eb482bbe5d827cd0cb7128093e4b9da6f3cbb6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://turkru.lol/turk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 15:17:07 GMT
cf-cache-status: DYNAMIC
last-modified: Sat, 05 Mar 2022 18:42:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6223aefe-319e"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vSD71AEGEXgMauXWVMhlPrKESdhoaoUzTLct%2BWjSe5nmqDFnmvueR4VpmEA%2FxheQAofVcXwQieMsf8zeZN3JjXNLrxHxnPvvCEmsJR3mrhfRm%2FGlQqOJw4luAkttNnGH6YftJ7%2BvGz1u"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7cadc8cc5fbc9a39-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12702
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 9ac73fdc8623fcbd707a91aec153e8.webp
turkru.lol/uploads/mini/fullst/f3/ 7 KB
7 KB 224ms
218ms Image
image/webp 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://turkru.lol/uploads/mini/fullst/f3/9ac73fdc8623fcbd707a91aec153e8.webp
Requested by: Host: turkru.lol
URL: https://turkru.lol/turk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5943761262fe0fcc7d6eb9658c863cb9b47f80905a84024fe7dbaa4905262b4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://turkru.lol/turk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 15:17:06 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 19 Dec 2022 03:38:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "639fdcb4-1a82"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rvdBvrGKNPJU%2FZWA8KGaCBMt2PYiA60V1qrX3uvdOvNKNyQe5s3RWtnpteaS49w2I7VmkWmwkCnddBmzPiEdY3ww7xBB%2BG9v4f4xZ4ErTguudCygqiSPtEhuVHFhaqerPdci6eGUlNM3"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7cadc8cc5fbe9a39-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6786
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 62b0ca819fa44c9eeed7947027a56a.webp
turkru.lol/uploads/mini/fullst/0a/ 12 KB
12 KB 242ms
237ms Image
image/webp 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://turkru.lol/uploads/mini/fullst/0a/62b0ca819fa44c9eeed7947027a56a.webp
Requested by: Host: turkru.lol
URL: https://turkru.lol/turk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc88955bf50ac138e85dd8e9ed4d9439819defe9259084b1cd5445222ebec2f7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://turkru.lol/turk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 15:17:06 GMT
cf-cache-status: DYNAMIC
last-modified: Sat, 05 Mar 2022 16:36:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6223917c-2e38"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WrACfVmonyg3BtjNdw5B97XLds8RfbpwU%2FFPKdMY47rmRbznyjrpJF5GiFnSOLROztzJmAbO4x7PHwmDkwz0ESzOyxdUDQ4iZO%2BqaqjYtwuUjoqWavKlX6rnIPcuv6NDOtHrrJ%2BkOdQm"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7cadc8cc5fc19a39-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11832
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 2aba7a43624fb9c79005259cd3e494.webp
turkru.lol/uploads/mini/fullst/04/ 7 KB
8 KB 1196ms
1191ms Image
image/webp 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://turkru.lol/uploads/mini/fullst/04/2aba7a43624fb9c79005259cd3e494.webp
Requested by: Host: turkru.lol
URL: https://turkru.lol/turk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4cbd2c67b9ecc1725046ecb3b439b729031c3f550ea511f79c45b76118f41a97

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://turkru.lol/turk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 15:17:07 GMT
cf-cache-status: DYNAMIC
last-modified: Sat, 05 Mar 2022 16:41:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "622392a1-1dea"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZEMhOnot3F4Qppj24sAbcswXupE%2FcOTq1lrc15go1nMF7Bn6eaWPtKIMQtz3GPYGapLCd2Y5lXky%2BngYtAC9A8GbcWE9TC8AF3KipL641A74kVZ7wMF8nPzYyqqGMog6UQqXAUmC942g"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7cadc8cc5fc49a39-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7658
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 deeffa20257ee0c4078e188ccb21d2.webp
turkru.lol/uploads/mini/fullst/25/ 6 KB
7 KB 223ms
218ms Image
image/webp 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://turkru.lol/uploads/mini/fullst/25/deeffa20257ee0c4078e188ccb21d2.webp
Requested by: Host: turkru.lol
URL: https://turkru.lol/turk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a7ffff086820345ebed117cef84262345b79216f6b54f3a810234071aa4318c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://turkru.lol/turk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 15:17:06 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 22 Mar 2023 19:16:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "641b53f7-19d0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pj5Vnbn3G396cqcrLIb95Xnmmza8hWvOuT7yj8NOgj5buJbPEW8GajE6CDR6tfJaKl7joM%2FzabCqCqJ8kvcD3oNgHm8ttP7kWUQLvChgljZRqLcIQwIRXUhz8clKceZTWBc5d9iZY3At"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7cadc8cc5fc79a39-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6608
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 c401deb9547eafe95aa7f57d6e01a1.webp
turkru.lol/uploads/mini/fullst/81/ 8 KB
8 KB 528ms
523ms Image
image/webp 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://turkru.lol/uploads/mini/fullst/81/c401deb9547eafe95aa7f57d6e01a1.webp
Requested by: Host: turkru.lol
URL: https://turkru.lol/turk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8cf527c29fb63a4e240af55a4403baf4deb2ea73fb12075c8d720e4c53b26a13

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://turkru.lol/turk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 15:17:07 GMT
cf-cache-status: DYNAMIC
last-modified: Thu, 15 Sep 2022 19:41:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "63237fdb-1ed0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U796tjqGSIPbKI6vBWliL8r60dMaPDs%2BmEwVM5R1fdoTMyVhtrbt7hb3b08D5F7Q1id5wnKRC7oceMwq7ZDSYwECB7g2v5RcZQFq4g8DSOpGp%2B8DDubVt%2BFauhAt%2BjjsJ8iVN1X3Hlyh"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7cadc8cc5fcb9a39-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7888
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 d58017696c5d5e79dced82fa3a616b.webp
turkru.lol/uploads/mini/fullst/78/ 10 KB
10 KB 242ms
237ms Image
image/webp 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://turkru.lol/uploads/mini/fullst/78/d58017696c5d5e79dced82fa3a616b.webp
Requested by: Host: turkru.lol
URL: https://turkru.lol/turk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0daf4dbd4ac6adab8c00c6cc384b69c6a7de3ffd9b8de02a52af14f33c261142

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://turkru.lol/turk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 15:17:06 GMT
cf-cache-status: DYNAMIC
last-modified: Sat, 05 Mar 2022 16:36:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6223917c-26f6"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rf8n4u9ZxZEhjDv08WsppEDYozmGX8aWfgWkalHPYXapzFkXcZjdWWDEDlgEj8DGd%2B5jxpnnfB0wb01Sro8RbkZezaUvZzL4CxraYF%2BKHYdoQUd0%2BZ%2BZileUzrmSD6h04%2BbG1jbe0s6l"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7cadc8cc5fcf9a39-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9974
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 9ac8e67ec0d25c9f6395776a1eab38.webp
turkru.lol/uploads/mini/fullst/a2/ 6 KB
7 KB 223ms
218ms Image
image/webp 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://turkru.lol/uploads/mini/fullst/a2/9ac8e67ec0d25c9f6395776a1eab38.webp
Requested by: Host: turkru.lol
URL: https://turkru.lol/turk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a7ffff086820345ebed117cef84262345b79216f6b54f3a810234071aa4318c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://turkru.lol/turk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 15:17:06 GMT
cf-cache-status: DYNAMIC
last-modified: Thu, 20 Apr 2023 16:30:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "644168c1-19d0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B263JaGDBJq80VtH6jKEeNfz0sBbk%2BjI6RC87J8PJSntQxSlV6yfo9dmYcYC7pd7IESwf2ho3iCWz%2B6wqcVNWCJ%2FO3tdvvNgoFepZiyyaigxlwNzcULvQ1LxIgi1IPQy6%2BikfDBgIRmX"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7cadc8cc5fd09a39-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6608
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 571d9fc9c8afaa4ed29362aebd090a.webp
turkru.lol/uploads/mini/slser/f6/ 4 KB
5 KB 247ms
242ms Image
image/webp 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://turkru.lol/uploads/mini/slser/f6/571d9fc9c8afaa4ed29362aebd090a.webp
Requested by: Host: turkru.lol
URL: https://turkru.lol/turk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98c4dd620dced1876c9138160c7f0241fa634bf5154d5fbc37b421e906e9f20a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://turkru.lol/turk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 15:17:06 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 22 Aug 2022 22:17:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "63040078-1120"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nJxxZIC8UpyxpFEHqYKb84oOEi74oX9B7ee11LkWAe0vzTipmSkpVETclmbU0AiRCy2c2ovv9%2FbC7Joeb9TIe%2F%2FfKIm0hjoiUPjn2i7%2F%2B1L%2B4p6s6FfUlv%2FXtHcErcRDZhbxKos%2FIwW0"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7cadc8cc5fd39a39-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4384
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 2eaea804f9a2e372e7117b6e359770.webp
turkru.lol/uploads/mini/slser/6f/ 6 KB
6 KB 247ms
242ms Image
image/webp 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://turkru.lol/uploads/mini/slser/6f/2eaea804f9a2e372e7117b6e359770.webp
Requested by: Host: turkru.lol
URL: https://turkru.lol/turk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db5c03d1c5e6b05e7d8fa8146362b829f601380732336f6ea8781986227744a7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://turkru.lol/turk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 15:17:06 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 22 Aug 2022 22:17:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6304007b-1736"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kXJValgS%2FsFlDKvz%2FdMsntiMMJ0YjnmMMLauSWG1flf6R4lhyiwLQ6cRyRdh2%2Fs7Ob%2B7E9fQTrbzm2IUjNoA2U3Yhf%2Bm6arpJvN5%2BDSqB%2BrMsc9%2BIeUufDcjs3E2eIjOyqoZDcb3Z8I7"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7cadc8cc5fd59a39-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5942
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 7d8ab1082916da23b250d60dcc984a.webp
turkru.lol/uploads/mini/slser/13/ 6 KB
6 KB 247ms
242ms Image
image/webp 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://turkru.lol/uploads/mini/slser/13/7d8ab1082916da23b250d60dcc984a.webp
Requested by: Host: turkru.lol
URL: https://turkru.lol/turk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1bbb3a3ffd028bc77da6950c8de525f851d4b4adc55cb1dbd7173fdfa3523e6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://turkru.lol/turk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 15:17:06 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 22 Aug 2022 22:17:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6304007b-169e"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BwZAp0%2BvQZZQItdjWXLreaz6KH4lVof12aOt7aewP25N5grPPkJKCU7XhfCKMc5ae2xucHOnUOVx8lO5dFLka1zHWUvkPxfTxGeMyItX9OJD97CJJSVTLPiSPy2yzNer9yzFgUC4h1wu"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7cadc8cc5fd89a39-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5790
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 de33afbcf7024c1f56290c844313cd.webp
turkru.lol/uploads/mini/slser/57/ 5 KB
5 KB 248ms
243ms Image
image/webp 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://turkru.lol/uploads/mini/slser/57/de33afbcf7024c1f56290c844313cd.webp
Requested by: Host: turkru.lol
URL: https://turkru.lol/turk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4c26569d90f1cc7266204cbb6253077ddc2ea37d4a9cf5de6d2448787764dbd

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://turkru.lol/turk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 15:17:06 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 22 Aug 2022 22:17:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6304007a-13e8"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G1KeL5eSTxN4XJmGKUL8KWJyazruUFy%2BvTbsCY%2BUdUO3fETeYNxrN%2FZerNb%2F1a%2BQDLDQECIhh6vDSGHLBlmGJw6YT3k0tZ6LsJvRcPHcdmEce8sCjYOLIcrDkp6UNaAUhawBVjB77tWA"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7cadc8cc5fda9a39-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5096
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 0de82a1c7ce1296b163688b7e97708.webp
turkru.lol/uploads/mini/slser/01/ 4 KB
5 KB 248ms
243ms Image
image/webp 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://turkru.lol/uploads/mini/slser/01/0de82a1c7ce1296b163688b7e97708.webp
Requested by: Host: turkru.lol
URL: https://turkru.lol/turk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b5b800f383d24890221226c82d966eb345e02e1e0ab7bda43b2fbe0bcae4022

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://turkru.lol/turk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 15:17:06 GMT
cf-cache-status: DYNAMIC
last-modified: Sat, 05 Mar 2022 16:40:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "62239273-11ac"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FS4MUxsgZQT4Y0BMlzqJbT%2FyoqNopqNiU3JQF213ZlL%2FXVuSexIOf5J%2FWi%2F6BlADEnRTPdHeWAQ%2F5wWUTiouZFlZ7Z2X%2FPLPkHZufh7dDq9KEw9nTWuejPt%2FGtWZ0udgiBKzyr%2BNBxr9"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7cadc8cc5fdc9a39-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4524
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 47b85a988ae4e31096cf9112c92702.webp
turkru.lol/uploads/mini/slser/6a/ 5 KB
5 KB 266ms
261ms Image
image/webp 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://turkru.lol/uploads/mini/slser/6a/47b85a988ae4e31096cf9112c92702.webp
Requested by: Host: turkru.lol
URL: https://turkru.lol/turk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c06e154adc3a9da6898754db2b2bf7d46478653efdf5dabf6772e470ccc8235

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://turkru.lol/turk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 15:17:06 GMT
cf-cache-status: DYNAMIC
last-modified: Sat, 05 Mar 2022 16:42:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "622392ff-1398"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7%2BL%2B5WVtb7diANUXe6J7Bq7X%2B1BMV9%2B3yUN3I%2FDFUBeefZoriaRr20tXc3yP1w8TgyoGLAmddLSt9PgJtbFbgprg5CU7WmeE3JfVnWeqGbmc%2BBrS%2FOAEH0LVdLogvUjs7xJOkEx4xnm9"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7cadc8cc5fde9a39-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5016
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 dd2350716700229d3a3955095a9c0d.webp
turkru.lol/uploads/mini/slser/07/ 5 KB
5 KB 271ms
266ms Image
image/webp 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://turkru.lol/uploads/mini/slser/07/dd2350716700229d3a3955095a9c0d.webp
Requested by: Host: turkru.lol
URL: https://turkru.lol/turk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3222913fc217014f697180438f8c6477eb4488565a2e02d50f96ef9725b9d39

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://turkru.lol/turk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 15:17:06 GMT
cf-cache-status: DYNAMIC
last-modified: Sat, 05 Mar 2022 16:40:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "62239266-1210"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DNAYdgCvdekE1OLRyRfKsLI8OzEwG6Ph6IXob4rMl0lRwj%2F1VRaZUfIpMfm3yuZgseCCeJSNOI0EA%2B3%2BqHCkLTr5MdQXnEZ%2BIFMdd%2Bxw1C9o6HSR8TMBPswHDYF3G5DLuhfowQOoyxAH"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7cadc8cc5fe09a39-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4624
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 876e855e776a5ed8834d08be8f1f19.webp
turkru.lol/uploads/mini/slser/2d/ 6 KB
6 KB 272ms
267ms Image
image/webp 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://turkru.lol/uploads/mini/slser/2d/876e855e776a5ed8834d08be8f1f19.webp
Requested by: Host: turkru.lol
URL: https://turkru.lol/turk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b54ae706446b6406de74ffb63ce777185b929132f3fbc575a4f5f9ed219aa535

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://turkru.lol/turk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 15:17:06 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 07 Sep 2022 10:23:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "63187134-176c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PXkhuhOyk1tuu2MgvmX%2BkTqVUYEDg1dGxLDuO2m0BeBPSt6KziybyYa2cHx0Ym4omjEsnW9B36rmjjsibCvpbo9yueQa3XP8MyNqx7VYYTAEVUFHZt7CjT%2BNd6i0OykIKE3XnSa5F%2FYg"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7cadc8cc5fe19a39-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5996
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 ebc1d6e943fc5d84c80e0f7a0ebaf5.webp
turkru.lol/uploads/mini/karusel/92/ 10 KB
10 KB 272ms
267ms Image
image/webp 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://turkru.lol/uploads/mini/karusel/92/ebc1d6e943fc5d84c80e0f7a0ebaf5.webp
Requested by: Host: turkru.lol
URL: https://turkru.lol/turk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab0df4162e8b12055aeb167e2264a2e1e3279fe03a1a161d00fc849b04f9d71c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://turkru.lol/turk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 15:17:06 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 20 Jul 2022 08:48:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "62d7c14d-272a"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FKnC2TxlkpOJKVuV9io4aKh%2BsoEfCFdr8d3kGmA8jRZsxc8dkTbH0xH4WQKjqgNfZxxxmnCJxpZHcNPAVhLgccrl%2FLnhANhyICihfB9YQkLqSiYOOxthWudPSWHtWrUCnNTFaACLY12L"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7cadc8cc5fe29a39-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10026
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 9ac73fdc8623fcbd707a91aec153e8.webp
turkru.lol/uploads/mini/karusel/f3/ 6 KB
7 KB 1175ms
1169ms Image
image/webp 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://turkru.lol/uploads/mini/karusel/f3/9ac73fdc8623fcbd707a91aec153e8.webp
Requested by: Host: turkru.lol
URL: https://turkru.lol/turk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4df5c8356f53ade5575c0b65edf56c3d853e4623ff56190a16117c5f9d027cd

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://turkru.lol/turk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 15:17:07 GMT
cf-cache-status: DYNAMIC
last-modified: Sat, 28 Jan 2023 11:00:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "63d50053-19f8"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=90Tr2H69zWM44IAKwd6FB4BNRCJW%2BxFy7bDnM3%2Bi6C7HBEYe0TXy2OQOJNBVZFhOPtREpBTe6aquFBA7112DdDTpk6P5CTDFEUxAGfs8bDdKakXgJv%2BCuxzhid6zqZdnz%2BUmKVpVdGg%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7cadc8cc5fe39a39-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6648
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 78c87d1f2f0d87d975ea5b56b727bf.webp
turkru.lol/uploads/mini/karusel/e1/ 6 KB
7 KB 1193ms
1188ms Image
image/webp 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://turkru.lol/uploads/mini/karusel/e1/78c87d1f2f0d87d975ea5b56b727bf.webp
Requested by: Host: turkru.lol
URL: https://turkru.lol/turk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2d02e589353ea7a67193a0511cd52c4bcbdc026fcecfc19473dee14ae07e178

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://turkru.lol/turk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 15:17:07 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 01 Feb 2023 05:00:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "63d9f1e6-186e"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aHkkANqnkipAo5k63akfdizhsRl0QnwCTYK%2BnpJbnay2MgaHXkcmsYBteIJQyOIvSRnRzeShk8gcfBHonA2dgD3GAXcykc1KKhg3UhIv17nVcZtJlnaOYjjzRnSaL2xeNEOdZyMZUON8"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7cadc8cc5fe49a39-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6254
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 695c2f257d06e0ea5f9e46983f8e68.webp
turkru.lol/uploads/mini/karusel/87/ 8 KB
8 KB 1175ms
1170ms Image
image/webp 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://turkru.lol/uploads/mini/karusel/87/695c2f257d06e0ea5f9e46983f8e68.webp
Requested by: Host: turkru.lol
URL: https://turkru.lol/turk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d596a526676516ea65d34705e0f55e5c6f1bad98c6bd6ef30dfd52468d8e8f0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://turkru.lol/turk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 15:17:07 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 09 Nov 2022 03:00:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "636b17b6-1e7e"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZF8t6%2B7YliW5dAjpHgC8iuslltimK%2BiAoxfmxmoQINV1cVt0JFANDiorFF9yBVVClMknrvGN%2B7le3vF0lXjqcqiYJnuNWTcDaz94OL5ljSStBQXriKqbrVZoslja8OiSoYwhQ5yERoOH"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7cadc8cc5fe59a39-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7806
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 fee25e0c43e8e7d70edfc1d16f6c17.webp
turkru.lol/uploads/mini/karusel/df/ 8 KB
9 KB 272ms
267ms Image
image/webp 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://turkru.lol/uploads/mini/karusel/df/fee25e0c43e8e7d70edfc1d16f6c17.webp
Requested by: Host: turkru.lol
URL: https://turkru.lol/turk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c87700d1ec5a86eb113fbfad5cb2eebdcc22929503201c595cd804bc8e32470b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://turkru.lol/turk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 15:17:06 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 20 Jul 2022 08:39:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "62d7bf5a-21a2"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ebr%2FTzw84N4%2FHK%2BLzuT%2F3m7Eq0B%2BghDSiChhbItaUo1IwK0lFJE62XgT8iWlZyKA141brX23UOEmc6Tlfec9ZGbgzw1iWfsYxmY3vDbe5pNgr8mlizq0JxmJncLe1vZz035n3O0yj4SH"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7cadc8cc5fe69a39-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8610
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 37b1f4a34b78202e31a1fdf947b542.webp
turkru.lol/uploads/mini/karusel/bc/ 8 KB
9 KB 275ms
270ms Image
image/webp 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://turkru.lol/uploads/mini/karusel/bc/37b1f4a34b78202e31a1fdf947b542.webp
Requested by: Host: turkru.lol
URL: https://turkru.lol/turk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d7b0970869968b7e676c9cd1bff0a3e3300f77a0513e8ef5f61c2ade78d3e8d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://turkru.lol/turk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 15:17:06 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 11 Jan 2023 13:00:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "63beb2e7-212a"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zuwye49du9H1a9%2B0WdmONvJCfXd7Xi%2BL39ydcJ07jMdPyGl4CEHxSqnO698ivuiTQpL8eB2G5cDPz%2BeAIxpv%2FxvOrp41lM%2F9Jh8KuWrpabtG3Pv5%2BUxtlqPSmSlQdJgZXJRmK0aTkE%2Fa"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7cadc8cc5fe79a39-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8490
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 6454663e579cee0efd26516663583a.webp
turkru.lol/uploads/mini/karusel/22/ 10 KB
11 KB 1173ms
1168ms Image
image/webp 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://turkru.lol/uploads/mini/karusel/22/6454663e579cee0efd26516663583a.webp
Requested by: Host: turkru.lol
URL: https://turkru.lol/turk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d2c2269798566fb6257f377fba8034430bbb8c2a9a3264cb14732d75b42c70d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://turkru.lol/turk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 15:17:07 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 20 Jul 2022 08:39:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "62d7bf5a-2904"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LAUkDpel5e4a910dR5bUYv%2FhIoowma%2F%2FPFVAOe2ERou3lALi07NdZKuzUI8cB0wYIPafAVe1CM8qU584MhodHaZx1B2wdkAx8A0pl7JDd%2BxTxnMfkiZnJz1IIVLr2R3H0yk7eK5E%2Fpor"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7cadc8cc5fe89a39-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10500
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 4a64cca64f4ce10e6f52c3e42eee0e.webp
turkru.lol/uploads/mini/karusel/5e/ 8 KB
9 KB 340ms
335ms Image
image/webp 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://turkru.lol/uploads/mini/karusel/5e/4a64cca64f4ce10e6f52c3e42eee0e.webp
Requested by: Host: turkru.lol
URL: https://turkru.lol/turk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e39a462165c673034b74d57bbb238e9e2a0e389154cd31412f94924914cce494

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://turkru.lol/turk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 15:17:06 GMT
cf-cache-status: DYNAMIC
last-modified: Fri, 10 Mar 2023 11:00:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "640b0dbc-2108"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CJYu%2FrrHgibIrHmoO1%2FB%2BYUunIoVtSHHi6nJn3mmeaTE8PaqRXulQ8jwYMJmW50sKz6stas1Rp0slds3GqOwCwTJ%2FlYnYMJCrbHZCUOJ%2FKLb3XYrX23ydIbv%2BPlcaOhXk9i%2BHqFmpIEA"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7cadc8cc5fec9a39-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8456
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 324b271ffdb539b259874f2ce83407.webp
turkru.lol/uploads/mini/karusel/b0/ 9 KB
9 KB 288ms
283ms Image
image/webp 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://turkru.lol/uploads/mini/karusel/b0/324b271ffdb539b259874f2ce83407.webp
Requested by: Host: turkru.lol
URL: https://turkru.lol/turk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e3440b942bff8ec5acd0ecc6692a59855e3e51a2a34be2b6df59e6a8aec4e49

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://turkru.lol/turk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 15:17:06 GMT
cf-cache-status: DYNAMIC
last-modified: Sun, 26 Feb 2023 15:00:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "63fb7400-233e"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ikfleiSskW8LD0z8ooS3HJZgunYf%2F2y8OMKfMxutWzMiDQMmLQY4ufMJzLHPzvEMRJiMGDTUnHiotDQqm3jQAoCQsyKZpO7RoPF0ria7%2B8%2FZDPgRlP775WXrpL3wfiKN8n4UO7KWVdkU"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7cadc8cc5fee9a39-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9022
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 4f5df0eb7b06415a49c7b6d832d3c9.webp
turkru.lol/uploads/mini/karusel/aa/ 11 KB
11 KB 1188ms
1183ms Image
image/webp 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://turkru.lol/uploads/mini/karusel/aa/4f5df0eb7b06415a49c7b6d832d3c9.webp
Requested by: Host: turkru.lol
URL: https://turkru.lol/turk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4ae9569890e771836bb654d49f5ff9c7d2d97fe8399b8d231106904518cf7b6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://turkru.lol/turk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 15:17:07 GMT
cf-cache-status: DYNAMIC
last-modified: Sat, 18 Mar 2023 11:00:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "641599c7-2a58"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RDWRF7iOq9tiv2VbF5jnDpqCWEeVZnT5PafXPKGYPJ5YjzZGkBWVmzawPXdKpPunAaKp%2B%2BhIY9Jd57%2BmdTZx0lVogBQptJg83cEoe%2FZ6%2BGpnb%2FIMnpJ1WYlUvcgl2Aj2CZ3dSOyLgDNu"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7cadc8cc5ff09a39-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10840
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 48e10d42b7c24c2611e6d189df0dbd.webp
turkru.lol/uploads/mini/karusel/29/ 9 KB
10 KB 1171ms
1166ms Image
image/webp 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://turkru.lol/uploads/mini/karusel/29/48e10d42b7c24c2611e6d189df0dbd.webp
Requested by: Host: turkru.lol
URL: https://turkru.lol/turk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0adc888ae38f8470a39c737ec1680b014c238e605622d09d2e0e24ce0dfe794f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://turkru.lol/turk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 15:17:07 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 27 Mar 2023 09:00:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "64215b18-2592"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zAiGBoRqOZmR6f%2BQPHI0kseNrjF2jbrzaKyJcfQ68lWrKeisztyXcP69OKhVR97%2ByPOM%2FzDAxpSC7e2R4fvwnOa4B%2BlQbFnrt0mEF%2FboebnFDMk9YJY5c9rt6fXMuKNhv6WD%2B35XDvmw"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7cadc8cc5ff29a39-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9618
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 ae872f01be9f9cc6241f2aac77646d.webp
turkru.lol/uploads/mini/karusel/77/ 8 KB
9 KB 293ms
288ms Image
image/webp 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://turkru.lol/uploads/mini/karusel/77/ae872f01be9f9cc6241f2aac77646d.webp
Requested by: Host: turkru.lol
URL: https://turkru.lol/turk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ed3462f8b8da9475ad34115bd39a3a1ec59b034810393a057ccf418b891d49d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://turkru.lol/turk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 15:17:06 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 20 Jul 2022 08:44:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "62d7c068-2030"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=izYhyQ4RBHbE7cx1LMVvPDp6pjFX3Q7XZ4zu4Q1ZrXUnsTIovJP9y1B7wqHvC%2Ft%2FlbLVxX9UhBGG5Q1Yhch4xs315NZzdDcejW0L55Se7TbpVyA8u%2BupyhWUOIJ%2BOgZVFDwV3ZMqzGzh"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7cadc8cc5ff39a39-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8240
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 ad6de8fdd54a5eec28923792974b89.webp
turkru.lol/uploads/mini/karusel/ff/ 10 KB
10 KB 293ms
289ms Image
image/webp 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://turkru.lol/uploads/mini/karusel/ff/ad6de8fdd54a5eec28923792974b89.webp
Requested by: Host: turkru.lol
URL: https://turkru.lol/turk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31f14f66e2bcdc5ba06f6c0512afd40d3f79fcaf743f51f7839e00beca2b84ba

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://turkru.lol/turk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 15:17:06 GMT
cf-cache-status: DYNAMIC
last-modified: Sun, 26 Mar 2023 01:00:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "641f9913-279e"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uKSWXQfz8jXoAtmEYcbTNA7v%2B2hrOaZzkJydR%2Bj6J%2F0x%2BYGzQ1jD7kgQ%2FAlcfyM4Aus5cIKMFydcELSfkVHG2Dr%2B4ixhEv%2F5aQFI1s%2B9gyQcXEQuaBHQhUeRsz78LeMfDPm3fDQpyqmB"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7cadc8cc5ff49a39-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10142
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 c401deb9547eafe95aa7f57d6e01a1.webp
turkru.lol/uploads/mini/karusel/81/ 8 KB
8 KB 294ms
290ms Image
image/webp 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://turkru.lol/uploads/mini/karusel/81/c401deb9547eafe95aa7f57d6e01a1.webp
Requested by: Host: turkru.lol
URL: https://turkru.lol/turk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 260192e89e077da22874c5bf5fbbea3f56ea1e60326344de7daac51e30371984

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://turkru.lol/turk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 15:17:06 GMT
cf-cache-status: DYNAMIC
last-modified: Fri, 19 May 2023 17:00:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6467ab2e-1e96"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=16uKnuvoScOfwbahhX7d9uNEbhm2hkqHrJO7CfK62YJ1dhTc5doAcUSvnmGj%2BHV0JnvpCAXWgT3aca4KEM6GkDozouYKS%2BA1weD6AR7C%2FGWave33TIp9vt7e6%2BAWMQmTPIswODfke095"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7cadc8cc5ff59a39-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7830
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 index.php
turkru.lol/engine/classes/min/ 2 KB
1 KB 1195ms
1190ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://turkru.lol/engine/classes/min/index.php?f=engine/editor/css/default.css&v=27
Requested by: Host: turkru.lol
URL: https://turkru.lol/turk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f55a11baf33fb17425e40acd9266d2277424db4e0ae3bf3c703418de8b13101d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://turkru.lol/turk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 15:17:07 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Fri, 05 Nov 2021 08:56:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"pub1636102566;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=snoy6z5tCwPhzv8wGuVLZ5Ictnae7HNDO7lUcmDX3bO%2F41QatjKi03qyQjX3oOVO86hbUCdogr24AUQY%2F5nTSDAY0ttxQBzLSiU3n1yHjdehITCGEiIDR3ZyH%2FeKPRJl%2FzADeDQ4pNr9"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: max-age=31536000
cf-ray: 7cadc8cc5fb19a39-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 20 May 2024 15:17:07 GMT

GET
H3 200 rocket-loader.min.js Show response
turkru.lol/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 35ms
30ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://turkru.lol/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: turkru.lol
URL: https://turkru.lol/turk

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://turkru.lol/turk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 15:17:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 18 May 2023 12:47:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64661e57-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hbE0ex1goay8XFSXJXN7UzaHMWoBmwM%2BhKUn2baFckQmnG3ZkJnhMH69fc4SKQseYyUwp%2BUxTeS6h710xa71ebpUllyHBxlJQ9ERYxDGL8FjgSQO%2BICa5tRYbvoPH75SNZdvVmm2YZ%2BU"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 7cadc8cc5ff69a39-FRA
expires: Tue, 23 May 2023 15:17:06 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 bg.png
turkru.lol/templates/turokserv3/images/ 2 KB
3 KB 46ms
45ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://turkru.lol/templates/turokserv3/images/bg.png
Requested by: Host: turkru.lol
URL: https://turkru.lol/templates/turokserv3/style/styles.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e42419b020fdc1dbba05b9e95042f08ea74578a1a7c9b167ac9431aaa90b82e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://turkru.lol/templates/turokserv3/style/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 15:17:06 GMT
cf-cache-status: DYNAMIC
last-modified: Fri, 05 Nov 2021 08:56:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6184f1a7-9d3"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E2rsE2NDZj7YkSbOq7XtN6ZVeM9G7J3LAEadi8M8%2BoizJ9Mn4lo8uBOd8j0Kt%2BBWafYd20ywrj2mpmzFPHPsG9J%2Bopt8YhO7LBcdvdQkLRl54V23JVImLMgJWraGgGCMPaQGCCKjSCSP"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7cadc8ce89f79a39-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2515
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 rating.png
turkru.lol/templates/turokserv3/dleimages/ 1 KB
2 KB 118ms
117ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://turkru.lol/templates/turokserv3/dleimages/rating.png
Requested by: Host: turkru.lol
URL: https://turkru.lol/templates/turokserv3/style/engine.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 087eeb6e7db9bbb5ca362b363a45204e915d3683a6ced5849cd88f3fede9450f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://turkru.lol/templates/turokserv3/style/engine.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 15:17:07 GMT
cf-cache-status: DYNAMIC
last-modified: Fri, 05 Nov 2021 08:56:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6184f1a6-4ee"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q0GR5TFES0vaFWL6hHd9vr%2FeVymHxv7MHTT56SCCC4xKU64NVqTK%2Bmm3uLA0OvMSYrpnyGDy8ad45ySEmomNq3ukYiDAr7PWHPs8mUSpWQ5N9gd3ZJhNVbp%2BnAQEnJ%2Fl23mH51gaz79H"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7cadc8ce89f99a39-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1262
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 logo.svg
turkru.lol/templates/turokserv3/images/ 3 KB
1 KB 120ms
120ms Image
image/svg+xml 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://turkru.lol/templates/turokserv3/images/logo.svg
Requested by: Host: turkru.lol
URL: https://turkru.lol/templates/turokserv3/style/styles.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3f5ebd86c172ae3839c014848b80a668a2f5c8251a3ff25192bf9e1614ac418

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://turkru.lol/templates/turokserv3/style/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 15:17:07 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Fri, 05 Nov 2021 08:56:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6184f1a7-a22"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sj0WvOMZzmANPSNDaAN2M28fUuuoszEsyX8YO668HwiWlP9EzrA0usjtrJpvzbCcZ%2Bef44p30EZSAz9mdg4fugVVhrPwHfb5Wg0QkWgPspUt2kpEwpH5Y4DllPLLh9llI0v5BwinpxL7"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 7cadc8ce89fe9a39-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 6aez4K2oVqwIvtU2Hw.woff2
fonts.gstatic.com/s/play/v17/ 17 KB
17 KB 71ms
22ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/play/v17/6aez4K2oVqwIvtU2Hw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Play:400,700&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6cdceb438e41ee07d58b7214785e14651205d8cc4b158a9a3ab988515f66c1cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://turkru.lol
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 22:56:21 GMT
x-content-type-options: nosniff
age: 58846
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17164
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:06:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 May 2024 22:56:21 GMT

GET
H3 200 fontawesome-webfont.woff2
turkru.lol/templates/turokserv3/fonts/ 75 KB
76 KB 56ms
56ms Font
application/octet-stream 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://turkru.lol/templates/turokserv3/fonts/fontawesome-webfont.woff2?v=4.5.0
Requested by: Host: turkru.lol
URL: https://turkru.lol/templates/turokserv3/style/engine.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://turkru.lol/templates/turokserv3/style/engine.css
Origin: https://turkru.lol
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 15:17:07 GMT
cf-cache-status: DYNAMIC
last-modified: Fri, 05 Nov 2021 08:56:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "12d68-5d006d05277c0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f0tfiV3nvgydQWopUg31Bq7m6o3YAi4HcJXbyJHZ7pT9UWK4TGBNe%2BYTmAL5sllrYhPb%2FuWswKzy%2Ft29qMIDFYPF9gMDY2VEp3sx2k%2B%2BurFJwxu6hxtB%2FvJFIOoJq6ho7BwxGspNVQ3E"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7cadc8ce8a029a39-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160

GET
H2 200 6ae84K2oVqwItm4TCpAy2g.woff2
fonts.gstatic.com/s/play/v17/ 17 KB
17 KB 77ms
28ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/play/v17/6ae84K2oVqwItm4TCpAy2g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Play:400,700&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

669ad8e27574eb5e9fcf9af7c0e103081d7e5be1ac28cd7c3d110591a8dfab88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://turkru.lol
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 15:35:20 GMT
x-content-type-options: nosniff
age: 85307
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17216
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 15:54:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 May 2024 15:35:20 GMT

GET
H3 200 styles.css
turkru.lol/templates/turokserv3/style/ 15 KB
15 KB 50ms
50ms Image
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://turkru.lol/templates/turokserv3/style/styles.css
Requested by: Host: turkru.lol
URL: https://turkru.lol/templates/turokserv3/style/styles.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://turkru.lol/templates/turokserv3/style/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 15:17:06 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 22 Feb 2022 12:41:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6214d9f9-8ee4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4vG75ACdoD7royqTB7TETvtpJ42lWHdWMFojmeYdfj1pjNkgjB62Pqs2ST%2FZqgGdYU7gtcUTNMMqXU7KGEspHIAIy7uaM6zGITGGIRsXe0loLdZYp2Uc5pERfYxoVQrKrf1n9lqawYXo"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 7cadc8ce8a069a39-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 6aez4K2oVqwIvtE2H68T.woff2
fonts.gstatic.com/s/play/v17/ 9 KB
9 KB 95ms
51ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/play/v17/6aez4K2oVqwIvtE2H68T.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Play:400,700&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f752b81dc0a3aa29edaa55262ebc397a6c947b15c1965698656f6f94162a787

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://turkru.lol
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:21:19 GMT
x-content-type-options: nosniff
age: 89748
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9248
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:06:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 May 2024 14:21:19 GMT

GET
H2 200 6aez4K2oVqwIvts2H68T.woff2
fonts.gstatic.com/s/play/v17/ 13 KB
13 KB 78ms
46ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/play/v17/6aez4K2oVqwIvts2H68T.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Play:400,700&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0f1198a2aeb9ec838aad16d47581277480ba751bb52a20e1c2776986c5d6461

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://turkru.lol
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 17:41:19 GMT
x-content-type-options: nosniff
age: 77748
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13672
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:31:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 May 2024 17:41:19 GMT

GET
H3 200 share.js Show response
turkru.lol/templates/turokserv3/js/ 97 KB
33 KB 1187ms
1186ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://turkru.lol/templates/turokserv3/js/share.js
Requested by: Host: turkru.lol
URL: https://turkru.lol/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 022471387b2a5bb26e0ab555cfd9d6d2d07018e3719fb5ca94e59e0f3f76b62d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://turkru.lol/turk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 15:17:09 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Fri, 05 Nov 2021 08:56:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6184f1a6-1837d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Jj4aWwQmuxnK09xq6BsqTk87uWwFQhB9GlMVlWrGSoJgXE4A%2Bwwy2%2FB8idl1%2FjlExB5gjigQg9K6xHrwSTNx6t%2F1eUXM2AFLyF93spRpzVpBgJMH32rUuMlwTamvaD%2BleEBFIx6ujvd"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7cadc8d3ffca9a39-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 libs.js Show response
turkru.lol/templates/turokserv3/js/ 48 KB
14 KB 515ms
514ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://turkru.lol/templates/turokserv3/js/libs.js
Requested by: Host: turkru.lol
URL: https://turkru.lol/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11dd06fece5523f80a795c4a5fb5fa666773d99a78b01dc010b1da6edca7808d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://turkru.lol/turk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 15:17:08 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Fri, 05 Nov 2021 08:56:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6184f1a6-c0b4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H8elyRZwDYLSem4jfxFq0XyhC25S%2BC16cvboZMfXj7ZJYkfEBf8l13XAZ7Cj0rDv9PojDCtzhHEvpZKltMCi6ZkF9AUUmesJsPkG50toI12Ll9%2BZ7ahmsDFQBe%2Bt1fX448nEsSxQ6X51"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7cadc8d3ffce9a39-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 index.php Show response
turkru.lol/engine/classes/min/ 130 KB
36 KB 137ms
136ms Script
application/x-javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://turkru.lol/engine/classes/min/index.php?f=engine/classes/js/jqueryui.js,engine/classes/js/dle_js.js,engine/classes/js/lazyload.js&v=27
Requested by: Host: turkru.lol
URL: https://turkru.lol/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33557640def8bb692ed385b23b4ff2c69afb4a83ce5d16d66ccdab77892b16b9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://turkru.lol/turk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 15:17:07 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Fri, 05 Nov 2021 08:56:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"pub1636102566;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=of60JlkzNvxITqqWKQuXB3%2BOAg5C92XUN2nF7gMB4l%2Bs1C1HBbkhI2bhS51BGVANSfdWqt4vUsGwmzJb1FkiOB9xJhI1CO2GYNUfYX%2FWcJQoYQz29cyMELLW8NuOPoX%2BCzFuZiq%2BsxJp"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=31536000
cf-ray: 7cadc8d3ffcf9a39-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 20 May 2024 15:17:07 GMT

GET
H3 200 index.php Show response
turkru.lol/engine/classes/min/ 84 KB
31 KB 1192ms
1191ms Script
application/x-javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://turkru.lol/engine/classes/min/index.php?g=general&v=27
Requested by: Host: turkru.lol
URL: https://turkru.lol/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://turkru.lol/turk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 15:17:09 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Fri, 05 Nov 2021 08:56:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"pub1636102566;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cO4NW2VUO40q9JLNhXPlmc2V6%2Bgdf9dI8XZ7Q%2BuoynX2BQyEkmdV8gpxMME81QPRPe%2BM3j9ZyRnTS3ZFUVoSQXdqfWxm1Yn3k2oCT3zL%2FCaaGRASkRsxXmTXLFS%2BXIUJQ4pY6CyTbbOP"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=31536000
cf-ray: 7cadc8d3ffd09a39-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 20 May 2024 15:17:08 GMT

GET
H2 200 context.js Show response
yandex.ru/ads/system/ 295 KB
86 KB 262ms
141ms Script
text/javascript 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/system/context.js

Requested by

Host: turkru.lol
URL: https://turkru.lol/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

cad9e42efafaf8deab9e5f8b733566f20e31379e14624e29b11945cfb2283808

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://turkru.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id: 1684682227973480-5278289404559992438-balancer-l7leveler-kubr-yp-vla-162-BAL-7803
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Sun, 21 May 2023 16:17:07 GMT

GET
H2 200 hbconfig.js Show response
cdn.adfinity.pro/partners/turkru.lol/ 6 KB
1 KB 47ms
46ms Script
application/javascript 2a11:27c0::93
EDGECENTERLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adfinity.pro/partners/turkru.lol/hbconfig.js
Requested by: Host: turkru.lol
URL: https://turkru.lol/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a11:27c0::93 , Russian Federation, ASN210756 (EDGECENTERLLC, RU),
Reverse DNS
Software: nginx /
Resource Hash: c094a8bd92c23305c5f30163b280313d8062af507b6b45b8a4833ae1e470abb7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://turkru.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-id: blt-up-gc15
date: Sun, 21 May 2023 15:17:07 GMT
content-encoding: gzip
last-modified: Mon, 10 Apr 2023 11:23:13 GMT
server: nginx
etag: W/"6433f1a1-18ae"
x-cached-since: 2023-05-21T03:21:44+00:00
content-type: application/javascript
access-control-allow-origin: *
cache: STALE

GET
H2 200 adfinity_1.1.js Show response
cdn.adfinity.pro/foralls/ 67 KB
17 KB 52ms
51ms Script
application/javascript 2a11:27c0::93
EDGECENTERLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adfinity.pro/foralls/adfinity_1.1.js
Requested by: Host: turkru.lol
URL: https://turkru.lol/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a11:27c0::93 , Russian Federation, ASN210756 (EDGECENTERLLC, RU),
Reverse DNS
Software: nginx /
Resource Hash: 8757d4316ee181c5609654bec7d8dfd07b54f32003cdd878a0a0a8d3beb09cd4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://turkru.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-id: blt-up-gc17
date: Sun, 21 May 2023 15:17:07 GMT
content-encoding: gzip
last-modified: Tue, 07 Feb 2023 06:31:58 GMT
server: nginx
etag: W/"63e1f05e-10a21"
x-cached-since: 2023-05-21T13:47:32+00:00
content-type: application/javascript
access-control-allow-origin: *
cache: HIT

GET
H2 200 header-bidding.js Show response
yandex.ru/ads/system/ 115 KB
34 KB 184ms
63ms Script
text/javascript 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/system/header-bidding.js

Requested by

Host: turkru.lol
URL: https://turkru.lol/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

27d7e2287ad69345b444dd8a3061d25d97fd58b1c9c0fc5e8baf3e4b9f0f70ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://turkru.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id: 1684682227973841-1674351675619385123-balancer-l7leveler-kubr-yp-vla-162-BAL-5345
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Sun, 21 May 2023 16:17:07 GMT

GET
H3

200

invisible.js Show response
turkru.lol/cdn-cgi/challenge-platform/h/g/scripts/jsd/7fe8adc8/ Frame FA86
Redirect Chain

https://turkru.lol/cdn-cgi/challenge-platform/scripts/invisible.js
https://turkru.lol/cdn-cgi/challenge-platform/h/g/scripts/jsd/7fe8adc8/invisible.js

28 KB
13 KB

28ms
28ms

Script
application/javascript

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://turkru.lol/cdn-cgi/challenge-platform/h/g/scripts/jsd/7fe8adc8/invisible.js

Protocol

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b5be45a060c3eca9cb98b8690d182f8de1ec6a6e88fcf016d12c4615db36af6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 15:17:07 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R5DkrxZNXugJxMp83dPitHXoGqUtNT1t3TwZEUZXsLyjx%2BXu7NYc%2FrVx9sqwttWRjLDznJqrTRBRrL1RyK7BqqDjY%2FDGsdj0ejdzxrzKG5FNsCqhSZXtHTwNVxBtdZYvzkDBXptUoXqV"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 7cadc8d4380f9a39-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date: Sun, 21 May 2023 15:17:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RcwUI4aZ2r0dUj9SG7MTNTH17bJXMY%2FlSi3BdjlJ2SF9nkF6E45BMv%2Bj3cUJjJ7SLp9XaeZTS53dKzzPHDXKLnj45GQMe8MicmeJni00DwA%2FsG2Hodp9jw3Pdspsms9tMKwejWVrAVzh"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/7fe8adc8/invisible.js
cache-control: max-age=300, public
cf-ray: 7cadc8d40fdc9a39-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 pica.js
turkru.lol/cdn-cgi/challenge-platform/h/g/scripts/ Frame FA86 6 KB
3 KB 26ms
26ms Other
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://turkru.lol/cdn-cgi/challenge-platform/h/g/scripts/pica.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26fc047e00a872223bef48b57210bd28631ba1ae236d39aa1396c9b500e6e3fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 15:17:07 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PydqLb4vpS4g6hRZBDpO4q3Jnn1ofLXpeSjuZnmGc1P8agCTyL7lRsMTBFK332H9eb%2FNsZkb0ro3VeaXNGR2V8c0eWi4Zhj1P0w0zDi5IDJfMgMiazPHQulpVAeuKICvEot55bDOwx21"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 7cadc8d468639a39-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 200 7cadc8cb782c9273 Show response
turkru.lol/cdn-cgi/challenge-platform/h/g/cv/result/ Frame FA86 2 B
627 B 42ms
41ms XHR
text/plain 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://turkru.lol/cdn-cgi/challenge-platform/h/g/cv/result/7cadc8cb782c9273
Requested by: Host: turkru.lol
URL: https://turkru.lol/cdn-cgi/challenge-platform/scripts/invisible.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 21 May 2023 15:17:08 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GB6br4zfuYMbgSZTpJfaWFHj7b5n5uXDjmQ13cYioeSiAlmWxu3fDfEHqDY1as%2FJMqmWS97wXxv%2BUBV8Jmh7ROq2i7F51kbdRr1qA6Sc9zWBHdOTxn0EQWBDueStxiHelknAV%2BFJBoXq"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 7cadc8d5a9a69a39-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 getcookie Show response
matchid.adfox.yandex.ru/ 87 B
271 B 210ms
65ms XHR
application/json 2a02:6b8::16b
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://matchid.adfox.yandex.ru/getcookie

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a02:6b8::16b Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

747cac8d8f9d1725849aa8741089a4c58bafddc8619c80a9341894af23f7bbad

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://turkru.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin: https://turkru.lol
date: Sun, 21 May 2023 15:17:08 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
timing-allow-origin: *
content-length: 87
content-type: application/json

GET
H2 200 839772edf4820974064b.js Show response
yastatic.net/partner-code-bundles/773586/ 9 KB
4 KB 51ms
13ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/773586/839772edf4820974064b.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

10bd73a817c1fef28c5c838ebe72787de5f991a7059ab940566bef8ed0689644

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://turkru.lol/
Origin: https://turkru.lol
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 15:17:08 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 3560
last-modified: Thu, 18 May 2023 11:43:39 GMT
server: nginx/1.17.9
etag: "8436817e477ac22a2e22ae5177cf88d7"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Tue, 20 May 2053 21:50:58 GMT

GET
H2 200 1fbfe30e3f67060b7141.js Show response
yastatic.net/partner-code-bundles/773586/ 30 KB
9 KB 61ms
23ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/773586/1fbfe30e3f67060b7141.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

04cb71d9e236a499a24e103f9fde96ddc163303263fb4c9444c878cc94ce477f

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://turkru.lol/
Origin: https://turkru.lol
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 15:17:08 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 8568
last-modified: Thu, 18 May 2023 11:43:38 GMT
server: nginx/1.17.9
etag: "a1b4c6934472c9e585403aff2652fe29"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Tue, 20 May 2053 21:51:23 GMT

POST
H/1.1 204
No Content bid.cgi Show response
pb.adriver.ru/cgi-bin/ 0
298 B 319ms
79ms XHR
text/plain 195.209.111.22
ADRIVER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pb.adriver.ru/cgi-bin/bid.cgi
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.209.111.22 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://turkru.lol/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://turkru.lol
Pragma: no-cache
Date: Sun, 21 May 2023 15:17:08 GMT
Cache-control: no-cache, max-age=0, must-revalidate, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 adjson Show response
ads.betweendigital.com/ 11 B
891 B 310ms
100ms XHR
application/json 96.46.183.20
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?t=adfox
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 96.46.183.20 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://turkru.lol/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://turkru.lol
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

POST pl999
ssp.bidvol.com/rtb/ 0
0

POST
H2

200

adfox Show response
exchange.buzzoola.com/ssp/
Redirect Chain

https://exchange.buzzoola.com/ssp/adfox
https://exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t

11 B
500 B

31ms
30ms

XHR
text/plain

148.251.156.238
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t
Protocol: H2
Server: 148.251.156.238 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.238.156.251.148.clients.your-server.de
Software: nginx /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://turkru.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 15:17:08 GMT
server: nginx
serverid: TODO
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://turkru.lol
access-control-expose-headers: Set-Cookie, Etag
access-control-allow-credentials: true
access-control-allow-headers: Set-Cookie, X-Alt-Referer, X-First-Party-Cookie, If-None-Match
content-length: 11

Redirect headers

date: Sun, 21 May 2023 15:17:08 GMT
server: nginx
serverid: TODO
access-control-allow-origin: https://turkru.lol
location: /ssp/adfox?set_buzzoola_cookie=t
access-control-expose-headers: Set-Cookie, Etag
access-control-allow-credentials: true
access-control-allow-headers: Set-Cookie, X-Alt-Referer, X-First-Party-Cookie, If-None-Match
content-length: 0

POST
H2 200 yhb Show response
yhb.p.otm-r.com/ 11 B
249 B 203ms
59ms XHR
text/plain 194.55.244.184
PROCLOUD PROCLOUD...

General

Check archive.org

Show headers Download Go to

Full URL: https://yhb.p.otm-r.com/yhb
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.55.244.184 , Russian Federation, ASN34959 (PROCLOUD PROCLOUD MSK, RU),
Reverse DNS
Software: nginx/1.23.2 /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://turkru.lol/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://turkru.lol
date: Sun, 21 May 2023 15:17:08 GMT
access-control-allow-credentials: true
server: nginx/1.23.2
content-length: 11
vary: Origin
content-type: text/plain; charset=utf-8

POST
H2 200 adfoxhb Show response
hbe199.hybrid.ai/ 11 B
266 B 192ms
60ms XHR
application/json 37.18.16.6
HYBRID-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hbe199.hybrid.ai/adfoxhb
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.18.16.6 , Russian Federation, ASN205675 (HYBRID-AS, DE),
Reverse DNS
Software: Hybrid Web Server /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://turkru.lol/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 21 May 2023 15:17:08 GMT
content-encoding: gzip
server: Hybrid Web Server
content-type: application/json; charset=utf-8
access-control-allow-origin: https://turkru.lol
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-mode: 10101
content-length: 31
expires: -1

POST
H/1.1 200
OK adfoxhb Show response
ssp-rtb.sape.ru/ 11 B
575 B 194ms
64ms XHR
application/json 193.3.184.214
QWARTA

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp-rtb.sape.ru/adfoxhb
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.3.184.214 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
Software: openresty /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://turkru.lol/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 21 May 2023 15:17:08 GMT
Server: openresty
X-YaTraceId: e4d5f309e0b5492a836082029ad5c811
X-YaRequestId: 12742549bd1b44e7bf639c603e88cb8d
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: https://turkru.lol
X-YaSpanId: 4b452c5c46153849
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 11

GET
H2

200

match
ads.betweendigital.com/
Redirect Chain

https://ads.betweendigital.com/sspmatch?p=42565&r=${CACHEBUSTER1}
https://ads.betweendigital.com/sspmatch?p=42565&r=${CACHEBUSTER1}&crf=1
https://x.bidswitch.net/sync?ssp=between
https://x.bidswitch.net/ul_cb/sync?ssp=between
https://ads.betweendigital.com/match?bidder_id=43092&gdpr=&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dbetween%26expires%3D30%26us...
https://x.bidswitch.net/sync?dsp_id=429&user_id=8fa756dd-cdb1-538d-8ba4-eb77efcede83&ssp=between&expires=30&user_group=1&gdpr=&gdpr_consent=
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=05a4d2ac-9314-4b72-8864-cb742c682ddf

68 B
598 B

101ms
101ms

Image
image/png

96.46.183.20
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=22&external_user_id=05a4d2ac-9314-4b72-8864-cb742c682ddf
Protocol: H2
Server: 96.46.183.20 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://turkru.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

location: //ads.betweendigital.com/match?bidder_id=22&external_user_id=05a4d2ac-9314-4b72-8864-cb742c682ddf
date: Sun, 21 May 2023 15:17:08 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

match
acint.net/
Redirect Chain

https://ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D
https://acint.net/match?dp=14&euid=2B03420AF4356A64C902F58A0258CE69
https://acint.net/match?dp=14&tc=1&euid=2B03420AF4356A64C902F58A0258CE69

43 B
269 B

23ms
23ms

Image
image/gif

167.235.177.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=14&tc=1&euid=2B03420AF4356A64C902F58A0258CE69
Protocol: H2
Server: 167.235.177.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz2024479.sapientru.net
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://turkru.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 15:17:08 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: /match?dp=14&tc=1&euid=2B03420AF4356A64C902F58A0258CE69
date: Sun, 21 May 2023 15:17:08 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: text/html
server: openresty
content-length: 154
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2

200

sspmatch-js Show response
ads.betweendigital.com/
Redirect Chain

https://ads.betweendigital.com/sspmatch-js?p=42565&randsalt=1253054506
https://ads.betweendigital.com/sspmatch-js?p=42565&randsalt=1253054506&crf=1

827 B
1003 B

102ms
101ms

Script
text/javascript

96.46.183.20
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/sspmatch-js?p=42565&randsalt=1253054506&crf=1
Protocol: H2
Server: 96.46.183.20 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: e0faa732f90904cc34bbaedb95878ae36cd28d4596f8238b56de987bf65aa5f7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://turkru.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 827
content-type: text/javascript

Redirect headers

location: /sspmatch-js?p=42565&randsalt=1253054506&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?t50.5;r;s1600*1200*24;uhttps%3A//turkru.lol/turk;hTurkRu%20%u2013%20%u0442%u0443%u0440%u0435%u0446%u043A%u0438%u0435%20%u0441%u0435%u0440%u0438%u0430%u043B%u044B%202022...
https://counter.yadro.ru/hit?q;t50.5;r;s1600*1200*24;uhttps%3A//turkru.lol/turk;hTurkRu%20%u2013%20%u0442%u0443%u0440%u0435%u0446%u043A%u0438%u0435%20%u0441%u0435%u0440%u0438%u0430%u043B%u044B%2020...

140 B
626 B

53ms
53ms

Image
image/gif

88.212.201.198
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;t50.5;r;s1600*1200*24;uhttps%3A//turkru.lol/turk;hTurkRu%20%u2013%20%u0442%u0443%u0440%u0435%u0446%u043A%u0438%u0435%20%u0441%u0435%u0440%u0438%u0430%u043B%u044B%202022%20%u043E%u043D%u043B%u0430%u0439%u043D%20%u043D%u0430%20%u0440%u0443%u0441%u0441%u043A%u043E%u043C%20%u044F%u0437%u044B%u043A%u0435%20%u0431%u0435%u0441%u043F%u043B%u0430%u0442%u043D%u043E%20%u0432%20%u0445%u043E%u0440%u043E%u0448%u0435%u043C%20%u043A%u0430%u0447%u0435%u0441%u0442%u0432%u0435;0.992657488034032

Protocol

HTTP/1.1

Server

88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host198.rax.ru

Software

nginx/1.17.9 /

Resource Hash

cc0fea61dfa11909288040eeab295caf899cbf5d8ce7d07649519db384198df1

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://turkru.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 May 2023 15:17:08 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: image/gif
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Length: 140
Expires: Fri, 20 May 2022 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 21 May 2023 15:17:08 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: text/html
Location: https://counter.yadro.ru/hit?q;t50.5;r;s1600*1200*24;uhttps%3A//turkru.lol/turk;hTurkRu%20%u2013%20%u0442%u0443%u0440%u0435%u0446%u043A%u0438%u0435%20%u0441%u0435%u0440%u0438%u0430%u043B%u044B%202022%20%u043E%u043D%u043B%u0430%u0439%u043D%20%u043D%u0430%20%u0440%u0443%u0441%u0441%u043A%u043E%u043C%20%u044F%u0437%u044B%u043A%u0435%20%u0431%u0435%u0441%u043F%u043B%u0430%u0442%u043D%u043E%20%u0432%20%u0445%u043E%u0440%u043E%u0448%u0435%u043C%20%u043A%u0430%u0447%u0435%u0441%u0442%u0432%u0435;0.992657488034032
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Length: 32
Expires: Fri, 20 May 2022 21:00:00 GMT

GET
H2 200 9941158ee98d722e32ce.js Show response
yastatic.net/partner-code-bundles/773586/ 14 KB
5 KB 14ms
14ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/773586/9941158ee98d722e32ce.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

30f17fdecea05c16ec978c460f68fed81cf42b36f666aee1e927d75d6bc7e383

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://turkru.lol/
Origin: https://turkru.lol
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 15:17:08 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 4771
last-modified: Thu, 18 May 2023 11:43:39 GMT
server: nginx/1.17.9
etag: "f52a8cf78d046ea95aa94da54142f793"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Tue, 20 May 2053 21:50:52 GMT

GET
H2 200 5a20c1ed6aa62ab75c58.js Show response
yastatic.net/partner-code-bundles/773586/ 114 KB
24 KB 17ms
17ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/773586/5a20c1ed6aa62ab75c58.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

2e545c30b6faca9e196b9f01beb30efbe95ebfe02b0cb8bda1bab30910fb5d11

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://turkru.lol/
Origin: https://turkru.lol
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 15:17:08 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 24228
last-modified: Thu, 18 May 2023 11:43:39 GMT
server: nginx/1.17.9
etag: "5ac13d94910d61574d8f45c747f9b908"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Tue, 20 May 2053 21:50:53 GMT

GET
H2 200 host.js Show response
yastatic.net/safeframe-bundles/0.83/ 33 KB
9 KB 24ms
24ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/host.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://turkru.lol/
Origin: https://turkru.lol
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 15:17:08 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 8878
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
server: nginx/1.17.9
etag: "f80882bf67cf261aa08d636da095149a"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Tue, 20 May 2053 21:51:48 GMT

GET
H2 200 text-variable-full.woff2
yastatic.net/s3/home/fonts/ys/3/ 25 KB
26 KB 25ms
25ms Font
font/woff2 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/s3/home/fonts/ys/3/text-variable-full.woff2

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://turkru.lol/
Origin: https://turkru.lol
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 15:17:08 GMT
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 26004
x-amz-meta-owner: {"role":"admin","login":"4eb0da"}
last-modified: Mon, 25 Apr 2022 14:02:39 GMT
server: nginx/1.17.9
etag: "7f0cdaf91230f9789ca4162aedff612e"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31556952
x-nginx-request-id: 1e7176bc4e82140b
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 20 May 2024 21:05:54 GMT

GET
H2 200 5a7f739e3395665baef2.js Show response
yastatic.net/partner-code-bundles/773586/ 23 KB
8 KB 14ms
13ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/773586/5a7f739e3395665baef2.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

c71d59ff8b742c227151b438445875b4b36de6614aebe73f404247cb3ec7b68a

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://turkru.lol/
Origin: https://turkru.lol
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 15:17:08 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 7923
last-modified: Thu, 18 May 2023 11:43:39 GMT
server: nginx/1.17.9
etag: "1df06f12f8a24bf20c243b6c68544837"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Tue, 20 May 2053 21:50:52 GMT

GET
H2 200 9229cae8a774cd8e6842.js Show response
yastatic.net/partner-code-bundles/773586/ 7 KB
3 KB 14ms
14ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/773586/9229cae8a774cd8e6842.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

6a0e2414f257039e674979ef297cebd0ddabe4f162a15fbc79ac787245bd5504

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://turkru.lol/
Origin: https://turkru.lol
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 15:17:08 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 2076
last-modified: Thu, 18 May 2023 11:43:39 GMT
server: nginx/1.17.9
etag: "b4170c385a640e62ab139b0a9eadc1a9"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Tue, 20 May 2053 21:50:52 GMT

GET
H2 200 06d5cd35c9ce0cc744aa.js Show response
yastatic.net/partner-code-bundles/773586/ 619 KB
118 KB 15ms
15ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/773586/06d5cd35c9ce0cc744aa.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

f719696470a011899151234c69dbf873ecbb846af87845c57f0c4124c52e9dd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://turkru.lol/
Origin: https://turkru.lol
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 15:17:08 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 119693
last-modified: Thu, 18 May 2023 11:43:38 GMT
server: nginx/1.17.9
etag: "f545e85ad3b8b36200c05d9d3b1b2763"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Tue, 20 May 2053 21:50:52 GMT

GET
H2 200 2122350 Show response
yandex.ru/ads/meta/ 27 KB
13 KB 244ms
244ms XHR
application/json 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/meta/2122350?target-ref=https%3A%2F%2Fturkru.lol%2Fturk&charset=utf-8&pcode-test-ids=769368%2C0%2C64%3B764544%2C0%2C90%3B770129%2C0%2C26%3B773672%2C0%2C68%3B771762%2C0%2C59%3B774070%2C0%2C81%3B771976%2C0%2C44%3B767668%2C0%2C91%3B755255%2C0%2C52%3B765109%2C0%2C99%3B767363%2C0%2C14%3B765112%2C0%2C46%3B769224%2C0%2C10%3B769629%2C0%2C7%3B764267%2C0%2C64%3B766403%2C0%2C95%3B773586%2C0%2C6%3B681850%2C0%2C47&pcode-flags-map=eJytWV1z27oR%2FSsdPd9J%2BQmKeQNJUEJFEiwAWlHu3MEoia6jju10HOc2TSb%2FvQuAkkjJBu2kLzZFaw8Wi909B%2BvvsysslFiytcKFqnBGKlUyrmijMtw0hM9e%2F%2F599tf25stu9nomeUdmv80edp8f6Af4jFAYRsnsxx%2B%2FnWBazooul0KxRrW4E8SJkPhpFFoE0uCsIorkrD6BVFRI7cwVLQjTD%2FDXjCnM6xHs7uu%2Fz1DjMDaoBRUGNmddIxUnBeUk15C4bd2eBV4UBce9wUZU3VWSclZVgNZI%2FUC4WmOZL0mhJK2JYmUpiHTjhoGXnMVMUgku4qZQGSs2%2BiRazHFNJOAXpMSw7gizxJUYg0ZJhE6gnEi%2B0QfQELlmfKUI58x9lEmMoiQ9IvSHIXIMPyu6gseOX5ENIK7BJUEXjRsOeUmYXMD9CoaQBuOKcEHZ2DJJvHkYjWyTEPWZ2TW0YriAUOrExvXo2B%2Fuv%2BwGZlEwD1PPmsGBC2Eq4czmPNsGRnBygpBGsUwQ2Oo45Lu77bub3cgyREFqvSzpG1XDWktCF0upGuleMorD1DeGG0gb8kbxThWsxrRxmcVeEoTouF7G2QqchbXUgtPCaekn8Rw9uqCCEpOcZk7zwPdQZMzfkiZQZQdFtKaFXCpa4wVx2kZ%2BNPdOtoeKzhjXh8pxQTvxt2cibLD22zqscLXGG%2BG2DJM%2BzkXZQl2JljWQGLrYWTcuysDzvLFt5IV2z23OCt2CwLSR7vVigOlTqWQQZaJz97CeIm%2BcaQFLJklwaU5L3VPWuoggO38G4eDAFa660WmF3uPWFcG8UTXjULGYU3y272C0aOx5fZRbThmncqOyDfR8sm4ZdwcMJaivvUNe9B0%2BF9xpmPrJfJCRVKgcQ5eUCuc5nJJwdIk4DWPfH9maLBaQ0nKpw9TioqDNwg0SxZH13HATpLLctESFbq%2BjeRIPjqfmOcRJ0IxWEDX3cmmCnrTUZJFXNF9NrH7AMFRoFYKCBltSYECqN1Hi3F3N6Tzo6c%2F60YNYgpfMkF%2BFNxnOVwOadUEiL4jCYHQcS2IaPtD9Jc2cW%2FtxgOw5aF7ipIQqX6qKLWjutpuHfUsDN0vKa52znDQHpmk5ydxNFUFXDPxR8gLrcMgkkCogKiACulGKnGtOEcJZ%2B8hP%2FSgaKqkzzdQLCXhR0oZKAkmar0B%2BOOsLRbGH0MhFUWMu1T870hENPuVWjBCKjyQulxz0zplnRp3oDKQN9BcKHFpNeJX4SX%2FiIFAqMO3jjktdR7TU4kkZ1ncfQDJPUXqk%2B5JTgKk2ytpr5m%2FdmxvbZysl6Ftn%2BiOUhv0pDSyESZhxVNzrppGXHFGg1xYawamJEZpHyD9fWdWgiLF7rSDwbKwHyaj1gtZwK8ncEZqjyA8PVQK0C6oetgpJo0AHWx1g%2Bo6l9MsrxwVeMg8vdyEX7j3AMc39YW2cJOgjoTdtfOqOgdIA9aLCVoRY0VZJbvrWVCdFKVx7rPHZ0mXFtEotesk8ATLvq%2BApEJNcI4w%2F91%2FV7far%2BrjbX398eALO3I7UimQ4UyAUnVctDxhpVIq2mtdLyJJBwjTArKZPLjroyirr9GUsJ%2FTKXaGJ70U94XGubIOWHSgLW%2Bkm0KapdIvlxEUTkGypVvjtxjQHZXTZ0Oz77M%2Fdw%2FuP9fb%2Ben83e%2B3HoG5uP73b3%2BzE%2B%2B3N%2Fu569jr4MUKNgc4GSWDbIsg0lVU6E%2FT9dbjA77Pb7f7m1f0X8O2%2F27sPu6%2Fw%2FPf97fZ693n06np7a958%2BLa7s1%2Ff%2FrV%2F%2BGQfb18NPny42%2FdvNfIRAV7cb7%2FdfPr2sf%2Fzt3v7%2B8v99tXd7j%2BfL77wr%2B2n270x%2FePxLQ4r7nS07uNDhzwfGev8xBMHD5a2ZBssIU2gU%2FFF36%2BUxAunbgd2CAbNriSQcpzgXMLNccIwDr3gUp7QpgVa1vrkheIE7qEhmj8JOGhH0D%2FcsTwhCSKPdG5gmq7OJvyI%2FTCxJ2GmMmYCApbAuhnJLd0ZOejuOQCTePHxBqn7OMi%2F8zK6sEKB5w%2B0EvQAO5SBjqFj6bYNge6N7QKsAvC42rgN5mk%2FNhDATmZyAwGTWo%2BrbJGzirkjheCqa1MA1FFXFUrfBzjppzRmQqOlAQi%2Bl7F2kgBp%2B0Ng45rcVGTRAcovo75kglYyphsoLnCrq2u0wvuHm3FA0kPiaQlXsWYBFYwXqt8FcAVoJkt%2Fegh2cUd8ZF4FurKXQUdI3TQNLLieEyHgvAAKnH9TV%2B7Wnnh%2BkD4fTOt00HlKbCAQ1YSjP4ENdz9VU%2Fs%2Br5jQdKdlwRkT%2F1%2FWIo0ZLXS8Es%2BNES5EsTqfTel5WRKMLcybc%2BWWM6E7oNpgBYS3IprGAcwp102K9lddIew9Ebhjuncm%2FuG%2BObKBxMMFXCMK5p4CP2luJLedtI0A3u2vXwBg5lfPtNcNvr%2BU6vJ%2BJnuiBB0K76x6T8KqL%2FrBG9Zqmuu%2FXDP3EnEcxPHEEpJ1%2BdI0qwwqW2s3qccF04009r3057H19yvcFCLH7QS9PGOh%2FrLyS9sYFoK%2Bxx7mC%2BAmX0z0UE3fz4qFUcq6bWhuFlKrSk7%2BQXI5oZTBTT84Z5d%2BSMqgRHXVvpBa4I4THGibm6kal5layrOGfGmGgsuAmRGZ1X%2BnKR8FAcAwn9hZFPT%2F3DCC%2FZHepWfT495lp9U%2F%2FgcfuOlB&pcode-icookie=v7ivHypBl80%2B6hluLQlCBz6L139BwrFRogPAOtLN4Wn%2BhOef6LyO%2B%2BnbiNK0iloCS2y1eMLjuauz9dUXiGqvO9K%2BFkI%3D&imp-id=4&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=256186209271810&ad-session-id=9045891684682228260&target-id=82589870&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fturkru.lol&top-ancestor-undetermined=0&pcode-version=773586&pcodever=773586&flash-ver=0&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.6%2C%22supportHDRBrightness%22%3Afalse%2C%22isInIframe%22%3Afalse%2C%22w%22%3A258%2C%22h%22%3A0%2C%22width%22%3A258%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A271%2C%22top%22%3A1776%2C%22ad_no%22%3A0%2C%22req_no%22%3A0%7D&grab-orig-len=5120&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjozNzF9ChKjpLDjqO2BCFCXDsP84Xccx93cJg6ZqLVbapOYWqrrUuWXXzqjU0YHCfu8kx16enIc124cO45LBEe1MD8_z8gBvTCgJ6BNqqAqFjSjc2jyaNPDJz8WLBitqhhUECtWLFrEGj0tUk0KEBpQUqFaSCWkCRRC2IEskAeKVEi9gNMsUGEgFVKkbGjY2NJAFIgD6WoTBOJ0gQpTIc1CSb2KZAtTkgpJA0IhxQKuSAPVQkAd4I8CoXrViNJAmQrhBKKVSiQELVCsglUWCilH3apWBgq01gAYyHAcb6FWU7JSqC-7Wkju4A1atgB6C7C6ihUvHF2QVg5J6RAvQNnogXL9MItAvBy-GuhXuZAFyhVtxYM9HFlRKQYWqAPxCCQkTQNQFyia7Xx49iyPklEN41CMZIrl5nZ65V4dqNcnXolWb6UhGD2gh0XbteViQCKk2v5tw-TL2xaceoTeZgFye7iMGYVyIU2WUhSohFQB0Uo24m7XIEgDmAuEdIHoLgVQBjAh-aomWlWrx53brOAtoJIzaBVQCSm3gi8y3rk8BT4nabqpUxrRcm55hT_dFiwqWhY6rclsYaGLE0YLizbSmmMLZswuFvbmJ4sp1iapMTHF4HMyxjomfYRIGxmMnCmTwaiNjVrwOQOYK7Bqqj08XkgEW_gaKBco8bvgYKEQjpOFo2zYZ92-N8OUDnYSDDMIN9dWgqL205tOTGWlyTL5iQ3iZRJPeaF3ea-awJ6iQBhrtx32FEmsY4zgRvZ062-gtaJEiYZ3kwGPjL_Dw5XKj6sVd6d4t0V-rYAwPe9IJlGe9OH2Xx7IOdmd3aGN4SEw6Bl1rgZBEaAU-JnNnZF4ppgrq6dJtm4TyVsaQnrST_-taCBEwysvcaTg01_2ptXMBkZ4FhbGCGHKZE50OvA5EegTRJxObWazgYk2Zdo-xvqUAb6NyWB2qF993QIRJ3qGCP7CNSWRMcMsIBpmQZLS6yNGm5ZOY2J2yKuLtLFtqLsT8oWpXYV0rBbsPu1tM6sFrWDMJsj3xk9Nt6xTkNdYsle16qf-k2miEZVKCMsvRV_A3tVcUC4X0cop_aWs6JdqYIb-BxE8IZQrsHT4N3LbV3lBRDzspXx2jpgr-x5NsU5I2kkibu5RnII2dTh9phrOj-DTMbI55GnRPvhob5tXbKqFTbqiiq-B1zFzpAHwmxhZCFj9qcoHz9GlfKTv6p9Cjc4wceTddp4Sq1a1dLQmUdTd2oUxyXHmi67nprS_9Qmzm-L2pmTyM-Vsly5kpEKyLclQ0NNV8QJAlj4yUlRjxM256ehFOlNJRrpAbn_6ThE3fXPZRljVz58k738nTEEKkS8Tv--94ptkPgTOI4N86yP5O8qrswNvlcmq-ef19geka9Kc3S1T-Ezc8hE9v1v_McXPStFbPCF00k8xWSCvYq8o03OSM1pZZekUe0emcSvPvPWTSvlsmRJcWOpVAMvf2wR-EkszIERnpXi3OJl9fs6jcjkIi_svhoJtZXtkE_Z-neo629c5TNlZvANcYfdzdho18o_QlS_SLsPItm2EMYA0tSQ8J8gyu0fJJP7y-BRhAreQ1F4D1xP-1NYvRTPsdW8leyyyzpQ3tqo3dJNg2LtdzwmrfPq8NGlRlMkeSTNG-tKD1iHf_kSaEvr095lMNeWZkVay_dvn7aVZjEf3JzXFTLPRF_da6-i93QZugZz6yB6pfuFifzKrD__9fR3OHHnTutGTVIYoHljD1hV16qVv6OQjib-TqLsFroN_WhFXioT2_DezTjKNffo4kvmDX9QZ3kGQ8KKTnpq4RE3PLOmM-7ndBxghxbKD1z6dbH6yTZ3Eh6l8zyYwE9SWGV4NuybnSM71fj-CWkNC0OcvNsskxf1hTm1__OeG-o82aUT5w1AVGfvsmMyRe4zHb-K_H11FvEd7UfOJx8_mX9kBCCFprNZRk1wE97H0uVDnC3e2-RH6fMttlAy5fDgGqK268qVrXh5-BefzcYGA9CkFme3xwx26StyxqUSYc3AkvjLHkJ61HTdpqi0z5-YlSTpqOdnTx9K55Xq0yhw4p7fy3HpJx5vhu-qsX0jeAclD0MBexbKHyZ5R4RO7ovA_wjXF5xS_wcWPOlOEuS2lKyo3zRxpfhZ-SD_z82FfTeiHWcH3WcVU-a_-EWTfua97F0_21G4CYSf6P20UzbnOB4trT1c1Wm2mXqetzu1fYX3LRjZVPsn5W8o9EJxRKsu2sCUnZTlzoGEe_pxOv33HwqGQfgjwSBw1LX-Syi8S4slzF7smye0OChz2_5f3v4XCrx0_m3WbzoGWhX3nkmMp0Rn0Wp1t9sjMF3MM36Y3IJi1ZM2qjYYeIjjmPN-dZLV4XPQAdHLMWyEIIi2dzZToaDn5lNoiE326AG3MBvgOOAN9M25mASKdzRwZR_oWiEeTbdoY_qyDZLvNZhHwSy9H2BayxAmh1mBjSBBycpNuiO6CHGEcXserp0OUGC0BcLUO5c8hKQQs7NdIwdEn5ijmLZEgBNB78LsgS4yJOUWGB1RQXWRGH4qNOW4HvIv0F6a29FD58mkTrUaHitOC0s_vzTIwIS89GCU0pPORxy17PHPPW25SpgusalUtyR7Y8tf6UsIokjFhBelP76-rHODS3pl9t8TPkx_S96SLmNrpoBpycQe1_EsTQNz0ROQIQzPiYV39A9HbtZ9NPlOnNtPQVcrDHYoxFLB9lcR5p5QY_dQDnfgVkpdf2Seic3Rp8kiq_f0TOZ15g4k7pBX5aCIq2cvTBCllWkTkfsWGwklDudN2ZoNWazC5DpjX9esTbWSkX1gac9bVGCOtzdcwRz45QKPXx0YPrhUNGhZ2czSql8748lltI__COd3hrZ6t1LNxVc9a6lm5qoe41EPMVT3qUo_aU8-uMVsg00iEBm2sWzbG43m3VtJkeBG90aCPbbrYHDONMBD52ULyE-0QqOSTilmzhTd6L8fnc3V-CV51wvx3wu_4wJ4zAcweUYKI1ojrK0GiTfSIAYurL0GBMB7HDLd_YWV13ovvfcRMhwPw4pP6JKb8SOpjhzeh-zuy1lF2lzax6Q1W_S9kPvlMLOgh9sgyK79_Dvdo_V3qIRX--JqR3F-jGr_41Q3VVpYf1NaxXdTEsu9Iyo-osO4I5Cblqk64DU_qIUjLcwu7cLebo4Q1EeXl9m1y2Z3mhe1dJOcm_xB9DoXlWXQyIVyBoI5Qks5kTP4vEGKgg2Fj5X0wIUa_GJ74bdjzL0Aw7s5J6CNc_wtipIituHoYJLEOWQQ34vYwVvfFYJp5k4fR79d3aJZPR1GkvmPHq5vo4XRah-Vy_MaiqRlXfh_fuy3-hc7JkO8SE2WPKrVPVJDfO9eY9IqFmd06hbmiLkng-D5r36OjTk_CETW-_d2g6m-X-xgLF16Z8YnH6yTvON9emcYddvmT773uAXEv-riIoJXv893NvrTc8Tvps8Pd99qgfw3WfA1qK9_XYPS34WL0jS0u8S1yFNOaY32EC284Klw9DPLYGKFgYIi1XP4FDWqHd7w_aAuAmeYLCOXyUE6aNQ48UWHjHt-ZvLGMwhNmfbxMJ27XtfYsQXTjdxeea4-mdqYV3qjL99VjplzX7Qhr_3ceUONdH3ee506voUJ1zh47VfVPGkds8TM7qe92yrjP923PSx0rSNQcDAXcGsf0LEd0bxHpY6k7Bt9unrhd1XMjHOnTUob-MFjzMFbUGMdZjre9IfYcC_JEz5zoDTpzok9R0DLukcGNjCk4ZiZsmSt4-sOtqJyHglSDTMOMmV4F5sQhRRmEKxwv6hgquN4iPPD2TnEf6I8vE7bFWBlfengP-zwA27cg3GhOY28L4s5C0NrYV-nhQIxb-dxVj9rBhhlhVV4C9VU8-oqyk-O2lwEI54uqPcVK91V42DBt6S114MyQHOeH8lwIBQz3RZBKO9AdLjh0IqwYyB_O264Fex4FiKbEGGsx2VyxoWbzcPICOQC6J_x4AI314duqA7AO7xtuf245zsQX02GW7zwSoBvj0O7Z-HcflV8e5yrV3TQzNMroTnYbPfLb5d9--7aM50hLFJbP4rbbN8u1ezbitwpzm5cTZAf3OLkdsNFvBktuhhXDYOvxo-7Gnp8BN2ZMaBM95roZiIH8RwOzn6j3zCwt0pt7keYP8yzJbzxE9dP0DMslvo3FDSvaZE1ZdnD9KrDTEh-_Hqa8QcD83PYc7A5rAQIHFl7hsSldlmuibJ4uvvUHTRm4lcn6LVbVZ5UoQ-g2GpccwrIIapOWsjylOKagguMIXoWgTxVTz9r7FmrULWvGDiPwLF0Ut_pSlv8X3SeOJXsGDcZ5Gtyi6MMW73dsTJFrUvAiuv2dFAm9KYGbmHD9GyhwYREO5hJn5O3MX-qxfwUGFzNwq8OPAmVer2wz98Yxj70h0dG3h23NAsxtMGUCJud8CGV9W_P25MuOCjIbxdxSIyvtjJW1EUk28XDZAVAdmXnZi0juEWjfMpWHQtVDpn07FpBbjXdDs3PIvaBL7Nk4jAGQB1HlQfsrGuWuuNHPU7-qVBWAB_9uobY1glB3BM6YX3KHVxh9mGDJX6DCGMsE10hHsOctwIK3JUQOjzZFEps1tGYNpvSZoIbIeR7gGcyM4EZmExhAZmd2n9qdn7bvjjJtHLS1QL17BFIttcO2Cjxy7zm4Rqzclrcu7LKjyy5EaW3U50CIeNOORtTmr4h7uAfbSurpKc-rO14ywm5RRtTWPulGlEc-FPymcdJ7mkc98SUoxInoawNL3NpsGMl7gu7YBjI4th2YdG70JaEDFVzdk-OmOPnSnxNv_Lowo3XO6AxDPi8LQP9roPsorwtE6ON1J-27cLvCwx4ryrTOR9xop75qfKtqhWfc3Xhhs0BUl8rlgHYiR3TjsjUo-c-GbP8M5wbbCg_RZCFIQ58rWIE4GjsepwtmMyajrU8FOdyFSiyNiOY4yoTZiEAxxLfuu4BciBL6qGTzQabtYsrCjeiTg224qEa2rFtBu4BJVTapkifVi8QCUQFDVcAgLGAoC9h4ZhN-AQH9t-bg4PDEZW3I&uniformat=true&callback=Ya%5B6040716497773%5D

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

508960432accf3edc40727ba992dd774a9c431e42029f20443d96ff74f698af1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://turkru.lol/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sun, 21 May 2023 15:17:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1684682228315645-17654125850159780400-balancer-l7leveler-kubr-yp-vla-162-BAL-6848
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
uniformat-product-type: MediaCreativeReach
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Sun, 21 May 2023 15:17:08 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
uniformat: true
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: application/json
access-control-allow-origin: https://turkru.lol
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sun, 21 May 2023 15:17:08 GMT

OPTIONS
H2 200 event_confirmation
an.yandex.ru/ Frame 0
0 192ms
60ms Preflight 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://turkru.lol
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://turkru.lol
access-control-max-age: 1728000
content-encoding: gzip
date: Sun, 21 May 2023 15:17:08 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-xss-protection: 1; mode=block

POST
H2 200 event_confirmation Show response
an.yandex.ru/ 0
392 B 133ms
60ms XHR
text/plain 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://turkru.lol/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Sun, 21 May 2023 15:17:08 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Sun, 21 May 2023 15:17:08 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://turkru.lol
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sun, 21 May 2023 15:17:08 GMT

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ 164 KB
58 KB 241ms
117ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

1a688f34db585f469b29f57295dbef6c0af5c4d4726d8e028fd6706140ce086c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://turkru.lol/
Origin: https://turkru.lol
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 15:17:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Thu, 18 May 2023 11:29:27 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6465e1e7-e52f"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 58671
expires: Sun, 21 May 2023 16:17:08 GMT

GET
H2 200 render.html Show response
yastatic.net/safeframe-bundles/0.83/1-1-0/ Frame D2A7 24 KB
7 KB 40ms
13ms Document
text/html 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html

Requested by

Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.83/host.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://turkru.lol/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
content-length: 6262
content-type: text/html
date: Sun, 21 May 2023 15:17:08 GMT
etag: "eb77de48712912aadc9aa8171ac75ede"
expires: Tue, 20 May 2053 21:51:58 GMT
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
server: nginx/1.17.9
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow

GET
H2 200 render.html Show response
yastatic.net/safeframe-bundles/0.83/1-1-0/protected/ Frame 24F7 24 KB
7 KB 48ms
26ms Document
text/html 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/1-1-0/protected/render.html

Requested by

Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.83/host.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a

Security Headers

Name

Value

Content-Security-Policy

default-src 'none'; media-src storage.mds.yandex.net storage.mdst.yandex.net; img-src blob: data: 'self' yandex.ru yandex.ua yandex.by yandex.kz yandex.com yandex.com.tr *.yandex.ru *.yandex.kz *.yandex.ua storage.mds.yandex.net storage.mdst.yandex.net mc.yandex.ru an.yandex.ru data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' yandex.ru yandex.ua yandex.by yandex.kz yandex.com yandex.com.tr *.yandex.ru *.yandex.kz *.yandex.ua storage.mds.yandex.net storage.mdst.yandex.net an.yandex.ru mc.yandex.ru yastatic.net; child-src 'none'; frame-src https://yandex.ru https://an.yandex.ru; connect-src data: storage.mds.yandex.net storage.mdst.yandex.net mc.yandex.ru yandex.ru; style-src 'unsafe-inline' 'self' *.yandex.ru *.yandex.kz *.yandex.ua mc.yandex.ru storage.mds.yandex.net storage.mdst.yandex.net; font-src 'self' *.yandex.ru *.yandex.kz *.yandex.ua storage.mds.yandex.net storage.mdst.yandex.net data:;

Strict-Transport-Security

max-age=43200000; includeSubDomains;

Request headers

Referer: https://turkru.lol/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
content-length: 6262
content-security-policy: default-src 'none'; media-src storage.mds.yandex.net storage.mdst.yandex.net; img-src blob: data: 'self' yandex.ru yandex.ua yandex.by yandex.kz yandex.com yandex.com.tr *.yandex.ru *.yandex.kz *.yandex.ua storage.mds.yandex.net storage.mdst.yandex.net mc.yandex.ru an.yandex.ru data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' yandex.ru yandex.ua yandex.by yandex.kz yandex.com yandex.com.tr *.yandex.ru *.yandex.kz *.yandex.ua storage.mds.yandex.net storage.mdst.yandex.net an.yandex.ru mc.yandex.ru yastatic.net; child-src 'none'; frame-src https://yandex.ru https://an.yandex.ru; connect-src data: storage.mds.yandex.net storage.mdst.yandex.net mc.yandex.ru yandex.ru; style-src 'unsafe-inline' 'self' *.yandex.ru *.yandex.kz *.yandex.ua mc.yandex.ru storage.mds.yandex.net storage.mdst.yandex.net; font-src 'self' *.yandex.ru *.yandex.kz *.yandex.ua storage.mds.yandex.net storage.mdst.yandex.net data:;
content-type: text/html
date: Sun, 21 May 2023 15:17:08 GMT
etag: "eb77de48712912aadc9aa8171ac75ede"
expires: Tue, 20 May 2053 21:50:10 GMT
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
server: nginx/1.17.9
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow

GET
H2 200 bidder_18.html Show response
cache.betweendigital.com/code/ Frame 11F1 4 KB
1 KB 530ms
19ms Document
text/html 151.236.118.210
CDNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=8fa756dd-cdb1-538d-8ba4-eb77efcede83&CACHEBUSTER=12463
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-js?p=42565&randsalt=1253054506
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 151.236.118.210 Moscow, Russian Federation, ASN204720 (CDNETWORKS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 0771c19c407aac665a7b2c8eecf0709b0990dfd62358a4dc9f373fbf56404878

Request headers

Referer: https://turkru.lol/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Sun, 21 May 2023 15:17:09 GMT
etag: W/"638623e5-e7e"
last-modified: Tue, 29 Nov 2022 15:23:17 GMT
server: nginx
x-cdn-edge-cache: HIT
x-cdn-edge-id: 311
x-cdn-request-id: ed48e2df6ee0242db9820697e231cf27

GET
H2

200

match
ads.betweendigital.com/
Redirect Chain

https://x.bidswitch.net/sync?ssp=between
https://x.bidswitch.net/ul_cb/sync?ssp=between
https://ads.betweendigital.com/match?bidder_id=43092&gdpr=&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dbetween%26expires%3D30%26us...
https://x.bidswitch.net/sync?dsp_id=429&user_id=8fa756dd-cdb1-538d-8ba4-eb77efcede83&ssp=between&expires=30&user_group=1&gdpr=&gdpr_consent=
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=05a4d2ac-9314-4b72-8864-cb742c682ddf

68 B
598 B

100ms
99ms

Image
image/png

96.46.183.20
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=22&external_user_id=05a4d2ac-9314-4b72-8864-cb742c682ddf
Protocol: H2
Server: 96.46.183.20 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://turkru.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

location: //ads.betweendigital.com/match?bidder_id=22&external_user_id=05a4d2ac-9314-4b72-8864-cb742c682ddf
date: Sun, 21 May 2023 15:17:08 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

match
ads.betweendigital.com/
Redirect Chain

https://px.adhigh.net/p/cm/btw
https://px.adhigh.net/p/cm/btw?bounced=1
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=eQyycnORXzn.AikABlGIPuLELg

68 B
598 B

100ms
99ms

Image
image/png

96.46.183.20
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=37&external_user_id=eQyycnORXzn.AikABlGIPuLELg
Protocol: H2
Server: 96.46.183.20 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://turkru.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Sun, 21 May 2023 15:17:08 GMT
server: nginx
x-backend-id: f22-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
location: https://ads.betweendigital.com/match?bidder_id=37&external_user_id=eQyycnORXzn.AikABlGIPuLELg
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

match
ads.betweendigital.com/
Redirect Chain

https://ups.analytics.yahoo.com/ups/58665/occ?gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58665/occ?gdpr=0&gdpr_consent=&verify=true
https://ads.betweendigital.com/match?bidder_id=251&external_user_id=eS1lckV5MTBaRTJ1RUNRdkZmaFBsSXJXVW1BNHE2RDQuRS5HTW1SY0EtfkE%3D&gdpr=0

68 B
598 B

99ms
99ms

Image
image/png

96.46.183.20
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=251&external_user_id=eS1lckV5MTBaRTJ1RUNRdkZmaFBsSXJXVW1BNHE2RDQuRS5HTW1SY0EtfkE%3D&gdpr=0
Protocol: H2
Server: 96.46.183.20 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://turkru.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

location: https://ads.betweendigital.com/match?bidder_id=251&external_user_id=eS1lckV5MTBaRTJ1RUNRdkZmaFBsSXJXVW1BNHE2RDQuRS5HTW1SY0EtfkE%3D&gdpr=0
date: Sun, 21 May 2023 15:17:08 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 204 btw
sync.dmp.otm-r.com/match/ 0
69 B 184ms
52ms Image
text/plain 194.55.244.181
PROCLOUD PROCLOUD...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.dmp.otm-r.com/match/btw?id=8fa756dd-cdb1-538d-8ba4-eb77efcede83
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.55.244.181 , Russian Federation, ASN34959 (PROCLOUD PROCLOUD MSK, RU),
Reverse DNS
Software: nginx/1.23.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://turkru.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 21 May 2023 15:17:08 GMT
server: nginx/1.23.2

GET
H2 200 587f7105-5f89-401e-ac6b-8ffee31c6b49.js Show response
storage.mds.yandex.net/get-bstor/9428387/ Frame 24F7 186 KB
53 KB 239ms
110ms Script
text/javascript 2a02:6b8::158
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.mds.yandex.net/get-bstor/9428387/587f7105-5f89-401e-ac6b-8ffee31c6b49.js
Requested by: Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.83/1-1-0/protected/render.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::158 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: nginx /
Resource Hash: 575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 15:17:08 GMT
content-encoding: br
last-modified: Wed, 17 May 2023 13:13:53 GMT
server: nginx
etag: W/"1e767c3fbb0689822847fa8fa74d78d7"
x-cache-status: hit
content-type: text/javascript
x-data-size: 190630
access-control-allow-origin: *
x-mds-request-id: 8f3dcb80d197dd46
cache-control: max-age=31536000, immutable
x-robots-tag: noindex, noarchive, nofollow

GET
H2 200 240x400.js Show response
storage.mds.yandex.net/get-canvas-html5/895207/191a09ea-678a-4083-9cae-a35f155f10cf/ Frame 24F7 233 KB
32 KB 303ms
174ms Script
text/plain 2a02:6b8::158
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.mds.yandex.net/get-canvas-html5/895207/191a09ea-678a-4083-9cae-a35f155f10cf/240x400.js
Requested by: Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.83/1-1-0/protected/render.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::158 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: nginx /
Resource Hash: c9295231053be2f03e47a98627b233e7459a04c9c186cf285a883f98590ba6bf

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 15:17:08 GMT
content-encoding: br
last-modified: Wed, 17 May 2023 13:14:13 GMT
server: nginx
etag: W/"cf988a07ac3ffd232a8d148d973ccffb"
x-cache-status: hit
content-type: text/plain
x-data-size: 238295
access-control-allow-origin: *
x-mds-request-id: 7959aff6727efb6f
cache-control: max-age=31536000, immutable
x-robots-tag: noindex, noarchive, nofollow

GET
H2 200 WT8ejI_zO2a1HGu0j1W00000dOwTAGK0AG8nz3LgP000000ut8c30c2C66W4W06UXvy8Y07CXkuMa06SvytDwO20W0AO0PpdpSrfi07u-DUo2BW1u9U1t2RO0VxpdBC1u06Yeh6o0Q02Yj6t4g0wY0MV3v05hX6m1V03k0Mr1C05_HF81Oe5u0M80VDDpPM_4ZGM0...
yandex.ru/an/tracking/ Frame D2A7 0
307 B 58ms
58ms Image
text/plain 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yandex.ru/an/tracking/WT8ejI_zO2a1HGu0j1W00000dOwTAGK0AG8nz3LgP000000ut8c30c2C66W4W06UXvy8Y07CXkuMa06SvytDwO20W0AO0PpdpSrfi07u-DUo2BW1u9U1t2RO0VxpdBC1u06Yeh6o0Q02Yj6t4g0wY0MV3v05hX6m1V03k0Mr1C05_HF81Oe5u0M80VDDpPM_4ZGM0xJTr8dtgZick0UGCj02mf211kW91_09u0Fu2Q06W0e8Y0i8gWiG8LLM-xJT0005GSUbDVm50F0B1k0DWeA1WO20W0ZpcxMk-TU4cXQW3i24FQWFjBlpmldUwfqcW12LZy4fW1GWg1Ik4SWK1u2LemRW507O5fgZfxMiqzU0xW615vWNu8pECTWNm8Gzq1WX-1Z1YlRieu-y_6E06RWQ0O8S3L12GZfNMJPND6rEQJVf780TVw4T_OL5X5exvZ-e7GBG7ksgyEggs-gN8zWUguKVe1__z_Ofi1-30iWVtgsuPz8V1ZStCpKuDk0W0T0X_l__0TKY__z__u4ZYIEPcPcPcPdPFn80On3VHWm81y69GDYkCXQ1kAj_kjOkyx0ZRs3RmExsVivFKtc7N_8Gnd0qFRXi3316LCpLdJzQAMDH~1?action-id=11

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 15:17:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified: Sun, 21 May 2023 15:17:08 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id: 1684682228676268-10895262594050583306-balancer-l7leveler-kubr-yp-vla-162-BAL
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sun, 21 May 2023 15:17:08 GMT

GET
H2

200

879f36d606fbf3dff77588
an.yandex.ru/mapuid/arcspireis/ Frame D2A7
Redirect Chain

https://px.arcspire.io/yndx?id=9d4cd41a-f59d-4815-8a89-9d30806f5389
https://an.yandex.ru/mapuid/arcspireis/879f36d606fbf3dff77588

43 B
110 B

137ms
64ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/arcspireis/879f36d606fbf3dff77588

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 15:17:08 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Sun, 21 May 2023 15:17:08 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sun, 21 May 2023 15:17:08 GMT

Redirect headers

location: https://an.yandex.ru/mapuid/arcspireis/879f36d606fbf3dff77588
date: Sun, 21 May 2023 15:17:08 GMT
x-envoy-upstream-service-time: 0
server: envoy
content-length: 0

GET
H2

200

0100007FF4356A649F07590D0277EF13
an.yandex.ru/mapuid/sapeis/ Frame D2A7
Redirect Chain

https://acint.net/rmatch/?dp=151&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsapeis%2F%24%7BUSER_ID%7D
https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fan.yandex.ru%252Fmapuid%252Fsapeis%252F%2524%257BUSER_ID%257D&dp=14
https://acint.net/rmatch?dp=14&euid=2003420AF4356A64D2024C0102C4070B&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsapeis%2F%24%7BUSER_ID%7D
https://an.yandex.ru/mapuid/sapeis/0100007FF4356A649F07590D0277EF13

43 B
82 B

102ms
66ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/sapeis/0100007FF4356A649F07590D0277EF13

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 15:17:08 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Sun, 21 May 2023 15:17:08 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sun, 21 May 2023 15:17:08 GMT

Redirect headers

date: Sun, 21 May 2023 15:17:08 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location: https://an.yandex.ru/mapuid/sapeis/0100007FF4356A649F07590D0277EF13
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 154
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2

200

8fa756dd-cdb1-538d-8ba4-eb77efcede83
an.yandex.ru/mapuid/betweendigitalis/ Frame D2A7
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F%24%7BUSER_ID%7D
https://an.yandex.ru/mapuid/betweendigitalis/8fa756dd-cdb1-538d-8ba4-eb77efcede83

43 B
82 B

109ms
66ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/betweendigitalis/8fa756dd-cdb1-538d-8ba4-eb77efcede83

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 15:17:08 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Sun, 21 May 2023 15:17:08 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sun, 21 May 2023 15:17:08 GMT

Redirect headers

location: https://an.yandex.ru/mapuid/betweendigitalis/8fa756dd-cdb1-538d-8ba4-eb77efcede83
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame D2A7
Redirect Chain

https://yandex.ru/an/mapuid/adobedmp/
https://dpm.demdex.net/ibs:dpid=423652&dpuuid=C4D955C51FA0F24E
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=C4D955C51FA0F24E

42 B
942 B

33ms
33ms

Image
image/gif

34.243.85.78
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=C4D955C51FA0F24E

Protocol

HTTP/1.1

Server

34.243.85.78 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-243-85-78.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v048-0873d5012.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: TqdwwUQ/SJs=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v048-090260c2d.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: lwfgvFyuT24=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=C4D955C51FA0F24E
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

match
match.360yield.com/ul_cb/ Frame D2A7
Redirect Chain

https://yandex.ru/an/mapuid/azerionis/
https://match.360yield.com/match?external_user_id=4111E57467FC0C46&publisher_dsp_id=429&publisher_call_type=redirect
https://match.360yield.com/ul_cb/match?external_user_id=4111E57467FC0C46&publisher_dsp_id=429&publisher_call_type=redirect

43 B
198 B

30ms
30ms

Image
image/gif

34.240.89.45
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.360yield.com/ul_cb/match?external_user_id=4111E57467FC0C46&publisher_dsp_id=429&publisher_call_type=redirect
Protocol: H2
Server: 34.240.89.45 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-240-89-45.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 21 May 2023 15:17:08 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://match.360yield.com/ul_cb/match?external_user_id=4111E57467FC0C46&publisher_dsp_id=429&publisher_call_type=redirect
access-control-allow-origin: *
date: Sun, 21 May 2023 15:17:08 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 /
yandex.ru/an/mapuid/behaviorx/ Frame D2A7 0
0 76ms
66ms Image
text/html 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yandex.ru/an/mapuid/behaviorx/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H2

200

match
ads.betweendigital.com/ Frame D2A7
Redirect Chain

https://yandex.ru/an/mapuid/betweenx/
https://ads.betweendigital.com/match?bidder_id=161&external_user_id=9239AA3A045D1B1

68 B
598 B

101ms
100ms

Image
image/png

96.46.183.20
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=161&external_user_id=9239AA3A045D1B1
Protocol: H2
Server: 96.46.183.20 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Sun, 21 May 2023 15:17:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified: Sun, 21 May 2023 15:17:08 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id: 1684682228689528-3843587329661948261-balancer-l7leveler-kubr-yp-vla-162-BAL
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://ads.betweendigital.com/match?bidder_id=161&external_user_id=9239AA3A045D1B1
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sun, 21 May 2023 15:17:08 GMT

GET
H/1.1

204
No Content

pixel
im.bluevoox.com/ Frame D2A7
Redirect Chain

https://yandex.ru/an/mapuid/blueseaxcom/
https://im.bluevoox.com/pixel?s1=1&s2=1315&s3=vldyrx2shs82pv9o&cm=1&rd=1&puid=4B043772D68A06C0

0
241 B

299ms
94ms

Image
text/plain

52.45.175.185
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://im.bluevoox.com/pixel?s1=1&s2=1315&s3=vldyrx2shs82pv9o&cm=1&rd=1&puid=4B043772D68A06C0
Protocol: HTTP/1.1
Server: 52.45.175.185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-175-185.compute-1.amazonaws.com
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Connection: close
Date: Sun, 21 May 2023 15:17:08 GMT
Server: openresty

Redirect headers

pragma: no-cache
date: Sun, 21 May 2023 15:17:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified: Sun, 21 May 2023 15:17:08 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id: 1684682228689769-2737105612316848113-balancer-l7leveler-kubr-yp-vla-162-BAL
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://im.bluevoox.com/pixel?s1=1&s2=1315&s3=vldyrx2shs82pv9o&cm=1&rd=1&puid=4B043772D68A06C0
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sun, 21 May 2023 15:17:08 GMT

GET
H2 200 /
yandex.ru/an/mapuid/eplanningrtb/ Frame D2A7 0
0 77ms
66ms Image
text/html 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yandex.ru/an/mapuid/eplanningrtb/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame D2A7
Redirect Chain

https://yandex.ru/an/mapuid/google/?partner-tag=yandex_llc
https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=99A348BC2E2C2AB3&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

170 B
232 B

85ms
31ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=99A348BC2E2C2AB3&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 15:17:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 21 May 2023 15:17:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified: Sun, 21 May 2023 15:17:08 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id: 1684682228690324-5717836116080107312-balancer-l7leveler-kubr-yp-vla-162-BAL
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=99A348BC2E2C2AB3&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sun, 21 May 2023 15:17:08 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame D2A7
Redirect Chain

https://yandex.ru/an/mapuid/google/?partner-tag=yandexcom
https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=99A348BC2E2C2AB3&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

170 B
232 B

84ms
30ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=99A348BC2E2C2AB3&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 15:17:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 21 May 2023 15:17:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified: Sun, 21 May 2023 15:17:08 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id: 1684682228690557-6688003401547944987-balancer-l7leveler-kubr-yp-vla-162-BAL
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=99A348BC2E2C2AB3&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sun, 21 May 2023 15:17:08 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame D2A7
Redirect Chain

https://yandex.ru/an/mapuid/google/?partner-tag=yandexru
https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=99A348BC2E2C2AB3&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

170 B
409 B

84ms
30ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=99A348BC2E2C2AB3&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 15:17:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 21 May 2023 15:17:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified: Sun, 21 May 2023 15:17:08 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id: 1684682228690779-5144981301527032129-balancer-l7leveler-kubr-yp-vla-162-BAL
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=99A348BC2E2C2AB3&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sun, 21 May 2023 15:17:08 GMT

GET
H2

200

sync
t.adx.opera.com/ Frame D2A7
Redirect Chain

https://yandex.ru/an/mapuid/operacom/
https://t.adx.opera.com/sync?vendor=60143&uid=88A10D147D9AF9BE

35 B
466 B

67ms
23ms

Image
image/gif

82.145.213.8
NO-OPERA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.adx.opera.com/sync?vendor=60143&uid=88A10D147D9AF9BE
Protocol: H2
Server: 82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS: n-sysadmin-jumpbox-03.feednews.opera.technology
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 15:17:08 GMT
server: nginx
access-control-allow-methods: POST, GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 21 May 2023 15:17:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified: Sun, 21 May 2023 15:17:08 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id: 1684682228731289-5353292255696913062-balancer-l7leveler-kubr-yp-vla-162-BAL
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://t.adx.opera.com/sync?vendor=60143&uid=88A10D147D9AF9BE
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sun, 21 May 2023 15:17:08 GMT

GET
H2

200

user-sync
rtb.programattik.com/ Frame D2A7
Redirect Chain

https://yandex.ru/an/mapuid/turktelekomrtb/
https://rtb.programattik.com/user-sync?dsp=5&t=image&uid=9DD15464C4FBA511

42 B
152 B

204ms
64ms

Image
image/gif

85.111.6.50
TTNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.programattik.com/user-sync?dsp=5&t=image&uid=9DD15464C4FBA511
Protocol: H2
Server: 85.111.6.50 , Turkey, ASN9121 (TTNET, TR),
Reverse DNS: ns2.ttidc.com.tr
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 15:17:08 GMT
cache-control: no-store
server: nginx
age: 0
content-length: 42
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 21 May 2023 15:17:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified: Sun, 21 May 2023 15:17:08 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id: 1684682228731625-17124717898154582612-balancer-l7leveler-kubr-yp-vla-162-BAL
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://rtb.programattik.com/user-sync?dsp=5&t=image&uid=9DD15464C4FBA511
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sun, 21 May 2023 15:17:08 GMT

GET
H/1.1

200
OK

user-sync
sync.adkernel.com/ Frame D2A7
Redirect Chain

https://yandex.ru/an/mapuid/xapadsssp/
https://sync.adkernel.com/user-sync?dsp=94&t=image&uid=BB2CEE8D1146D8BA

42 B
228 B

53ms
18ms

Image
image/gif

77.245.57.72
WEBAIR-INTERNET-MTL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adkernel.com/user-sync?dsp=94&t=image&uid=BB2CEE8D1146D8BA
Protocol: HTTP/1.1
Server: 77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 May 2023 15:17:08 GMT
Server: nginx
Age: 0
Content-Type: image/gif
Cache-Control: no-store
Connection: close
Content-Length: 42

Redirect headers

pragma: no-cache
date: Sun, 21 May 2023 15:17:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified: Sun, 21 May 2023 15:17:08 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id: 1684682228731849-13865987200709393454-balancer-l7leveler-kubr-yp-vla-162-BAL
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://sync.adkernel.com/user-sync?dsp=94&t=image&uid=BB2CEE8D1146D8BA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sun, 21 May 2023 15:17:08 GMT

GET
H2

200

c3a835531f512a65e8dc39bb2f47d7d57ba2bedc7336f2963138e96010657f6f
an.yandex.ru/mapuid/mediascope/ Frame D2A7
Redirect Chain

https://cm.tns-counter.ru/yacm
https://an.yandex.ru/mapuid/mediascope/c3a835531f512a65e8dc39bb2f47d7d57ba2bedc7336f2963138e96010657f6f

43 B
82 B

98ms
98ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/mediascope/c3a835531f512a65e8dc39bb2f47d7d57ba2bedc7336f2963138e96010657f6f

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 15:17:08 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Sun, 21 May 2023 15:17:08 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sun, 21 May 2023 15:17:08 GMT

Redirect headers

pragma: no-cache
date: Sun, 21 May 2023 15:17:08 GMT
server: ms-counter-4.0.4/1.22.1
content-type: text/html
location: https://an.yandex.ru/mapuid/mediascope/c3a835531f512a65e8dc39bb2f47d7d57ba2bedc7336f2963138e96010657f6f
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 204 match
dm.hybrid.ai/ Frame D2A7 0
278 B 177ms
54ms Image
text/plain 37.18.16.22
HYBRID-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dm.hybrid.ai/match?id=182

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.16.22 , Russian Federation, ASN205675 (HYBRID-AS, DE),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 15:17:08 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: https://yastatic.net
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-mode: 103
x-xss-protection: 1; mode=block
expires: -1

GET
H2 204 yandexdmp-match
dm.hybrid.ai/ Frame D2A7 0
238 B 177ms
54ms Image
text/plain 37.18.16.22
HYBRID-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dm.hybrid.ai/yandexdmp-match

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.16.22 , Russian Federation, ASN205675 (HYBRID-AS, DE),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 15:17:08 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: *
cache-control: no-cache, no-store
x-mode: 104
x-xss-protection: 1; mode=block
expires: -1

GET
H/1.1

200
OK

i
dmg.digitaltarget.ru/awg/custom/119/i/ Frame D2A7
Redirect Chain

https://dmg.digitaltarget.ru/1/119/i/i?i=1684682228
https://dmg.digitaltarget.ru/awg/custom/119/i/i?call_source=awg&ts=1684682228817&i=1684682228

49 B
189 B

56ms
56ms

Image
image/gif

185.15.175.132
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmg.digitaltarget.ru/awg/custom/119/i/i?call_source=awg&ts=1684682228817&i=1684682228
Protocol: HTTP/1.1
Server: 185.15.175.132 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software: nginx /
Resource Hash: 8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sun, 21 May 2023 15:17:08 GMT
Server: nginx
Connection: keep-alive
Content-Length: 49
Content-Type: image/gif

Redirect headers

Date: Sun, 21 May 2023 15:17:08 GMT
Server: nginx
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, POST, OPTIONS
Location: https://dmg.digitaltarget.ru/awg/custom/119/i/i?call_source=awg&ts=1684682228817&i=1684682228
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2

200

match
match.360yield.com/ Frame D2A7
Redirect Chain

https://euw-ice.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fazerionis%2F{PUB_USER_ID}
https://euw-ice.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fazerionis%2F%7BPUB_USER_ID%7D
https://an.yandex.ru/mapuid/azerionis/6dd6971a-402d-422c-b633-0049a34bd7d9
https://match.360yield.com/match?external_user_id=6dd6971a-402d-422c-b633-0049a34bd7d9&publisher_dsp_id=429&publisher_call_type=redirect

43 B
198 B

32ms
30ms

Image
image/gif

34.240.89.45
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.360yield.com/match?external_user_id=6dd6971a-402d-422c-b633-0049a34bd7d9&publisher_dsp_id=429&publisher_call_type=redirect
Protocol: H2
Server: 34.240.89.45 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-240-89-45.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 21 May 2023 15:17:08 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

pragma: no-cache
date: Sun, 21 May 2023 15:17:08 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Sun, 21 May 2023 15:17:08 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://match.360yield.com/match?external_user_id=6dd6971a-402d-422c-b633-0049a34bd7d9&publisher_dsp_id=429&publisher_call_type=redirect
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sun, 21 May 2023 15:17:08 GMT

GET
H2

200

14250800-44de-4f5f-7a33-904751a7381b
an.yandex.ru/mapuid/buzzooladspis/ Frame D2A7
Redirect Chain

https://exchange.buzzoola.com/cookiesync/redirect/yandex?redirect_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbuzzooladspis%2F%24%7BUUID%7D
https://an.yandex.ru/mapuid/buzzooladspis/14250800-44de-4f5f-7a33-904751a7381b

43 B
82 B

180ms
65ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/buzzooladspis/14250800-44de-4f5f-7a33-904751a7381b

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 15:17:08 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Sun, 21 May 2023 15:17:08 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sun, 21 May 2023 15:17:08 GMT

Redirect headers

location: https://an.yandex.ru/mapuid/buzzooladspis/14250800-44de-4f5f-7a33-904751a7381b
date: Sun, 21 May 2023 15:17:08 GMT
server: nginx
content-length: 113
serverid: TODO
content-type: text/html; charset=utf-8

GET
H2

200

ZGo19GD9tB8
an.yandex.ru/mapuid/soltadspis/ Frame D2A7
Redirect Chain

https://kimberlite.io/rtb/sync/yandex
https://sp.ohmy.bid/cm?ssp=solta&redirect_url=https%3A%2F%2Fkimberlite.io%2Frtb%2Fsync%2Fohmybid2%3Fu%3D%7Buid%7D%26f%3Dhttps%253A%252F%252Fan.yandex.ru%252Fmapuid%252Fsoltadspis%252FZGo19GD9tB8%26...
https://kimberlite.io/rtb/sync/ohmybid2?u=dd796d5f-5e63-4ef0-8b89-8458424bbbeb&f=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsoltadspis%2FZGo19GD9tB8&n=1
https://solta-sync.rutarget.ru/sync
https://kimberlite.io/rtb/sync/segmento?u=ubmg1-usq7Qa
https://sm.rtb.mts.ru/p?ssp=toptraffic&id=ZGo19GD9tB8
https://sm.rtb.mts.ru/match/second?ssp=59&exu=ZGo19GD9tB8
https://tech.rtb.mts.ru/?dsp_uid=f717081e-0b3d-4352-9ac1-94ccf6c69bba&return_url=https%3A%2F%2Fpixel.konnektu.ru%2Fredirect%2Fmts%3Fcallback_url%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%...
https://pixel.konnektu.ru/redirect/mts?callback_url=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D59%26em%3D1%26ssp%3Dkonnektu%26id%3D%7BUSER_ID%7D
https://sm.rtb.mts.ru/em?next=59&em=1&ssp=konnektu&id=
https://kimberlite.io/rtb/sync/mts?u=f717081e-0b3d-4352-9ac1-94ccf6c69bba
https://an.yandex.ru/mapuid/soltadspis/ZGo19GD9tB8

43 B
80 B

61ms
60ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/soltadspis/ZGo19GD9tB8

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 15:17:09 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Sun, 21 May 2023 15:17:09 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sun, 21 May 2023 15:17:09 GMT

Redirect headers

Date: Sun, 21 May 2023 15:17:09 GMT
referrer-policy: no-referrer
Server: nginx
access-control-allow-origin: *
location: https://an.yandex.ru/mapuid/soltadspis/ZGo19GD9tB8
cache-control: no-store
access-control-allow-credentials: true
Connection: keep-alive
server-timing: app;srv=5;dur=0.0003
Content-Length: 0

GET
H2

200

/
an.yandex.ru/mapuid/targetrtbis/ Frame D2A7
Redirect Chain

https://match.new-programmatic.com/userbind?src=yandex&pbf=1&gi=1
https://an.yandex.ru/mapuid/targetrtbis/

43 B
80 B

61ms
61ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/targetrtbis/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 15:17:08 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Sun, 21 May 2023 15:17:08 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sun, 21 May 2023 15:17:08 GMT

Redirect headers

Date: Sun, 21 May 2023 15:17:08 GMT
Server: nginx/1.22.1
Vary: Origin
Access-Control-Allow-Origin: *
Location: https://an.yandex.ru/mapuid/targetrtbis/
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET pixel
mitdmp.whiteboxdigital.ru/ Frame D2A7 0
0

GET
H2

200

d7bf92e9-808d-208d-f435-6a64601d0100
an.yandex.ru/mapuid/hyperdspis/ Frame D2A7
Redirect Chain

https://nr.bidderstack.com/yandex/cm?r=https://an.yandex.ru/mapuid/hyperdspis/
https://nr.bidderstack.com/yandex/cm?r=https://an.yandex.ru/mapuid/hyperdspis/&pupa=1
https://an.yandex.ru/mapuid/hyperdspis/d7bf92e9-808d-208d-f435-6a64601d0100

43 B
82 B

98ms
67ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/hyperdspis/d7bf92e9-808d-208d-f435-6a64601d0100

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 15:17:08 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Sun, 21 May 2023 15:17:08 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sun, 21 May 2023 15:17:08 GMT

Redirect headers

Location: https://an.yandex.ru/mapuid/hyperdspis/d7bf92e9-808d-208d-f435-6a64601d0100
Access-Control-Allow-Origin: *
Date: Sun, 21 May 2023 15:17:08 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

/
an.yandex.ru/mapuid/ramblerssp/ Frame D2A7
Redirect Chain

https://profile.ssp.rambler.ru/sync3.302?pid=188
https://an.yandex.ru/mapuid/ramblerssp/

43 B
152 B

61ms
61ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/ramblerssp/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 15:17:09 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Sun, 21 May 2023 15:17:09 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sun, 21 May 2023 15:17:09 GMT

Redirect headers

date: Sun, 21 May 2023 15:17:08 GMT
strict-transport-security: max-age=0
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
location: //an.yandex.ru/mapuid/ramblerssp/
content-type: application/x-javascript
x-passed: 2bal2
content-length: 0

GET
H2

200

eQyycnORXzn.AikABlGIPuLELg
an.yandex.ru/mapuid/getintentis/ Frame D2A7
Redirect Chain

https://px.adhigh.net/p/cm/yandexssp
https://an.yandex.ru/mapuid/getintentis/eQyycnORXzn.AikABlGIPuLELg

43 B
80 B

61ms
61ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/getintentis/eQyycnORXzn.AikABlGIPuLELg

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 15:17:08 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Sun, 21 May 2023 15:17:08 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sun, 21 May 2023 15:17:08 GMT

Redirect headers

pragma: no-cache
date: Sun, 21 May 2023 15:17:08 GMT
server: nginx
x-backend-id: f22-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
location: https://an.yandex.ru/mapuid/getintentis/eQyycnORXzn.AikABlGIPuLELg
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

15YyZ7fMExyu
an.yandex.ru/mapuid/dmpweborama/h8moJq7qG/ Frame D2A7
Redirect Chain

https://redirect.frontend.weborama.fr/redirect/standard?url=https://an.yandex.ru/mapuid/dmpweborama/{WEBO_CID}
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fdmpweborama%2F%7BWEBO_CID%7D&bounce=1&random=291923643
https://an.yandex.ru/mapuid/dmpweborama/h8moJq7qG/15YyZ7fMExyu

43 B
80 B

61ms
61ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/dmpweborama/h8moJq7qG/15YyZ7fMExyu

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 15:17:08 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Sun, 21 May 2023 15:17:08 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sun, 21 May 2023 15:17:08 GMT

Redirect headers

pragma: no-cache
date: Sun, 21 May 2023 15:17:08 GMT
via: 1.1 google
last-modified: Sun, 21 May 2023 15:17:08 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location: https://an.yandex.ru/mapuid/dmpweborama/h8moJq7qG/15YyZ7fMExyu
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 200 y
rtb-eu-warsaw.intent.ai/um/ Frame D2A7 68 B
830 B 83ms
40ms Image
image/png 2606:4700:20::ac43:48bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb-eu-warsaw.intent.ai/um/y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:48bf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 15:17:08 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 68
pragma: no-cache
last-modified: Sun, 21 May 2023 15:17:08 GMT
server: cloudflare
access-control-max-age: 1728000
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bdmq2qipDraKKMUQwmzHvihAOjjIEjIUs2lVwjfdHOhthrg15ErPhECWRlmmUClLbcHgJ4MOqZpEECg0ArJPFLhBKEmCg%2FZyLT1E6wWGs6NhtNYrcyL3QuW6bkDRVruB3sqJgev46Q0v485%2BcJYQP93AG86y"}],"group":"cf-nel","max_age":604800}
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: true
cf-ray: 7cadc8dac93d1c05-FRA
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
expires: Wed, 11 Nov 1998 11:11:11 GMT

GET
H2

200

IwF8gVE7htcmGP6LfRRZ
an.yandex.ru/mapuid/kadamis/ Frame D2A7
Redirect Chain

https://s.uuidksinc.net/match/501
https://an.yandex.ru/mapuid/kadamis/IwF8gVE7htcmGP6LfRRZ

43 B
80 B

60ms
60ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/kadamis/IwF8gVE7htcmGP6LfRRZ

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 15:17:08 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Sun, 21 May 2023 15:17:08 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sun, 21 May 2023 15:17:08 GMT

Redirect headers

location: https://an.yandex.ru/mapuid/kadamis/IwF8gVE7htcmGP6LfRRZ
date: Sun, 21 May 2023 15:17:08 GMT
server: nginx/1.23.2
content-length: 0

GET
H2

200

f717081e-0b3d-4352-9ac1-94ccf6c69bba
an.yandex.ru/mapuid/mtsdspis/ Frame D2A7
Redirect Chain

https://sm.rtb.mts.ru/p?ssp=yandex&id=map
https://sm.rtb.mts.ru/match/second?ssp=55
https://tech.rtb.mts.ru/?dsp_uid=f717081e-0b3d-4352-9ac1-94ccf6c69bba&return_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fmtsdspis%2Ff717081e-0b3d-4352-9ac1-94ccf6c69bba
https://an.yandex.ru/mapuid/mtsdspis/f717081e-0b3d-4352-9ac1-94ccf6c69bba

43 B
80 B

61ms
61ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/mtsdspis/f717081e-0b3d-4352-9ac1-94ccf6c69bba

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 15:17:09 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Sun, 21 May 2023 15:17:09 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sun, 21 May 2023 15:17:09 GMT

Redirect headers

Date: Sun, 21 May 2023 15:17:09 GMT
Server: nginx/1.20.2
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/html; charset=utf-8
Location: https://an.yandex.ru/mapuid/mtsdspis/f717081e-0b3d-4352-9ac1-94ccf6c69bba
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2

200

ct_sync.php
sync.magnitent.com/fbfli/ Frame D2A7
Redirect Chain

https://sonar.semantiqo.com/dmp/scr.php
https://counter.yadro.ru/id127/reff-id.gif?sid=ad0c7ab560f54226a83a5e78bd83f51f
https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=DADD923691AE0D3A&sid=ad0c7ab560f54226a83a5e78bd83f51f
https://cdn3.caltat.com/fbfc504c-89b0-4a80-bef4-c8e39daeee6f/sess.php?sid=ad0c7ab560f54226a83a5e78bd83f51f&spid=DADD923691AE0D3A&v=
https://sync.magnitent.com/fbfli/ct_sync.php?ct=d7799b2e0ee149b0ac78f14c96d5e453&sonar=ad0c7ab560f54226a83a5e78bd83f51f&spid=DADD923691AE0D3A&v=

0
676 B

135ms
41ms

Image
text/html

95.217.109.66
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.magnitent.com/fbfli/ct_sync.php?ct=d7799b2e0ee149b0ac78f14c96d5e453&sonar=ad0c7ab560f54226a83a5e78bd83f51f&spid=DADD923691AE0D3A&v=
Protocol: H2
Server: 95.217.109.66 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.66.109.217.95.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin: *, *
date: Sun, 21 May 2023 15:17:09 GMT
mode: no-cors, no-cors
cache-control: no-cache, no-cache
content-encoding: gzip
server: nginx/1.20.1
content-type: text/html; charset=UTF-8

Redirect headers

location: https://sync.magnitent.com/fbfli/ct_sync.php?ct=d7799b2e0ee149b0ac78f14c96d5e453&sonar=ad0c7ab560f54226a83a5e78bd83f51f&spid=DADD923691AE0D3A&v=
access-control-allow-origin: *
date: Sun, 21 May 2023 15:17:09 GMT
mode: no-cors
server: nginx/1.20.1
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK sync.cgi
ssp.adriver.ru/cgi-bin/ Frame D2A7 42 B
201 B 323ms
66ms Image
image/gif 81.222.128.216
ELTEL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=109
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.222.128.216 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS: ad16.adriver.ru
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sun, 21 May 2023 15:17:09 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H/1.1 200
OK sync.cgi
ssp.adriver.ru/cgi-bin/ Frame D2A7 42 B
201 B 325ms
74ms Image
image/gif 81.222.128.216
ELTEL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=19
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.222.128.216 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS: ad16.adriver.ru
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sun, 21 May 2023 15:17:09 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H/1.1 200
OK /
sync.bumlam.com/ Frame D2A7 43 B
390 B 79ms
18ms Image
image/gif 31.172.81.172
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bumlam.com/?src=yandex
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 31.172.81.172 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/gif
Date: Sun, 21 May 2023 15:17:09 GMT
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server: nginx
Connection: keep-alive
Content-Length: 43
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2 204 yandexortb
sync.dmp.otm-r.com/match/ Frame D2A7 0
68 B 52ms
52ms Image
text/plain 194.55.244.181
PROCLOUD PROCLOUD...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.dmp.otm-r.com/match/yandexortb
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.55.244.181 , Russian Federation, ASN34959 (PROCLOUD PROCLOUD MSK, RU),
Reverse DNS
Software: nginx/1.23.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 21 May 2023 15:17:08 GMT
server: nginx/1.23.2

GET
H2

200

NjcyMmEwMWYyN2UyNDU2ZQ
an.yandex.ru/mapuid/gonetisnew/ Frame D2A7
Redirect Chain

https://sync.gonet-ads.com/match/yandex?id=[buyerUid]
https://sync.gonet-ads.com/match/yandex?id=%5BbuyerUid%5D&chk=1
https://an.yandex.ru/mapuid/gonetisnew/NjcyMmEwMWYyN2UyNDU2ZQ

43 B
80 B

61ms
60ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/gonetisnew/NjcyMmEwMWYyN2UyNDU2ZQ

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 15:17:09 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Sun, 21 May 2023 15:17:09 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sun, 21 May 2023 15:17:09 GMT

Redirect headers

date: Sun, 21 May 2023 15:17:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: nginx
x-frame-options: SAMEORIGIN
location: https://an.yandex.ru/mapuid/gonetisnew/NjcyMmEwMWYyN2UyNDU2ZQ
content-length: 0
x-xss-protection: 1; mode=block

GET
H2

200

cc05bc02-5e7b-41da-8eef-ccac6fe978c0
an.yandex.ru/mapuid/upravelis/ Frame D2A7
Redirect Chain

https://sync.upravel.com/yandex/sync
https://sync.upravel.com/yandex/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIl19fQ
https://an.yandex.ru/mapuid/upravelis/cc05bc02-5e7b-41da-8eef-ccac6fe978c0

43 B
80 B

63ms
62ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/upravelis/cc05bc02-5e7b-41da-8eef-ccac6fe978c0

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 15:17:09 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Sun, 21 May 2023 15:17:09 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sun, 21 May 2023 15:17:09 GMT

Redirect headers

date: Sun, 21 May 2023 15:17:09 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://an.yandex.ru/mapuid/upravelis/cc05bc02-5e7b-41da-8eef-ccac6fe978c0
access-control-allow-origin: *
content-type: image/png
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 0

GET
H2

200

Q6Y0V7hM8h1b2mKhg26RgQ
an.yandex.ru/mapuid/dmpaidatame/ Frame D2A7
Redirect Chain

https://x01.aidata.io/0.gif?pid=YANDEX
https://x01.aidata.io/0.gif?pid=YANDEX&bounce=1
https://an.yandex.ru/mapuid/dmpaidatame/Q6Y0V7hM8h1b2mKhg26RgQ?sign=1361673854

43 B
80 B

64ms
64ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/dmpaidatame/Q6Y0V7hM8h1b2mKhg26RgQ?sign=1361673854

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 15:17:09 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Sun, 21 May 2023 15:17:09 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sun, 21 May 2023 15:17:09 GMT

Redirect headers

pragma: no-cache
date: Sun, 21 May 2023 15:17:09 GMT
last-modified: Sun, 21 May 2023 15:17:08 GMT
server: nginx
access-control-allow-methods: GET, POST
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
location: https://an.yandex.ru/mapuid/dmpaidatame/Q6Y0V7hM8h1b2mKhg26RgQ?sign=1361673854
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
content-length: 0
expires: Sun, 21 May 2023 15:17:08 GMT

GET
H2

200

RYubvVEqJBO9
an.yandex.ru/mapuid/dmpsegmento/ Frame D2A7
Redirect Chain

https://yandex-dmp-sync.rutarget.ru/sync
https://an.yandex.ru/mapuid/dmpsegmento/RYubvVEqJBO9?sign=1641384796

43 B
80 B

66ms
66ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/dmpsegmento/RYubvVEqJBO9?sign=1641384796

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 15:17:09 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Sun, 21 May 2023 15:17:09 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sun, 21 May 2023 15:17:09 GMT

Redirect headers

Location: https://an.yandex.ru/mapuid/dmpsegmento/RYubvVEqJBO9?sign=1641384796
Date: Sun, 21 May 2023 15:17:09 GMT
Server: nginx
Connection: close
Content-Length: 0
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."

GET
H2

200

ubmg1-usq7Qa
an.yandex.ru/mapuid/rutargetis/ Frame D2A7
Redirect Chain

https://yandex-sync.rutarget.ru/sync
https://an.yandex.ru/mapuid/rutargetis/ubmg1-usq7Qa

43 B
80 B

63ms
62ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/rutargetis/ubmg1-usq7Qa

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 15:17:09 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Sun, 21 May 2023 15:17:09 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sun, 21 May 2023 15:17:09 GMT

Redirect headers

Location: https://an.yandex.ru/mapuid/rutargetis/ubmg1-usq7Qa
Date: Sun, 21 May 2023 15:17:09 GMT
Server: nginx
Connection: close
Content-Length: 0
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."

GET
H/1.1 200
Ok d.png
ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/ Frame D2A7 95 B
400 B 189ms
63ms Image
image/png 2a02:6b8::5:114
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/d.png?ex=yes

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::5:114 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sun, 21 May 2023 15:17:09 GMT
Strict-Transport-Security: max-age=315360000; includeSubDomains
Server: nginx/1.14.2
X-RT-IH: 0.0002
Content-Type: image/png
Cache-Control: private
Connection: close
X-RT-IQ: 0.0002
Content-Length: 95
Expires: Mon, 22 May 2023 15:17:09 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/2122350/
Redirect Chain

https://mc.yandex.ru/watch/2122350?wmode=7&page-url=https%3A%2F%2Fturkru.lol%2Fturk&nohit=1&charset=utf-8&cnt-class=1&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A11sypks4ojrd92w4vnwqw7z%3Afu%3A0%3Aen...
https://mc.yandex.ru/watch/2122350/1?wmode=7&page-url=https%3A%2F%2Fturkru.lol%2Fturk&nohit=1&charset=utf-8&cnt-class=1&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A11sypks4ojrd92w4vnwqw7z%3Afu%3A0%3A...

256 B
339 B

206ms
206ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/2122350/1?wmode=7&page-url=https%3A%2F%2Fturkru.lol%2Fturk&nohit=1&charset=utf-8&cnt-class=1&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A11sypks4ojrd92w4vnwqw7z%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1031%3Acn%3A1%3Adp%3A0%3Als%3A429005290875%3Ahid%3A257460379%3Az%3A0%3Ai%3A20230521151708%3Aet%3A1684682229%3Ac%3A1%3Arn%3A912849107%3Au%3A1684682229557803694%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Aco%3A0%3Acpf%3A1%3Ans%3A1684682226319%3Arqnl%3A1%3Ast%3A1684682229%3At%3ATurkRu%20%E2%80%93%20%D1%82%D1%83%D1%80%D0%B5%D1%86%D0%BA%D0%B8%D0%B5%20%D1%81%D0%B5%D1%80%D0%B8%D0%B0%D0%BB%D1%8B%202022%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%BD%D0%B0%20%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%BE%D0%BC%20%D1%8F%D0%B7%D1%8B%D0%BA%D0%B5%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%B2%20%D1%85%D0%BE%D1%80%D0%BE%D1%88%D0%B5%D0%BC%20%D0%BA%D0%B0%D1%87%D0%B5%D1%81%D1%82%D0%B2%D0%B5&t=clc%280-0-0%29aw%281%29ti%282%29

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

82ae7d29b4291230daa3e943fe9bd37b49de180c159c52486ac668417fabfa39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://turkru.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 15:17:09 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Sun, 21-May-2023 15:17:09 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://turkru.lol
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 256
x-xss-protection: 1; mode=block
expires: Sun, 21-May-2023 15:17:09 GMT

Redirect headers

pragma: no-cache
date: Sun, 21 May 2023 15:17:09 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 21-May-2023 15:17:09 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/2122350/1?wmode=7&page-url=https%3A%2F%2Fturkru.lol%2Fturk&nohit=1&charset=utf-8&cnt-class=1&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A11sypks4ojrd92w4vnwqw7z%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1031%3Acn%3A1%3Adp%3A0%3Als%3A429005290875%3Ahid%3A257460379%3Az%3A0%3Ai%3A20230521151708%3Aet%3A1684682229%3Ac%3A1%3Arn%3A912849107%3Au%3A1684682229557803694%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Aco%3A0%3Acpf%3A1%3Ans%3A1684682226319%3Arqnl%3A1%3Ast%3A1684682229%3At%3ATurkRu%20%E2%80%93%20%D1%82%D1%83%D1%80%D0%B5%D1%86%D0%BA%D0%B8%D0%B5%20%D1%81%D0%B5%D1%80%D0%B8%D0%B0%D0%BB%D1%8B%202022%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%BD%D0%B0%20%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%BE%D0%BC%20%D1%8F%D0%B7%D1%8B%D0%BA%D0%B5%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%B2%20%D1%85%D0%BE%D1%80%D0%BE%D1%88%D0%B5%D0%BC%20%D0%BA%D0%B0%D1%87%D0%B5%D1%81%D1%82%D0%B2%D0%B5&t=clc%280-0-0%29aw%281%29ti%282%29
access-control-allow-origin: https://turkru.lol
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Sun, 21-May-2023 15:17:09 GMT

GET
H2 200 240x400_atlas_P_.png
storage.mds.yandex.net/get-canvas-html5/895207/191a09ea-678a-4083-9cae-a35f155f10cf/ Frame 24F7 29 KB
30 KB 63ms
63ms Image
image/png 2a02:6b8::158
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.mds.yandex.net/get-canvas-html5/895207/191a09ea-678a-4083-9cae-a35f155f10cf/240x400_atlas_P_.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::158 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: nginx /
Resource Hash: fd00a453d6d8e4c5920292b6ce549688b6a1b36022edc001591037ddad17fe99

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 15:17:09 GMT
last-modified: Wed, 17 May 2023 13:14:13 GMT
server: nginx
etag: "4a4bd76ee184670eea0812af8653fc14"
x-cache-status: hit
content-type: image/png
x-data-size: 29930
access-control-allow-origin: *
x-mds-request-id: edb188ebf6c7f975
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-robots-tag: noindex, noarchive, nofollow
content-length: 29930

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ 164 KB
58 KB 93ms
93ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: turkru.lol
URL: https://turkru.lol/templates/turokserv3/js/share.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

1a688f34db585f469b29f57295dbef6c0af5c4d4726d8e028fd6706140ce086c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://turkru.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 15:17:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Thu, 18 May 2023 11:29:27 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6465e1e7-e52f"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 58671
expires: Sun, 21 May 2023 16:17:09 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 212 KB
73 KB 185ms
185ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: turkru.lol
URL: https://turkru.lol/turk

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

05938c082120419e0764cd9a81aa929f400f1eda2e33e546c98d8b0bfc67189d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://turkru.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 15:17:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Thu, 18 May 2023 11:29:27 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6465e1e7-12275"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 74357
expires: Sun, 21 May 2023 16:17:09 GMT

GET
H3

200

invisible.js Show response
turkru.lol/cdn-cgi/challenge-platform/h/g/scripts/jsd/7fe8adc8/ Frame FA86
Redirect Chain

https://turkru.lol/cdn-cgi/challenge-platform/scripts/invisible.js
https://turkru.lol/cdn-cgi/challenge-platform/h/g/scripts/jsd/7fe8adc8/invisible.js

23 KB
11 KB

25ms
24ms

Script
application/javascript

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://turkru.lol/cdn-cgi/challenge-platform/h/g/scripts/jsd/7fe8adc8/invisible.js

Protocol

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d0acec687d2a646dca8b7bd6a6f87786bc587fea2b6c9b41e88d095610a5097

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 15:17:09 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GoGi4Z10sVCrSBv29UqRdguc%2FifFQ0K3D%2B%2BGGYV5y07%2FBO3yQhg1%2BbpNhYVM9dCXQOt%2F410Tl27qfeNCpM%2FPj9Zd48XNMPLoqS1RV%2B15dpnoTuTFRpCfujAKD1uc37IryvGSqBf7Qsap"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 7cadc8dbc8089a39-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date: Sun, 21 May 2023 15:17:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=POFvHOZ%2FuqtVv7nNrqfwX34%2FbEZBhzD4TJZg5vmWORt5OWXWHaZHVSDG88zeudHoun7DlGiUY6KKiy2wbmnqvU%2FD7HdVaMHwEr9UwHlgWbXhUD3O85L4tZ2xk68j3hMqQfWriKIfRPiJ"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/7fe8adc8/invisible.js
cache-control: max-age=300, public
cf-ray: 7cadc8db9fda9a39-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 240x400_atlas_NP_.jpg
storage.mds.yandex.net/get-canvas-html5/895207/191a09ea-678a-4083-9cae-a35f155f10cf/ Frame 24F7 40 KB
41 KB 66ms
65ms Image
image/jpeg 2a02:6b8::158
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.mds.yandex.net/get-canvas-html5/895207/191a09ea-678a-4083-9cae-a35f155f10cf/240x400_atlas_NP_.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::158 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: nginx /
Resource Hash: 12e73de4b3f2f3a301634093a6ad1dc18585a1f7658a65779cdabe75d729df33

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 15:17:09 GMT
last-modified: Wed, 17 May 2023 13:14:13 GMT
server: nginx
etag: "5ea9542705f0ca1c63f0c2ac8a368c7b"
x-cache-status: hit
content-type: image/jpeg
x-data-size: 41235
access-control-allow-origin: *
x-mds-request-id: d8d350b764639d7
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-robots-tag: noindex, noarchive, nofollow
content-length: 41235

GET
H3 200 pica.js
turkru.lol/cdn-cgi/challenge-platform/h/g/scripts/ Frame FA86 6 KB
3 KB 24ms
24ms Other
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://turkru.lol/cdn-cgi/challenge-platform/h/g/scripts/pica.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61d22d811134b9272daa926867c09a51f59e627a89cba87f60b7699f7e7fc896

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 15:17:09 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X%2F8p3yoc3rL7iwx4HLCX4cDgBJjkXZMXAs6CX9wv2nMF1ZK2pfPQhHdhhqEtE461iMDmchsZOJn0rGny7o2veVrqrRrSsEnCAS3MvUdSD0yy3wt0gFjg4QDKgW9bKbpwLSL%2F9Ak8nLad"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 7cadc8dc08499a39-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

match
ads.betweendigital.com/ Frame 11F1
Redirect Chain

https://x.bidswitch.net/sync?ssp=between
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=05a4d2ac-9314-4b72-8864-cb742c682ddf
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=05a4d2ac-9314-4b72-8864-cb742c682ddf
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=36ef74b1-3837-46a2-b150-3f836ae7edf2&user_group=1&ssp=between&bsw_param=05a4d2ac-9314-4b72-8864-cb742c682ddf
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=05a4d2ac-9314-4b72-8864-cb742c682ddf

68 B
598 B

104ms
101ms

Image
image/png

96.46.183.20
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=22&external_user_id=05a4d2ac-9314-4b72-8864-cb742c682ddf
Protocol: H2
Server: 96.46.183.20 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

location: //ads.betweendigital.com/match?bidder_id=22&external_user_id=05a4d2ac-9314-4b72-8864-cb742c682ddf
date: Sun, 21 May 2023 15:17:09 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

POST
H3 200 7cadc8cb782c9273 Show response
turkru.lol/cdn-cgi/challenge-platform/h/g/cv/result/ Frame FA86 2 B
626 B 45ms
42ms XHR
text/plain 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://turkru.lol/cdn-cgi/challenge-platform/h/g/cv/result/7cadc8cb782c9273
Requested by: Host: turkru.lol
URL: https://turkru.lol/cdn-cgi/challenge-platform/scripts/invisible.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 21 May 2023 15:17:09 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9HGRcLtnu8TL%2BUFlgRzjAoQiGYNxNybFY838buf7QIrFqCakhJFrfCeeCzrlr8JQ13gJfcpzxx5fk6t5HAKnDCSiot0maNWg9UQh7U%2Fb%2FMNXMm2BVaufQ6jtrMbYMuxHbKTihcS3NYpF"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 7cadc8dd99ea9a39-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 26812653 Show response
mc.yandex.ru/watch/ 427 B
463 B 68ms
68ms XHR
application/json 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/26812653?wmode=7&page-url=https%3A%2F%2Fturkru.lol%2Fturk&charset=utf-8&site-info=%7B%22jquery%22%3Atrue%2C%22version%22%3A%222.2.4%22%2C%22shareVersion%22%3A2%7D&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A11sypks4ojrd92w4vnwqw7z%3Afp%3A679%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1031%3Acn%3A2%3Adp%3A1%3Als%3A259303315393%3Ahid%3A257460379%3Az%3A0%3Ai%3A20230521151709%3Aet%3A1684682229%3Ac%3A1%3Arn%3A64677008%3Arqn%3A1%3Au%3A1684682229557803694%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C0%2C128%2C1%2C149%2C%2C1%2C1225%2C10%2C1519%2C1519%2C0%2C1508%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1684682226319%3Arqnl%3A1%3Ast%3A1684682229%3At%3ATurkRu%20%E2%80%93%20%D1%82%D1%83%D1%80%D0%B5%D1%86%D0%BA%D0%B8%D0%B5%20%D1%81%D0%B5%D1%80%D0%B8%D0%B0%D0%BB%D1%8B%202022%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%BD%D0%B0%20%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%BE%D0%BC%20%D1%8F%D0%B7%D1%8B%D0%BA%D0%B5%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%B2%20%D1%85%D0%BE%D1%80%D0%BE%D1%88%D0%B5%D0%BC%20%D0%BA%D0%B0%D1%87%D0%B5%D1%81%D1%82%D0%B2%D0%B5&t=gdpr(14)mc(p-1-h-1)clc(0-0-0)rqnt(1)lt(33600)aw(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

be3c873ce6fed27cd2b5fb72519cf069999f18acbbaa79b58c735676de362b25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://turkru.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 15:17:09 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Sun, 21-May-2023 15:17:09 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://turkru.lol
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 427
x-xss-protection: 1; mode=block
expires: Sun, 21-May-2023 15:17:09 GMT

POST
H2 200 1 Show response
mc.yandex.ru/watch/2122350/ 43 B
74 B 67ms
66ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/2122350/1?page-url=https%3A%2F%2Fturkru.lol%2Fturk&charset=utf-8&cnt-class=1&hittoken=1684682229_1e795fbdb2023b2a1a48e4ec68d3df15b23e30906ee6e05907f3726da325d086&browser-info=pa%3A1%3Aar%3A1%3Avf%3A11sypks4ojrd92w4vnwqw7z%3Afp%3A679%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1031%3Acn%3A1%3Adp%3A1%3Als%3A429005290875%3Ahid%3A257460379%3Az%3A0%3Ai%3A20230521151709%3Aet%3A1684682229%3Ac%3A1%3Arn%3A380965741%3Arqn%3A1%3Au%3A1684682229557803694%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C0%2C128%2C1%2C149%2C%2C1%2C1225%2C10%2C1519%2C1519%2C0%2C1508%3Aco%3A0%3Acpf%3A1%3Ans%3A1684682226319%3Arqnl%3A1%3Ast%3A1684682229&t=mc(p-1-h-1)clc(0-0-0)rqnt(1)lt(33600)aw(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://turkru.lol/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sun, 21 May 2023 15:17:09 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 21-May-2023 15:17:09 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://turkru.lol
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sun, 21-May-2023 15:17:09 GMT

GET
H2 200 2122350 Show response
mc.yandex.ru/watch/ 43 B
74 B 67ms
67ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/2122350?page-url=https%3A%2F%2Fturkru.lol%2Fturk&charset=utf-8&cnt-class=1&hittoken=1684682229_1e795fbdb2023b2a1a48e4ec68d3df15b23e30906ee6e05907f3726da325d086&browser-info=pv%3A1%3Aar%3A1%3Avf%3A11sypks4ojrd92w4vnwqw7z%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1031%3Acn%3A1%3Adp%3A1%3Als%3A429005290875%3Ahid%3A257460379%3Az%3A0%3Ai%3A20230521151709%3Aet%3A1684682229%3Ac%3A1%3Arn%3A1057961639%3Arqn%3A2%3Au%3A1684682229557803694%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Aco%3A0%3Acpf%3A1%3Ans%3A1684682226319%3Arqnl%3A1%3Ast%3A1684682229%3At%3ATurkRu%20%E2%80%93%20%D1%82%D1%83%D1%80%D0%B5%D1%86%D0%BA%D0%B8%D0%B5%20%D1%81%D0%B5%D1%80%D0%B8%D0%B0%D0%BB%D1%8B%202022%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%BD%D0%B0%20%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%BE%D0%BC%20%D1%8F%D0%B7%D1%8B%D0%BA%D0%B5%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%B2%20%D1%85%D0%BE%D1%80%D0%BE%D1%88%D0%B5%D0%BC%20%D0%BA%D0%B0%D1%87%D0%B5%D1%81%D1%82%D0%B2%D0%B5&t=mc(p-1-h-1)clc(0-0-0)rqnt(2)lt(33600)aw(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://turkru.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 15:17:09 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 21-May-2023 15:17:09 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://turkru.lol
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sun, 21-May-2023 15:17:09 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
113 B 63ms
63ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://turkru.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 15:17:09 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 18 May 2023 11:29:27 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6465e1e7-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Sun, 21 May 2023 16:17:09 GMT

GET
H2 200 86315266 Show response
mc.yandex.ru/watch/ 420 B
455 B 64ms
63ms XHR
application/json 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/86315266?wmode=7&page-url=https%3A%2F%2Fturkru.lol%2Fturk&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A10ym9geic8i73flogxj2lsv%3Afp%3A679%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1031%3Acn%3A3%3Adp%3A0%3Als%3A1003038217845%3Ahid%3A257460379%3Az%3A0%3Ai%3A20230521151709%3Aet%3A1684682229%3Ac%3A1%3Arn%3A292162456%3Arqn%3A1%3Au%3A1684682229557803694%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C128%2C1%2C149%2C%2C1%2C1225%2C10%2C1519%2C1519%2C0%2C1508%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1684682226319%3Arqnl%3A1%3Ast%3A1684682229%3At%3ATurkRu%20%E2%80%93%20%D1%82%D1%83%D1%80%D0%B5%D1%86%D0%BA%D0%B8%D0%B5%20%D1%81%D0%B5%D1%80%D0%B8%D0%B0%D0%BB%D1%8B%202022%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%BD%D0%B0%20%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%BE%D0%BC%20%D1%8F%D0%B7%D1%8B%D0%BA%D0%B5%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%B2%20%D1%85%D0%BE%D1%80%D0%BE%D1%88%D0%B5%D0%BC%20%D0%BA%D0%B0%D1%87%D0%B5%D1%81%D1%82%D0%B2%D0%B5&t=gdpr(14)mc(p-2-h-1)clc(0-0-0)rqnt(1)lt(33600)aw(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

31f91a2f24b0a71605d84ec51616bd508db35dbfb52463591bd9d58e5b94bb86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://turkru.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 15:17:09 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Sun, 21-May-2023 15:17:09 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://turkru.lol
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 420
x-xss-protection: 1; mode=block
expires: Sun, 21-May-2023 15:17:09 GMT

POST
H2 200 1 Show response
mc.yandex.ru/watch/26812653/ 43 B
74 B 64ms
63ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/26812653/1?page-url=https%3A%2F%2Fturkru.lol%2Fturk&charset=utf-8&hittoken=1684682229_1517c2d4f785cf2905faffaa796624b5669018ba8c8fe6f3393fcfbe995a0cc8&browser-info=pa%3A1%3Aar%3A1%3Avf%3A11sypks4ojrd92w4vnwqw7z%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1031%3Acn%3A2%3Adp%3A1%3Als%3A259303315393%3Ahid%3A257460379%3Az%3A0%3Ai%3A20230521151709%3Aet%3A1684682229%3Ac%3A1%3Arn%3A520736322%3Arqn%3A2%3Au%3A1684682229557803694%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1684682226319%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1684682229&t=gdpr(14)mc(p-3-h-1)clc(0-0-0)rqnt(2)lt(33600)aw(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://turkru.lol/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sun, 21 May 2023 15:17:09 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 21-May-2023 15:17:09 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://turkru.lol
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sun, 21-May-2023 15:17:09 GMT

POST
H2 200 1 Show response
mc.yandex.ru/watch/86315266/ 43 B
74 B 60ms
60ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/86315266/1?page-url=https%3A%2F%2Fturkru.lol%2Fturk&charset=utf-8&hittoken=1684682229_63c2807c88aa3ed08dbf01b6502b66f563d7b11d9671b3efeb8093722fb4b64a&browser-info=pa%3A1%3Aar%3A1%3Avf%3A10ym9geic8i73flogxj2lsv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1031%3Acn%3A3%3Adp%3A0%3Als%3A1003038217845%3Ahid%3A257460379%3Az%3A0%3Ai%3A20230521151709%3Aet%3A1684682229%3Ac%3A1%3Arn%3A110206947%3Arqn%3A2%3Au%3A1684682229557803694%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1684682226319%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1684682229&t=gdpr(14)mc(p-3-h-1)clc(0-0-0)rqnt(2)lt(33600)aw(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://turkru.lol/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sun, 21 May 2023 15:17:09 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 21-May-2023 15:17:09 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://turkru.lol
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sun, 21-May-2023 15:17:09 GMT

GET
H2

200

8e0a8718-f7ea-11ed-a1c4-002590c82437
an.yandex.ru/mapuid/adsniperis/ Frame 11F1
Redirect Chain

https://sync.bumlam.com/?src=aid0
https://sync.bumlam.com/?src=aid0&s_data=CAIQARj166ijBqIBEI4Khxj36hHtocQAJZDIJDc*
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=8e0a8718-f7ea-11ed-a1c4-002590c82437
https://sync.bumlam.com/?src=aid1&uid=Q6Y0V7hM8h1b2mKhg26RgQ&
https://an.yandex.ru/mapuid/adsniperis/8e0a8718-f7ea-11ed-a1c4-002590c82437

43 B
80 B

61ms
61ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/adsniperis/8e0a8718-f7ea-11ed-a1c4-002590c82437

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 15:17:09 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Sun, 21 May 2023 15:17:09 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sun, 21 May 2023 15:17:09 GMT

Redirect headers

Date: Sun, 21 May 2023 15:17:09 GMT
Server: nginx
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://an.yandex.ru/mapuid/adsniperis/8e0a8718-f7ea-11ed-a1c4-002590c82437
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0

GET
H2

200

usync.html Show response
eus.rubiconproject.com/ Frame 6FE1
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu

281 B
401 B

29ms
21ms

Document
text/html

23.201.255.110
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Requested by: Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=8fa756dd-cdb1-538d-8ba4-eb77efcede83&CACHEBUSTER=12463
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.255.110 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-255-110.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://cache.betweendigital.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 233
content-type: text/html; charset=UTF-8
date: Sun, 21 May 2023 15:17:09 GMT
etag: "403b9-119-5ec73a0a33d00"
last-modified: Wed, 02 Nov 2022 02:30:44 GMT
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Sun, 21 May 2023 15:17:09 GMT
location: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
server: AkamaiGHost

GET
H2 200 usync.js Show response
eus.rubiconproject.com/ Frame 6FE1 34 KB
10 KB 61ms
61ms Script
text/html 23.201.255.110
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.255.110 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-255-110.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: fbd313762cb3406cf59cfd0cb482fccf9b76f79ccbb80caf324ce80cf465eb8f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 15:17:09 GMT
content-encoding: gzip
last-modified: Sun, 21 May 2023 04:27:12 GMT
server: Apache/2.2.15 (CentOS)
x-powered-by: PHP/5.3.3
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control: max-age=47428
content-length: 10085
expires: Mon, 22 May 2023 04:27:37 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 6FE1 284 B
536 B 125ms
21ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 12463
www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/ Frame 11F1 43 B
414 B 59ms
52ms Image
image/gif 2001:6d0:4001::226
ADFACT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/12463

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:6d0:4001::226 , Russian Federation, ASN52016 (ADFACT, RU),

Reverse DNS

Software

ms-counter-4.0.4/1.22.1 /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=2678400

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 15:17:10 GMT
strict-transport-security: max-age=2678400
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: ms-counter-4.0.4/1.22.1
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1

200
OK

match
s.pubmine.com/ Frame 11F1
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=429&user_id=8fa756dd-cdb1-538d-8ba4-eb77efcede83&expires=60
https://s.pubmine.com/match?bidder_id=1&external_user_id=05a4d2ac-9314-4b72-8864-cb742c682ddf&ssp_data=&gdpr=&gdpr_consent=

43 B
286 B

413ms
29ms

Image
image/gif

99.80.114.174
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.pubmine.com/match?bidder_id=1&external_user_id=05a4d2ac-9314-4b72-8864-cb742c682ddf&ssp_data=&gdpr=&gdpr_consent=
Protocol: HTTP/1.1
Server: 99.80.114.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-114-174.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sun, 21 May 2023 15:17:10 GMT
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

Redirect headers

location: //s.pubmine.com/match?bidder_id=1&external_user_id=05a4d2ac-9314-4b72-8864-cb742c682ddf&ssp_data=&gdpr=&gdpr_consent=
date: Sun, 21 May 2023 15:17:10 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 bundle.js Show response
yastatic.net/q/set/s/rsya-tag-users/ Frame D2A7 105 KB
37 KB 16ms
16ms Script
application/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Requested by

Host: turkru.lol
URL: https://turkru.lol/turk

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

e1cff21864c46e1da263fa83c14ed6d190bc5afbdd35188de15f10eb8bedd264

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 15:17:10 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
last-modified: Fri, 29 Oct 2021 11:19:01 GMT
server: nginx/1.17.9
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
etag: W/"82bdc8db563d3e71c35534315f8a9fd5"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556952
x-nginx-request-id: 2732844ac7fc8ed7
timing-allow-origin: *
expires: Wed, 24 May 2023 03:15:25 GMT

GET
H2 204 /
onetag-sys.com/usync/ Frame 4EF2 0
0 73ms
22ms Document
text/plain 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=5d1628750185ace

Requested by

Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=8fa756dd-cdb1-538d-8ba4-eb77efcede83&CACHEBUSTER=12463

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://cache.betweendigital.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ Frame D2A7 164 KB
58 KB 120ms
119ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

a897250f8668473152c718ddcbdcf0cd86f586ec97d5e8acc2d6565ae538804d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 15:17:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Thu, 18 May 2023 11:29:27 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6465e1e7-e569"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 58729
expires: Sun, 21 May 2023 16:17:10 GMT

GET
H2 200 data Show response
yandex.ru/set/s/rsya-tag-users/ Frame D2A7 403 B
759 B 77ms
77ms Fetch
application/json 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/set/s/rsya-tag-users/data?referrer=https%3A%2F%2Fturkru.lol%2F

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

2f09539e00b1c33ea333f130cbc0c05461c110136ba6f3a40ed670a5cff52c6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 15:17:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id: 1684682230645972-15334452689773372584-balancer-l7leveler-kubr-yp-vla-162-BAL
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: public,max-age=300
access-control-allow-credentials: true
x-xss-protection: 1; mode=block

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ Frame D2A7 44 KB
16 KB 124ms
62ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

d1d4b13b6b62293eee3575a6c1d35231930ced05389a35a4b3927cd044d772c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 15:17:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16317
x-xss-protection: 0
server: cafe
etag: 17608669495769964972
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 21 May 2023 15:17:10 GMT

GET
H2

200

/
www.google.nl/pagead/1p-user-list/1014923426/ Frame D2A7
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=9jVqZOyeL5KmxwL0lo2QDQ...
https://www.google.com/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=132078154&crd=&is_vtc=1&random=2876207738
https://www.google.nl/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=132078154&crd=&is_vtc=1&random=2876207738&ipr=y

42 B
108 B

31ms
30ms

Image
image/gif

2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=132078154&crd=&is_vtc=1&random=2876207738&ipr=y

Protocol

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 15:17:10 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 21 May 2023 15:17:10 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.nl/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=132078154&crd=&is_vtc=1&random=2876207738&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.nl/pagead/1p-user-list/1014923426/ Frame D2A7
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=9jVqZK-iL8yk1gb3k6XADA...
https://www.google.com/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=714622180&crd=&is_vtc=1&random=2287416560
https://www.google.nl/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=714622180&crd=&is_vtc=1&random=2287416560&ipr=y

42 B
108 B

30ms
30ms

Image
image/gif

2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=714622180&crd=&is_vtc=1&random=2287416560&ipr=y

Protocol

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 15:17:10 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 21 May 2023 15:17:10 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.nl/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=714622180&crd=&is_vtc=1&random=2287416560&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 3 Show response
mc.yandex.ru/watch/ Frame D2A7 256 B
352 B 61ms
61ms XHR
application/json 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fturkru.lol%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A11sypks4ojrd92w4vnwqx0f%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1031%3Acn%3A1%3Adp%3A0%3Als%3A886800240239%3Ahid%3A179269793%3Az%3A0%3Ai%3A20230521151710%3Aet%3A1684682231%3Ac%3A1%3Arn%3A467993289%3Arqn%3A1%3Au%3A1684682231803225013%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C26%2C14%2C1%2C0%2C0%2C%2C22%2C0%2C64%2C64%2C0%2C64%3Aco%3A0%3Acpf%3A1%3Ans%3A1684682228579%3Ast%3A1684682231&t=clc(0-0-0)rqnt(1)aw(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

7a20062ccb79ee5a9919219479c4f6e6c073292e3302ddc1131b71db460f362f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 15:17:10 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Sun, 21-May-2023 15:17:10 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 256
x-xss-protection: 1; mode=block
expires: Sun, 21-May-2023 15:17:10 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ Frame D2A7 43 B
73 B 61ms
61ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 15:17:10 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 18 May 2023 11:29:27 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6465e1e7-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Sun, 21 May 2023 16:17:10 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/ Frame D2A7 3 KB
2 KB 35ms
33ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/?random=1684682230837&cv=9&fst=1684682230837&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=b%3D%3Bbrowser%3Dchrome%3Bextensions%3D%3Bfresh%3D0%3BfromCancel%3Dfalse%3BfromGoogle%3Dfalse%3Binfected%3D%3Bloyal%3D0%3Bold%3Dactual%3Bos%3Dwindows%3Bp%3D%3Bsbscrb%3D%3Bslow%3D%3Bwinxp%3Dfalse&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fturkru.lol%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e21dc3de1d9135677e53c61aaffe45b7bd3191c429614720bbca99b86bdaedc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 15:17:10 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1370
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/ Frame D2A7 3 KB
2 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/?random=1684682230840&cv=9&fst=1684682230840&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=b%3D%3Bbrowser%3Dchrome%3Bextensions%3D%3Bfresh%3D0%3BfromCancel%3Dfalse%3BfromGoogle%3Dfalse%3Binfected%3D%3Bloyal%3D0%3Bold%3Dactual%3Bos%3Dwindows%3Bp%3D%3Bsbscrb%3D%3Bslow%3D%3Bwinxp%3Dfalse&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fturkru.lol%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

99878813ef27d7f81adacd738cba9f79cd345fe227da888e9c94c2829cc95ffb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 15:17:10 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1381
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/ Frame D2A7 3 KB
2 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/?random=1684682230847&cv=9&fst=1684682230847&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=b%3D%3Bbrowser%3Dchrome%3Bextensions%3D%3Bfresh%3D0%3BfromCancel%3Dfalse%3BfromGoogle%3Dfalse%3Binfected%3D%3Bloyal%3D0%3Bold%3Dactual%3Bos%3Dwindows%3Bp%3D%3Bsbscrb%3D%3Bslow%3D%3Bwinxp%3Dfalse&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fturkru.lol%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

215705199ae48257df5c07c85aa2bcfcb37a7ea3462c160a17c08c0cd5a4bfc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 15:17:10 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1372
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/ Frame D2A7 3 KB
2 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/?random=1684682230848&cv=9&fst=1684682230848&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=b%3D%3Bbrowser%3Dchrome%3Bextensions%3D%3Bfresh%3D0%3BfromCancel%3Dfalse%3BfromGoogle%3Dfalse%3Binfected%3D%3Bloyal%3D0%3Bold%3Dactual%3Bos%3Dwindows%3Bp%3D%3Bsbscrb%3D%3Bslow%3D%3Bwinxp%3Dfalse&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fturkru.lol%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ffaadd420e3b7b6c745a174f905feadf98976c8330dd3ae1f9e327b1a113c98e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 15:17:10 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1381
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/947884341/ Frame D2A7 42 B
108 B 78ms
32ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/947884341/?random=1684682230837&cv=9&fst=1684681200000&num=1&guid=ON&eid=466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=b%3D%3Bbrowser%3Dchrome%3Bextensions%3D%3Bfresh%3D0%3BfromCancel%3Dfalse%3BfromGoogle%3Dfalse%3Binfected%3D%3Bloyal%3D0%3Bold%3Dactual%3Bos%3Dwindows%3Bp%3D%3Bsbscrb%3D%3Bslow%3D%3Bwinxp%3Dfalse&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fturkru.lol%2F&async=1&fmt=3&is_vtc=1&random=3678860537&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 15:17:10 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.nl/pagead/1p-user-list/947884341/ Frame D2A7 42 B
108 B 83ms
33ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/pagead/1p-user-list/947884341/?random=1684682230837&cv=9&fst=1684681200000&num=1&guid=ON&eid=466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=b%3D%3Bbrowser%3Dchrome%3Bextensions%3D%3Bfresh%3D0%3BfromCancel%3Dfalse%3BfromGoogle%3Dfalse%3Binfected%3D%3Bloyal%3D0%3Bold%3Dactual%3Bos%3Dwindows%3Bp%3D%3Bsbscrb%3D%3Bslow%3D%3Bwinxp%3Dfalse&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fturkru.lol%2F&async=1&fmt=3&is_vtc=1&random=3678860537&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 15:17:10 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/693627671/ Frame D2A7 42 B
108 B 75ms
33ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/693627671/?random=1684682230840&cv=9&fst=1684681200000&num=1&guid=ON&eid=466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=b%3D%3Bbrowser%3Dchrome%3Bextensions%3D%3Bfresh%3D0%3BfromCancel%3Dfalse%3BfromGoogle%3Dfalse%3Binfected%3D%3Bloyal%3D0%3Bold%3Dactual%3Bos%3Dwindows%3Bp%3D%3Bsbscrb%3D%3Bslow%3D%3Bwinxp%3Dfalse&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fturkru.lol%2F&async=1&fmt=3&is_vtc=1&random=278669094&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 15:17:10 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.nl/pagead/1p-user-list/693627671/ Frame D2A7 42 B
108 B 81ms
33ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/pagead/1p-user-list/693627671/?random=1684682230840&cv=9&fst=1684681200000&num=1&guid=ON&eid=466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=b%3D%3Bbrowser%3Dchrome%3Bextensions%3D%3Bfresh%3D0%3BfromCancel%3Dfalse%3BfromGoogle%3Dfalse%3Binfected%3D%3Bloyal%3D0%3Bold%3Dactual%3Bos%3Dwindows%3Bp%3D%3Bsbscrb%3D%3Bslow%3D%3Bwinxp%3Dfalse&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fturkru.lol%2F&async=1&fmt=3&is_vtc=1&random=278669094&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 15:17:10 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/947884341/ Frame D2A7 42 B
108 B 73ms
32ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/947884341/?random=1684682230847&cv=9&fst=1684681200000&num=1&guid=ON&eid=466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=b%3D%3Bbrowser%3Dchrome%3Bextensions%3D%3Bfresh%3D0%3BfromCancel%3Dfalse%3BfromGoogle%3Dfalse%3Binfected%3D%3Bloyal%3D0%3Bold%3Dactual%3Bos%3Dwindows%3Bp%3D%3Bsbscrb%3D%3Bslow%3D%3Bwinxp%3Dfalse&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fturkru.lol%2F&async=1&fmt=3&is_vtc=1&random=2126398915&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 15:17:10 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.nl/pagead/1p-user-list/947884341/ Frame D2A7 42 B
455 B 78ms
31ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/pagead/1p-user-list/947884341/?random=1684682230847&cv=9&fst=1684681200000&num=1&guid=ON&eid=466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=b%3D%3Bbrowser%3Dchrome%3Bextensions%3D%3Bfresh%3D0%3BfromCancel%3Dfalse%3BfromGoogle%3Dfalse%3Binfected%3D%3Bloyal%3D0%3Bold%3Dactual%3Bos%3Dwindows%3Bp%3D%3Bsbscrb%3D%3Bslow%3D%3Bwinxp%3Dfalse&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fturkru.lol%2F&async=1&fmt=3&is_vtc=1&random=2126398915&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 15:17:10 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/693627671/ Frame D2A7 42 B
108 B 65ms
33ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/693627671/?random=1684682230848&cv=9&fst=1684681200000&num=1&guid=ON&eid=466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=b%3D%3Bbrowser%3Dchrome%3Bextensions%3D%3Bfresh%3D0%3BfromCancel%3Dfalse%3BfromGoogle%3Dfalse%3Binfected%3D%3Bloyal%3D0%3Bold%3Dactual%3Bos%3Dwindows%3Bp%3D%3Bsbscrb%3D%3Bslow%3D%3Bwinxp%3Dfalse&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fturkru.lol%2F&async=1&fmt=3&is_vtc=1&random=2127957503&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 15:17:10 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.nl/pagead/1p-user-list/693627671/ Frame D2A7 42 B
108 B 30ms
29ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/pagead/1p-user-list/693627671/?random=1684682230848&cv=9&fst=1684681200000&num=1&guid=ON&eid=466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=b%3D%3Bbrowser%3Dchrome%3Bextensions%3D%3Bfresh%3D0%3BfromCancel%3Dfalse%3BfromGoogle%3Dfalse%3Binfected%3D%3Bloyal%3D0%3Bold%3Dactual%3Bos%3Dwindows%3Bp%3D%3Bsbscrb%3D%3Bslow%3D%3Bwinxp%3Dfalse&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fturkru.lol%2F&async=1&fmt=3&is_vtc=1&random=2127957503&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 15:17:10 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 37412095 Show response
mc.yandex.ru/watch/ Frame D2A7 439 B
547 B 64ms
63ms XHR
application/json 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/37412095?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fturkru.lol%2F&charset=utf-8&site-info=%7B%22b%22%3A%22%22%2C%22browser%22%3A%22chrome%22%2C%22extensions%22%3A%22%22%2C%22fresh%22%3A%220%22%2C%22fromCancel%22%3A%22false%22%2C%22fromGoogle%22%3A%22false%22%2C%22infected%22%3A%22%22%2C%22loyal%22%3A%220%22%2C%22old%22%3A%22actual%22%2C%22os%22%3A%22windows%22%2C%22p%22%3A%22%22%2C%22sbscrb%22%3A%22%22%2C%22slow%22%3A%22%22%2C%22winxp%22%3A%22false%22%2C%22yabroAge%22%3Anull%7D&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A11sypks4ojrd92w4vnwqx0f%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1031%3Acn%3A2%3Adp%3A1%3Als%3A1298073237042%3Ahid%3A179269793%3Aphid%3A257460379%3Az%3A0%3Ai%3A20230521151711%3Aet%3A1684682231%3Ac%3A1%3Arn%3A516403771%3Arqn%3A1%3Au%3A1684682231803225013%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C26%2C14%2C1%2C0%2C0%2C%2C22%2C0%2C64%2C64%2C0%2C64%3Aco%3A0%3Acpf%3A1%3Ans%3A1684682228579%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1684682231%3At%3A&t=gdpr(6)clc(0-0-0)rqnt(1)lt(20300)aw(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

5423c9f6cf3737cfcc468d990e5a3e6aa551c8f43d7a5e891a2fbf2d14e11f7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 15:17:11 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Sun, 21-May-2023 15:17:11 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 439
x-xss-protection: 1; mode=block
expires: Sun, 21-May-2023 15:17:11 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ssp.bidvol.com
URL: https://ssp.bidvol.com/rtb/pl999

Domain: mitdmp.whiteboxdigital.ru
URL: https://mitdmp.whiteboxdigital.ru/pixel?id=a&source=yandex&redirect=false&href=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fqbitis%2F%7Bmiid%7D

Verdicts & Comments Add Verdict or Comment

174 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

75 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
yastatic.net/safeframe-bundles/0.83/1-1-0	1970-01-20 12:06:40	Name: pcssspb Value: 1
yastatic.net/safeframe-bundles/0.83/1-1-0	1970-01-20 11:59:28	Name: afpix Value: 1
yastatic.net/safeframe-bundles/0.83/1-1-0	1970-01-20 11:59:28	Name: pcs3 Value: 1
kimberlite.io/rtb/sync	1970-01-20 11:58:02	Name: f Value: https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsoltadspis%2FZGo19GD9tB8
kimberlite.io/rtb/sync	1970-01-20 11:58:02	Name: n Value: 3
.dmg.digitaltarget.ru/1/119/i	1970-01-20 21:34:02	Name: viuserid Value: yzeyknR-qyIksrv7sXw4
turkru.lol/	1969-12-31 23:59:59	Name: PHPSESSID Value: 47nf72p0rft7ngf1c97it9v92k
.yandex.ru/	1970-01-20 21:34:02	Name: i Value: J7x+SZwx7Ti1bJsJpuoucrENjvQLmrAWFNyzPH4A1fdijakfihKFTwJgxHPxTnAsl4r1JLC1j+Pn4e2W1jknKfDDZ9A=
.yandex.ru/	1970-01-20 20:43:38	Name: yandexuid Value: 1599924381684682227
.exchange.buzzoola.com/	1970-01-20 12:41:14	Name: uuid Value: 14250800-44de-4f5f-7a33-904751a7381b
.exchange.buzzoola.com/	1970-01-20 11:58:45	Name: cookiesyncs Value: 000000000000000000000000d93dab9edf0912baf9008f35866978f1
.ssp-rtb.sape.ru/	1970-01-20 21:34:02	Name: sspuid Value: CkIDIGRqNfQBTALSCwfEAt9Smht6jmwNEVZ2Hz2S8KpuljPt
.otm-r.com/	1970-01-20 20:43:38	Name: mpid Value: NjQ2YTM1ZjQwNTZiMGRlMA==
.acint.net/	1970-01-20 11:58:02	Name: test_cookie Value: CheckForPermission
.acint.net/	1970-01-20 21:34:02	Name: aid Value: fwAAAWRqNfQNWQefE+93AoLjRatCk71i8/D/A99BI52wHvml
.betweendigital.com/	1970-01-20 20:43:38	Name: dc Value: was1
.betweendigital.com/	1970-01-20 20:43:38	Name: ss Value: 1
.betweendigital.com/	1970-01-20 20:43:38	Name: tuuid Value: 8fa756dd-cdb1-538d-8ba4-eb77efcede83
.betweendigital.com/	1970-01-20 20:43:38	Name: unm Value: 1
.bidswitch.net/	1970-01-20 20:43:38	Name: c Value: 1684682228
.bidswitch.net/	1970-01-20 20:43:38	Name: tuuid_lu Value: 1684682228
.bidswitch.net/	1970-01-20 20:43:38	Name: tuuid Value: 05a4d2ac-9314-4b72-8864-cb742c682ddf
.acint.net/	1970-01-20 12:41:14	Name: cSyncDp14v3 Value: 1684682228
.yahoo.com/	1970-01-20 20:43:59	Name: A3 Value: d=AQABBPQ1amQCEIcHT6SNwas0uKnwXTDt3YMFEgEBAQGHa2R0ZO2LzSMA_eMAAA&S=AQAAAo9ABuE2jVgPsRFxQazBvzw
.analytics.yahoo.com/	1970-01-20 20:43:38	Name: IDSYNC Value: 199l~2brr
px.arcspire.io/	1970-01-20 12:41:14	Name: arcid Value: 879f36d606fbf3dff77588
.360yield.com/	1970-01-20 14:07:38	Name: tuuid_lu Value: 1684682228
.yadro.ru/	1970-01-20 20:42:32	Name: FTID Value: 1aQZNq3pNj8Z1aQZNq001N-U
.360yield.com/	1970-01-20 14:07:38	Name: tuuid Value: 99354221-effb-453b-a08f-cb87365ea9bb
.adhigh.net/	1970-01-20 20:43:38	Name: gi_u Value: eQyycnORXzn.AikABlGIPuLELg
.tns-counter.ru/	1970-01-20 20:43:38	Name: guid Value: EF63683B646A35F4X1684682228
.yadro.ru/	1970-01-20 20:42:32	Name: VID Value: 0a4ZZ32Tqx8Z1aQZNq0010pb
.adx.opera.com/	1970-01-20 20:43:38	Name: UID Value: OPU94e1fe8aec8044538d07debd6727573a
kimberlite.io/	1970-01-20 14:07:38	Name: u Value: ZGo19GD9tB8~AASiUt6uWlSaWgLIJjxXNaJ8y74
.adhigh.net/	1970-01-20 20:43:38	Name: btw_sync Value: LKQe
.yandex.ru/	1970-01-20 20:43:38	Name: yuidss Value: 1599924381684682227
.demdex.net/	1970-01-20 16:17:14	Name: demdex Value: 38077183497019258830945478790754481262
.adhigh.net/	1970-01-20 20:43:38	Name: yandexssp_sync Value: LKQe
.weborama.fr/	1970-01-20 21:23:57	Name: AFFICHE_W Value: fDj7HqLLDD1814
.uuidksinc.net/	1970-01-20 20:43:38	Name: jcsuuid Value: IwF8gVE7htcmGP6LfRRZ
.ohmy.bid/	1970-01-20 12:41:14	Name: uid Value: dd796d5f-5e63-4ef0-8b89-8458424bbbeb.646a35f4.57906c8171e4e497
.dpm.demdex.net/	1970-01-20 16:17:14	Name: dpm Value: 38077183497019258830945478790754481262
.sonar.semantiqo.com/	1970-01-20 21:34:02	Name: semantiqo_a Value: ad0c7ab560f54226a83a5e78bd83f51f
.sonar.semantiqo.com/	1970-01-20 20:53:43	Name: check Value: 99a5ea6b6090456d890d4d24d366f86c
.mts.ru/	1970-01-20 20:30:40	Name: dspid Value: f717081e-0b3d-4352-9ac1-94ccf6c69bba
sync.gonet-ads.com/	1969-12-31 23:59:59	Name: chk Value: 1
mc.yandex.ru/	1969-12-31 23:59:59	Name: yabs-sid Value: 2295776441684682229
.yandex.ru/	1970-01-20 20:43:38	Name: ymex Value: 1716218229.yrts.1684682229
.yandex.ru/	1970-01-20 20:43:38	Name: bh Value: KgI/MA==
.upravel.com/	1970-01-20 11:58:02	Name: session_tptc Value: 1684682229074
.upravel.com/	1970-01-20 21:34:02	Name: user_id Value: cc05bc02-5e7b-41da-8eef-ccac6fe978c0
.gonet-ads.com/	1970-01-20 20:45:04	Name: pid Value: NjcyMmEwMWYyN2UyNDU2ZQ
.aidata.io/	1970-01-20 21:34:02	Name: __upin Value: Q6Y0V7hM8h1b2mKhg26RgQ
.aidata.io/	1970-01-20 21:34:02	Name: __upints Value: 1684682229
.caltat.com/	1970-01-20 21:34:02	Name: caltat Value: d7799b2e0ee149b0ac78f14c96d5e453
.rutarget.ru/	1970-01-20 16:17:14	Name: userId Value: ubmg1-usq7Qa
.turkru.lol/	1970-01-20 20:43:38	Name: _ym_uid Value: 1684682229557803694
.turkru.lol/	1970-01-20 20:43:38	Name: _ym_d Value: 1684682229
pool.admedo.com/	1970-01-20 20:43:38	Name: tuuid Value: 36ef74b1-3837-46a2-b150-3f836ae7edf2
pool.admedo.com/	1970-01-20 20:43:38	Name: c Value: 1684682229
pool.admedo.com/	1970-01-20 20:43:38	Name: tuuid_lu Value: 1684682229
.turkru.lol/	1970-01-20 11:58:04	Name: __cf_bm Value: 98Ianh_6iu4kJUF7JjEwcHByUBeRvS8BMQWRL_iPAbM-1684682229-0-AYFlxHacOYMVNprkNZuPt6OQ0cRYCFHOhgQZQOs1aU1XSNzxanL0aw9plJP3rkqJbbj56o/A3Z7bXbi+dA1eLSIKxMov4TZXSmP7k3NlaXji
x01.aidata.io/	1970-01-20 12:08:07	Name: yaya Value: 1
.turkru.lol/	1970-01-20 11:59:14	Name: _ym_isad Value: 2
.mts.ru/	1970-01-20 21:34:02	Name: mts_id_last_sync Value: 1684682229
.magnitent.com/	1970-01-20 21:34:02	Name: sonar Value: ad0c7ab560f54226a83a5e78bd83f51f
.magnitent.com/	1970-01-20 21:34:02	Name: ct Value: d7799b2e0ee149b0ac78f14c96d5e453
.magnitent.com/	1970-01-20 21:34:02	Name: spid Value: DADD923691AE0D3A
.magnitent.com/	1970-01-20 12:42:40	Name: 3db Value: DADD923691AE0D3A
.mts.ru/	1970-01-20 21:34:02	Name: mts_id Value: a67025e5-bac5-4192-b87f-62c8e91562d0
.betweendigital.com/	1970-01-20 20:43:38	Name: ut Value: ZGo19QAH9xB_r-C0b3Erz1y_jq7EEpqZJnMR3A==
.bumlam.com/	1970-01-20 21:34:02	Name: suuid3 Value: IiQ4ZTBhODcxOC1mN2VhLTExZWQtYTFjNC0wMDI1OTBjODI0Mzc*
.yandex.ru/	1970-01-20 21:34:02	Name: is_gdpr Value: 1
.yandex.ru/	1970-01-20 21:34:02	Name: is_gdpr_b Value: CI3/eBDSuAEYAQ==
.doubleclick.net/	1970-01-20 11:58:03	Name: test_cookie Value: CheckForPermission

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acint.net
ads.betweendigital.com
an.yandex.ru
cache.betweendigital.com
cdn.adfinity.pro
cdn3.caltat.com
cm.g.doubleclick.net
cm.tns-counter.ru
counter.yadro.ru
dm.hybrid.ai
dmg.digitaltarget.ru
dpm.demdex.net
eus.rubiconproject.com
euw-ice.360yield.com
exchange.buzzoola.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hbe199.hybrid.ai
im.bluevoox.com
kimberlite.io
match.360yield.com
match.new-programmatic.com
matchid.adfox.yandex.ru
mc.yandex.ru
mitdmp.whiteboxdigital.ru
nr.bidderstack.com
onetag-sys.com
pb.adriver.ru
pixel.konnektu.ru
pool.admedo.com
profile.ssp.rambler.ru
px.adhigh.net
px.arcspire.io
redirect.frontend.weborama.fr
rtb-eu-warsaw.intent.ai
rtb.programattik.com
s.pubmine.com
s.uuidksinc.net
secure-assets.rubiconproject.com
sm.rtb.mts.ru
solta-sync.rutarget.ru
sonar.semantiqo.com
sp.ohmy.bid
ssp-rtb.sape.ru
ssp.adriver.ru
ssp.bidvol.com
storage.mds.yandex.net
sync.adkernel.com
sync.bumlam.com
sync.dmp.otm-r.com
sync.gonet-ads.com
sync.magnitent.com
sync.upravel.com
t.adx.opera.com
tech.rtb.mts.ru
token.rubiconproject.com
turkru.lol
ups.analytics.yahoo.com
www.google.com
www.google.nl
www.googleadservices.com
www.tns-counter.ru
x.bidswitch.net
x01.aidata.io
yandex-dmp-sync.rutarget.ru
yandex-sync.rutarget.ru
yandex.ru
yastatic.net
yhb.p.otm-r.com
ysa-static.passport.yandex.ru
mitdmp.whiteboxdigital.ru
ssp.bidvol.com
130.193.58.13
142.250.186.66
148.251.156.238
151.236.118.210
167.235.14.51
167.235.177.244
172.217.18.2
18.158.0.92
185.15.175.132
188.42.105.236
188.72.107.194
188.72.107.228
193.3.184.214
194.190.76.44
194.55.244.181
194.55.244.184
195.209.111.22
2001:6d0:4001::226
213.87.44.187
217.65.2.150
217.66.147.42
23.201.255.110
23.88.12.13
2606:4700:20::ac43:48bf
2a00:1450:4001:806::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2003
2a00:1450:4001:82b::2004
2a00:1450:4001:831::200a
2a02:6b8:20::215
2a02:6b8::158
2a02:6b8::16b
2a02:6b8::1:119
2a02:6b8::5:114
2a02:6b8::90
2a02:6b8:a::a
2a06:98c1:3121::3
2a11:27c0::93
3.71.149.231
31.172.81.172
31.220.27.155
34.240.89.45
34.243.85.78
35.177.4.157
35.190.24.218
35.210.53.219
37.18.16.22
37.18.16.6
45.9.26.83
51.89.9.252
52.45.175.185
69.173.144.165
77.245.57.72
81.222.128.216
82.145.213.8
85.111.6.50
88.198.16.238
88.212.201.198
89.108.108.11
89.108.119.28
91.192.148.30
95.217.109.66
96.46.183.20
99.80.114.174
022471387b2a5bb26e0ab555cfd9d6d2d07018e3719fb5ca94e59e0f3f76b62d
033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9
04cb71d9e236a499a24e103f9fde96ddc163303263fb4c9444c878cc94ce477f
05938c082120419e0764cd9a81aa929f400f1eda2e33e546c98d8b0bfc67189d
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0771c19c407aac665a7b2c8eecf0709b0990dfd62358a4dc9f373fbf56404878
07c7e597a59a84708f75391012951dee90f83452889c54e6ccbe47ccfc7ad3a4
087eeb6e7db9bbb5ca362b363a45204e915d3683a6ced5849cd88f3fede9450f
0adc888ae38f8470a39c737ec1680b014c238e605622d09d2e0e24ce0dfe794f
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0daf4dbd4ac6adab8c00c6cc384b69c6a7de3ffd9b8de02a52af14f33c261142
0e3440b942bff8ec5acd0ecc6692a59855e3e51a2a34be2b6df59e6a8aec4e49
10bd73a817c1fef28c5c838ebe72787de5f991a7059ab940566bef8ed0689644
11dd06fece5523f80a795c4a5fb5fa666773d99a78b01dc010b1da6edca7808d
12e73de4b3f2f3a301634093a6ad1dc18585a1f7658a65779cdabe75d729df33
18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93
1a688f34db585f469b29f57295dbef6c0af5c4d4726d8e028fd6706140ce086c
1a9dcd56f666978ededc9e96196dbfe8d0763e487f87a8290ae92951bfb29571
215705199ae48257df5c07c85aa2bcfcb37a7ea3462c160a17c08c0cd5a4bfc7
260192e89e077da22874c5bf5fbbea3f56ea1e60326344de7daac51e30371984
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
26fc047e00a872223bef48b57210bd28631ba1ae236d39aa1396c9b500e6e3fb
27d7e2287ad69345b444dd8a3061d25d97fd58b1c9c0fc5e8baf3e4b9f0f70ed
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2e545c30b6faca9e196b9f01beb30efbe95ebfe02b0cb8bda1bab30910fb5d11
2f09539e00b1c33ea333f130cbc0c05461c110136ba6f3a40ed670a5cff52c6b
30f17fdecea05c16ec978c460f68fed81cf42b36f666aee1e927d75d6bc7e383
31f14f66e2bcdc5ba06f6c0512afd40d3f79fcaf743f51f7839e00beca2b84ba
31f91a2f24b0a71605d84ec51616bd508db35dbfb52463591bd9d58e5b94bb86
33557640def8bb692ed385b23b4ff2c69afb4a83ce5d16d66ccdab77892b16b9
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
3b5b800f383d24890221226c82d966eb345e02e1e0ab7bda43b2fbe0bcae4022
3b5be45a060c3eca9cb98b8690d182f8de1ec6a6e88fcf016d12c4615db36af6
3d596a526676516ea65d34705e0f55e5c6f1bad98c6bd6ef30dfd52468d8e8f0
3d7b0970869968b7e676c9cd1bff0a3e3300f77a0513e8ef5f61c2ade78d3e8d
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4cbd2c67b9ecc1725046ecb3b439b729031c3f550ea511f79c45b76118f41a97
4d0acec687d2a646dca8b7bd6a6f87786bc587fea2b6c9b41e88d095610a5097
508960432accf3edc40727ba992dd774a9c431e42029f20443d96ff74f698af1
5253255b999ae4cf9c71faf127eb482bbe5d827cd0cb7128093e4b9da6f3cbb6
5423c9f6cf3737cfcc468d990e5a3e6aa551c8f43d7a5e891a2fbf2d14e11f7d
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
561b6b210e72096bbbed249750b35f1eda17497872c151906d77b659f4f8648d
575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e
6090619497acb4b9d07b2fd4ff972891f45f8f73bf5fe5774d8827fbe53a4744
61d22d811134b9272daa926867c09a51f59e627a89cba87f60b7699f7e7fc896
626aea4800393b27454696749a7ee9d325a66a4c3435b0a37210adca6172260c
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
669ad8e27574eb5e9fcf9af7c0e103081d7e5be1ac28cd7c3d110591a8dfab88
6a0e2414f257039e674979ef297cebd0ddabe4f162a15fbc79ac787245bd5504
6cdceb438e41ee07d58b7214785e14651205d8cc4b158a9a3ab988515f66c1cc
6e42419b020fdc1dbba05b9e95042f08ea74578a1a7c9b167ac9431aaa90b82e
747cac8d8f9d1725849aa8741089a4c58bafddc8619c80a9341894af23f7bbad
7a20062ccb79ee5a9919219479c4f6e6c073292e3302ddc1131b71db460f362f
7d2c2269798566fb6257f377fba8034430bbb8c2a9a3264cb14732d75b42c70d
82ae7d29b4291230daa3e943fe9bd37b49de180c159c52486ac668417fabfa39
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
8757d4316ee181c5609654bec7d8dfd07b54f32003cdd878a0a0a8d3beb09cd4
88542fe4099f306da96262d4632ec517d1e6706858856b56e9d91cb87b0335fd
8cf527c29fb63a4e240af55a4403baf4deb2ea73fb12075c8d720e4c53b26a13
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
8f752b81dc0a3aa29edaa55262ebc397a6c947b15c1965698656f6f94162a787
98c4dd620dced1876c9138160c7f0241fa634bf5154d5fbc37b421e906e9f20a
99878813ef27d7f81adacd738cba9f79cd345fe227da888e9c94c2829cc95ffb
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a7ffff086820345ebed117cef84262345b79216f6b54f3a810234071aa4318c
9c06e154adc3a9da6898754db2b2bf7d46478653efdf5dabf6772e470ccc8235
9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a
9ed3462f8b8da9475ad34115bd39a3a1ec59b034810393a057ccf418b891d49d
a09bdc422a00d6bae1023ed2cedfa3ede7e4b02956757b35a7318e7da8c6a1c1
a5943761262fe0fcc7d6eb9658c863cb9b47f80905a84024fe7dbaa4905262b4
a897250f8668473152c718ddcbdcf0cd86f586ec97d5e8acc2d6565ae538804d
ab0df4162e8b12055aeb167e2264a2e1e3279fe03a1a161d00fc849b04f9d71c
b3f5ebd86c172ae3839c014848b80a668a2f5c8251a3ff25192bf9e1614ac418
b4c26569d90f1cc7266204cbb6253077ddc2ea37d4a9cf5de6d2448787764dbd
b54ae706446b6406de74ffb63ce777185b929132f3fbc575a4f5f9ed219aa535
bc88955bf50ac138e85dd8e9ed4d9439819defe9259084b1cd5445222ebec2f7
be3c873ce6fed27cd2b5fb72519cf069999f18acbbaa79b58c735676de362b25
c094a8bd92c23305c5f30163b280313d8062af507b6b45b8a4833ae1e470abb7
c4ae9569890e771836bb654d49f5ff9c7d2d97fe8399b8d231106904518cf7b6
c71d59ff8b742c227151b438445875b4b36de6614aebe73f404247cb3ec7b68a
c87700d1ec5a86eb113fbfad5cb2eebdcc22929503201c595cd804bc8e32470b
c9295231053be2f03e47a98627b233e7459a04c9c186cf285a883f98590ba6bf
cad9e42efafaf8deab9e5f8b733566f20e31379e14624e29b11945cfb2283808
cc0fea61dfa11909288040eeab295caf899cbf5d8ce7d07649519db384198df1
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
ccf2fb8adab4fc0394d08fe2e04cf7e42e682e498cf8465d5e2d2e8bfdffe7c0
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1d4b13b6b62293eee3575a6c1d35231930ced05389a35a4b3927cd044d772c8
db5c03d1c5e6b05e7d8fa8146362b829f601380732336f6ea8781986227744a7
e0faa732f90904cc34bbaedb95878ae36cd28d4596f8238b56de987bf65aa5f7
e1bbb3a3ffd028bc77da6950c8de525f851d4b4adc55cb1dbd7173fdfa3523e6
e1cff21864c46e1da263fa83c14ed6d190bc5afbdd35188de15f10eb8bedd264
e21dc3de1d9135677e53c61aaffe45b7bd3191c429614720bbca99b86bdaedc4
e2d02e589353ea7a67193a0511cd52c4bcbdc026fcecfc19473dee14ae07e178
e39a462165c673034b74d57bbb238e9e2a0e389154cd31412f94924914cce494
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0f1198a2aeb9ec838aad16d47581277480ba751bb52a20e1c2776986c5d6461
f3222913fc217014f697180438f8c6477eb4488565a2e02d50f96ef9725b9d39
f4df5c8356f53ade5575c0b65edf56c3d853e4623ff56190a16117c5f9d027cd
f55a11baf33fb17425e40acd9266d2277424db4e0ae3bf3c703418de8b13101d
f719696470a011899151234c69dbf873ecbb846af87845c57f0c4124c52e9dd4
fbd313762cb3406cf59cfd0cb482fccf9b76f79ccbb80caf324ce80cf465eb8f
fd00a453d6d8e4c5920292b6ce549688b6a1b36022edc001591037ddad17fe99
ffaadd420e3b7b6c745a174f905feadf98976c8330dd3ae1f9e327b1a113c98e

turkru.lol Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

181 Requests

73 %HTTPS

25 %IPv6

55 Domains

71 Subdomains

44 IPs

11 Countries

1489 kBTransfer

3855 kBSize

75 Cookies

1 Outgoing links

Page URL History

Redirected requests

181 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

turkru.lol Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

181
Requests

73 %
HTTPS

25 %
IPv6

55
Domains

71
Subdomains

44
IPs

11
Countries

1489 kB
Transfer

3855 kB
Size

75
Cookies

181 HTTP transactions
1 data transactions