yol.tc Open in urlscan Pro
194.1.184.22 Public Scan

URL:
http://yol.tc/outlookserv
Submission: On July 01 via manual (July 1st 2021, 3:41:18 am UTC) from DE

Summary HTTP 28 Redirects Behaviour Indicators

Summary

This website contacted 14 IPs in 4 countries across 12 domains to perform 28 HTTP transactions. The main IP is 194.1.184.22, located in Turkey and belongs to PLUSWEB, TR. The main domain is yol.tc.

This is the only time yol.tc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	194.1.184.22 194.1.184.22	210107 (PLUSWEB) (PLUSWEB)
1	54.36.158.41 54.36.158.41	16276 (OVH) (OVH)
6	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
2	178.33.123.218 178.33.123.218	16276 (OVH) (OVH)
1	2620:116:800d... 2620:116:800d:21:51e4:db4b:4436:b305	16509 (AMAZON-02) (AMAZON-02)
1 2	2600:9000:210... 2600:9000:2104:6e00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	2620:116:800d... 2620:116:800d:21:5a23:9c4e:e774:96c1	16509 (AMAZON-02) (AMAZON-02)
28	14

7 194.1.184.22 (Turkey)

ASN210107 (PLUSWEB, TR)

yol.tc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.36.158.41 (France)

ASN16276 (OVH, FR)
PTR: lb.xtgem.com

wuir83.yn.lt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.33.123.218 (France)

ASN16276 (OVH, FR)
PTR: d2.xtgem.com

5.thumbs.xtstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
xtgem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:51e4:db4b:4436:b305 (United States)

ASN16509 (AMAZON-02, US)

edge.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2104:6e00:6:44e3:f8c0:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:5a23:9c4e:e774:96c1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	164 KB
7	yol.tc yol.tc	66 KB
3	quantserve.com 1 redirects edge.quantserve.com pixel.quantserve.com	10 KB
2	quantcount.com 1 redirects rules.quantcount.com	853 B
2	google.com adservice.google.com www.google.com	2 KB
2	doubleclick.net googleads.g.doubleclick.net	5 KB
1	xtgem.com xtgem.com	11 KB
1	xtstatic.com 5.thumbs.xtstatic.com	2 KB
1	googletagservices.com www.googletagservices.com	28 KB
1	google.de adservice.google.de	853 B
1	googleadservices.com partner.googleadservices.com	652 B
1	yn.lt wuir83.yn.lt	2 KB
28	12

	Domain	Requested by
7	yol.tc	yol.tc
6	pagead2.googlesyndication.com	yol.tc pagead2.googlesyndication.com tpc.googlesyndication.com
2	pixel.quantserve.com	1 redirects wuir83.yn.lt
2	rules.quantcount.com	1 redirects wuir83.yn.lt
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	edge.quantserve.com	wuir83.yn.lt
1	xtgem.com	wuir83.yn.lt
1	5.thumbs.xtstatic.com	wuir83.yn.lt
1	www.google.com	tpc.googlesyndication.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	wuir83.yn.lt	yol.tc
28	15

This site contains no links.

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1C3	`2021-06-07` - `2021-08-30`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-05-31` - `2021-08-23`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-05-31` - `2021-08-23`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-05-31` - `2021-08-23`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-06-07` - `2021-08-30`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-05-31` - `2021-08-23`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh

This page contains 7 frames:

Primary Page: http://yol.tc/outlookserv
Frame ID: BBB263F6A37D89568BCF914A003B77AC
Requests: 3 HTTP requests in this frame

Frame: http://yol.tc/framedRedirectTop.php?url=772
Frame ID: 3875121D5E3B4754D9B35501FFAC13F9
Requests: 14 HTTP requests in this frame

Frame: http://wuir83.yn.lt/js/?out=look
Frame ID: 85020CB029C0372A2E73F70B59CC5DA7
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210628/r20190131/zrt_lookup.html
Frame ID: 447CD808E8A5FEA158323DBC8DF645D8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2922494028953189&output=html&h=60&slotname=6789653150&adk=2786707073&adf=123856640&pi=t.ma~as.6789653150&w=468&lmt=1625110858&psa=0&format=468x60&url=http%3A%2F%2Fyol.tc%2FframedRedirectTop.php%3Furl%3D772&flash=0&wgl=1&dt=1625110858007&bpp=4&bdt=141&idt=104&shv=r20210628&ptt=9&saldr=aa&correlator=4735158152983&frm=21&ife=1&pv=2&ga_vid=364352.1625110858&ga_sid=1625110858&ga_hid=360388197&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1132&ady=0&biw=1600&bih=1200&isw=1600&ish=72&ifk=3547864002&scr_x=0&scr_y=0&eid=31061486&oid=3&pvsid=1381435669394293&top=http%3A%2F%2Fyol.tc%2Foutlookserv&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C72&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.9vs4bo7ku2tn&fsb=1&xpc=PY7N93F2N0&p=http%3A//yol.tc&dtd=129
Frame ID: 6EA56E8EA7773B7057A9ABE0D275B023
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 863F2F5AB0351A18F8840C79998C7EEE
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F3D8812BE3ACFE9BC21C978605130AD4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

28
Requests

54 %
HTTPS

71 %
IPv6

12
Domains

15
Subdomains

14
IPs

4
Countries

290 kB
Transfer

897 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25

http://rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js HTTP 301
https://rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js

Request Chain 26

http://pixel.quantserve.com/pixel;r=685550052;rf=0;a=p-0cfM8Oh7M9bVQ;url=http%3A%2F%2Fwuir83.yn.lt%2Fjs%2F%3Fout%3Dlook;ref=http%3A%2F%2Fyol.tc%2F;uht=2;fpan=1;fpa=P0-760207648-1625110862389;pbcn=u;pbc=;ns=1;ce=1;qjs=1;qv=82efd7d8-20210517233434;cm=;gdpr=0;d=wuir83.yn.lt;je=0;sr=1600x1200x24;dst=1;et=1625110862389;tzo=-120;ogl= HTTP 301
https://pixel.quantserve.com/pixel;r=685550052;rf=0;a=p-0cfM8Oh7M9bVQ;url=http%3A%2F%2Fwuir83.yn.lt%2Fjs%2F%3Fout%3Dlook;ref=http%3A%2F%2Fyol.tc%2F;uht=2;fpan=1;fpa=P0-760207648-1625110862389;pbcn=u;pbc=;ns=1;ce=1;qjs=1;qv=82efd7d8-20210517233434;cm=;gdpr=0;d=wuir83.yn.lt;je=0;sr=1600x1200x24;dst=1;et=1625110862389;tzo=-120;ogl=

28 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set outlookserv Show response
yol.tc/ 2 KB
1 KB 2816ms
2669ms Document
text/html 194.1.184.22
PLUSWEB

General

Check archive.org

Show headers Download Go to

Full URL: http://yol.tc/outlookserv
Protocol: HTTP/1.1
Server: 194.1.184.22 , Turkey, ASN210107 (PLUSWEB, TR),
Reverse DNS
Software: Apache/2 / PHP/5.6.40
Resource Hash: 789df383df07e1952c855b7b9d8ab9ac2ddcd72eccfe746eed62ef08b96ceddd

Request headers

Host: yol.tc
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Jul 2021 03:39:03 GMT
Server: Apache/2
X-Powered-By: PHP/5.6.40
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: shorturl=rnbbjj6aaa7b076l9agq9ujnk7; path=/
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 710
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK bootstrap.css
yol.tc/themes/v3/styles/css/ 121 KB
18 KB 56ms
55ms Stylesheet
text/css 194.1.184.22
PLUSWEB

General

Check archive.org

Show headers Download Go to

Full URL: http://yol.tc/themes/v3/styles/css/bootstrap.css
Requested by: Host: yol.tc
URL: http://yol.tc/outlookserv
Protocol: HTTP/1.1
Server: 194.1.184.22 , Turkey, ASN210107 (PLUSWEB, TR),
Reverse DNS
Software: Apache/2 /
Resource Hash: e59179702fff6732311be76961a0b18cd160eb27057b22cfae2d0a567f14345f

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: yol.tc
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://yol.tc/outlookserv
Cookie: shorturl=rnbbjj6aaa7b076l9agq9ujnk7
Connection: keep-alive
Cache-Control: no-cache
Referer: http://yol.tc/outlookserv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Jul 2021 03:39:06 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Oct 2016 15:43:46 GMT
Server: Apache/2
ETag: "1e537-53e98bdee1080-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=99
Content-Length: 17919

GET
H/1.1 200
OK screen.css
yol.tc/themes/v3/styles/ 41 KB
8 KB 102ms
96ms Stylesheet
text/css 194.1.184.22
PLUSWEB

General

Check archive.org

Show headers Download Go to

Full URL: http://yol.tc/themes/v3/styles/screen.css
Requested by: Host: yol.tc
URL: http://yol.tc/outlookserv
Protocol: HTTP/1.1
Server: 194.1.184.22 , Turkey, ASN210107 (PLUSWEB, TR),
Reverse DNS
Software: Apache/2 /
Resource Hash: 180abe7207414d26e3b0e9ed418ca9f79e18d1ebed46d55892e609550f0236f6

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: yol.tc
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://yol.tc/outlookserv
Cookie: shorturl=rnbbjj6aaa7b076l9agq9ujnk7
Connection: keep-alive
Cache-Control: no-cache
Referer: http://yol.tc/outlookserv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Jul 2021 03:39:06 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Oct 2016 15:43:24 GMT
Server: Apache/2
ETag: "a596-53e98bc9e5f00-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=100
Content-Length: 7872

GET
H/1.1 200
OK framedRedirectTop.php Show response
yol.tc/ Frame 3875 2 KB
1 KB 2064ms
2058ms Document
text/html 194.1.184.22
PLUSWEB

General

Check archive.org

Show headers Download Go to

Full URL: http://yol.tc/framedRedirectTop.php?url=772
Requested by: Host: yol.tc
URL: http://yol.tc/outlookserv
Protocol: HTTP/1.1
Server: 194.1.184.22 , Turkey, ASN210107 (PLUSWEB, TR),
Reverse DNS
Software: Apache/2 / PHP/5.6.40
Resource Hash: 243bf61965cab60798b6887df8a05e6aba69f1cb74cedbc26ff9330250c2385d

Request headers

Host: yol.tc
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://yol.tc/outlookserv
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Cookie: shorturl=rnbbjj6aaa7b076l9agq9ujnk7
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://yol.tc/outlookserv

Response headers

Date: Thu, 01 Jul 2021 03:39:06 GMT
Server: Apache/2
X-Powered-By: PHP/5.6.40
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 920
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H/1.1 404
Not Found / Show response
wuir83.yn.lt/js/ Frame 8502 8 KB
2 KB 6482ms
6421ms Document
text/html 54.36.158.41
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://wuir83.yn.lt/js/?out=look
Requested by: Host: yol.tc
URL: http://yol.tc/outlookserv
Protocol: HTTP/1.1
Server: 54.36.158.41 , France, ASN16276 (OVH, FR),
Reverse DNS: lb.xtgem.com
Software: /
Resource Hash: 172655710f5c9c3abca11e8be5c9c8731f4362625d34655165b780fbe4828e5f

Request headers

Host: wuir83.yn.lt
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://yol.tc/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://yol.tc/

Response headers

Date: Thu, 01 Jul 2021 03:40:55 GMT
Vary: Host,Accept-Encoding
Content-Encoding: gzip
Content-Length: 2243
Content-Type: text/html;charset=UTF-8
Age: 0
X-Cache: MISS
X-Cache-Hits: 0
Connection: close

GET
H/1.1 200
OK bootstrap.css
yol.tc/themes/v3/styles/css/ Frame 3875 121 KB
18 KB 56ms
55ms Stylesheet
text/css 194.1.184.22
PLUSWEB

General

Check archive.org

Show headers Download Go to

Full URL: http://yol.tc/themes/v3/styles/css/bootstrap.css
Requested by: Host: yol.tc
URL: http://yol.tc/framedRedirectTop.php?url=772
Protocol: HTTP/1.1
Server: 194.1.184.22 , Turkey, ASN210107 (PLUSWEB, TR),
Reverse DNS
Software: Apache/2 /
Resource Hash: e59179702fff6732311be76961a0b18cd160eb27057b22cfae2d0a567f14345f

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: yol.tc
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://yol.tc/framedRedirectTop.php?url=772
Connection: keep-alive
Cache-Control: no-cache
Referer: http://yol.tc/framedRedirectTop.php?url=772
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Jul 2021 03:39:08 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Oct 2016 15:43:46 GMT
Server: Apache/2
ETag: "1e537-53e98bdee1080-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=99
Content-Length: 17919

GET
H/1.1 200
OK screen.css
yol.tc/themes/v3/styles/ Frame 3875 41 KB
8 KB 136ms
96ms Stylesheet
text/css 194.1.184.22
PLUSWEB

General

Check archive.org

Show headers Download Go to

Full URL: http://yol.tc/themes/v3/styles/screen.css
Requested by: Host: yol.tc
URL: http://yol.tc/framedRedirectTop.php?url=772
Protocol: HTTP/1.1
Server: 194.1.184.22 , Turkey, ASN210107 (PLUSWEB, TR),
Reverse DNS
Software: Apache/2 /
Resource Hash: 180abe7207414d26e3b0e9ed418ca9f79e18d1ebed46d55892e609550f0236f6

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: yol.tc
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://yol.tc/framedRedirectTop.php?url=772
Connection: keep-alive
Cache-Control: no-cache
Referer: http://yol.tc/framedRedirectTop.php?url=772
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Jul 2021 03:39:08 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Oct 2016 15:43:24 GMT
Server: Apache/2
ETag: "a596-53e98bc9e5f00-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=100
Content-Length: 7872

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 3875 135 KB
48 KB 28ms
21ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: yol.tc
URL: http://yol.tc/framedRedirectTop.php?url=772

Protocol

HTTP/1.1

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9349517ae5b218dbbd8f88d761badabd64bd36e6f0eaae0ad685995360765cda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://yol.tc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Thu, 01 Jul 2021 03:40:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 7891261082821145910
Vary: Accept-Encoding, Origin
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 48719
X-XSS-Protection: 0
Expires: Thu, 01 Jul 2021 03:40:57 GMT

GET
H/1.1 200
OK blue.png
yol.tc/themes/v3/images/logo/ Frame 3875 12 KB
12 KB 134ms
94ms Image
image/png 194.1.184.22
PLUSWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://yol.tc/themes/v3/images/logo/blue.png
Requested by: Host: yol.tc
URL: http://yol.tc/framedRedirectTop.php?url=772
Protocol: HTTP/1.1
Server: 194.1.184.22 , Turkey, ASN210107 (PLUSWEB, TR),
Reverse DNS
Software: Apache/2 /
Resource Hash: 4915305748c2750e4a8228ac479fa9a84dc7625773b12a7e120dd89d138247c3

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: yol.tc
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://yol.tc/framedRedirectTop.php?url=772
Connection: keep-alive
Cache-Control: no-cache
Referer: http://yol.tc/framedRedirectTop.php?url=772
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Jul 2021 03:39:08 GMT
Last-Modified: Thu, 20 Oct 2016 11:34:41 GMT
Server: Apache/2
ETag: "2fe3-53f4a4fb5d640"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=100
Content-Length: 12259

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210628/r20190131/ Frame 447C 10 KB
5 KB 26ms
6ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210628/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210628/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://yol.tc/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://yol.tc/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 30 Jun 2021 19:14:00 GMT
expires: Wed, 14 Jul 2021 19:14:00 GMT
content-type: text/html; charset=UTF-8
etag: 15579341980913220427
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4579
x-xss-protection: 0
age: 30417
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210628/r20190131/ Frame 3875 240 KB
90 KB 48ms
29ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210628/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2922494028953189&plah=yol.tc&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e233a147eb1f2dc7932e22c7199051febacd3246e31ee3cb3675db87dec8c042

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://yol.tc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 03:40:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 91162
x-xss-protection: 0
server: cafe
etag: 13729711335453486071
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 01 Jul 2021 03:40:58 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 3875 196 B
652 B 44ms
15ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=yol.tc&callback=_gfp_s_&client=ca-pub-2922494028953189

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210628/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2922494028953189&plah=yol.tc&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

c0eff9c9e3405059ee7bc183adeea3a83199520a4cb0e659852751eecee85e80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://yol.tc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 03:40:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 186
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 3875 107 B
853 B 36ms
15ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=yol.tc

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://yol.tc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Jul 2021 03:40:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 3875 107 B
570 B 35ms
14ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=yol.tc

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://yol.tc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Jul 2021 03:40:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 400 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6EA5 603 B
217 B 24ms
23ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2922494028953189&output=html&h=60&slotname=6789653150&adk=2786707073&adf=123856640&pi=t.ma~as.6789653150&w=468&lmt=1625110858&psa=0&format=468x60&url=http%3A%2F%2Fyol.tc%2FframedRedirectTop.php%3Furl%3D772&flash=0&wgl=1&dt=1625110858007&bpp=4&bdt=141&idt=104&shv=r20210628&ptt=9&saldr=aa&correlator=4735158152983&frm=21&ife=1&pv=2&ga_vid=364352.1625110858&ga_sid=1625110858&ga_hid=360388197&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1132&ady=0&biw=1600&bih=1200&isw=1600&ish=72&ifk=3547864002&scr_x=0&scr_y=0&eid=31061486&oid=3&pvsid=1381435669394293&top=http%3A%2F%2Fyol.tc%2Foutlookserv&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C72&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.9vs4bo7ku2tn&fsb=1&xpc=PY7N93F2N0&p=http%3A//yol.tc&dtd=129

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2922494028953189&output=html&h=60&slotname=6789653150&adk=2786707073&adf=123856640&pi=t.ma~as.6789653150&w=468&lmt=1625110858&psa=0&format=468x60&url=http%3A%2F%2Fyol.tc%2FframedRedirectTop.php%3Furl%3D772&flash=0&wgl=1&dt=1625110858007&bpp=4&bdt=141&idt=104&shv=r20210628&ptt=9&saldr=aa&correlator=4735158152983&frm=21&ife=1&pv=2&ga_vid=364352.1625110858&ga_sid=1625110858&ga_hid=360388197&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1132&ady=0&biw=1600&bih=1200&isw=1600&ish=72&ifk=3547864002&scr_x=0&scr_y=0&eid=31061486&oid=3&pvsid=1381435669394293&top=http%3A%2F%2Fyol.tc%2Foutlookserv&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C72&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.9vs4bo7ku2tn&fsb=1&xpc=PY7N93F2N0&p=http%3A//yol.tc&dtd=129
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://yol.tc/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://yol.tc/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 01 Jul 2021 03:40:58 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 01-Jul-2021 03:55:58 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3875 72 KB
28 KB 36ms
14ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29d592e34e3d2c8ca0c55ceafd75940de79cdb6381d8ceb372d226e7820e7220

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://yol.tc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 03:40:58 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1624879999447392"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27719
x-xss-protection: 0
expires: Thu, 01 Jul 2021 03:40:58 GMT

GET
H/1.1 204
No Content gen_204
pagead2.googlesyndication.com/pagead/ Frame 3875 0
459 B 13ms
13ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://pagead2.googlesyndication.com/pagead/gen_204?id=adfil-imp&wp=ca-pub-2922494028953189&c=14&n=0&t=0&w=0&x=1

Requested by

Host: yol.tc
URL: http://yol.tc/framedRedirectTop.php?url=772

Protocol

HTTP/1.1

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://yol.tc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 01 Jul 2021 03:40:58 GMT
X-Content-Type-Options: nosniff
Server: cafe
Timing-Allow-Origin: *
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, must-revalidate
Cross-Origin-Resource-Policy: cross-origin
Content-Type: image/gif
Content-Length: 0
X-XSS-Protection: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 3875 11 KB
8 KB 32ms
17ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210628&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdcde256f3ff84fdf3f097b17ff942cca5670d5a2b051affcd771cb86cc34efa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://yol.tc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Jul 2021 03:40:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8395
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 3875 17 KB
7 KB 34ms
13ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://yol.tc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 03:40:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Thu, 01 Jul 2021 03:40:58 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 863F 12 KB
5 KB 21ms
6ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://yol.tc/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://yol.tc/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Wed, 30 Jun 2021 22:13:12 GMT
expires: Thu, 30 Jun 2022 22:13:12 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 19666
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F3D8 783 B
1 KB 37ms
17ms Document
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

38dad26542fbca70762103948fb4af1482e2e0f0087684cc179b091820a168ba

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ag05/mFZpjpAYLVJ4wMRIA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://yol.tc/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://yol.tc/

Response headers

expires: Thu, 01 Jul 2021 03:40:58 GMT
date: Thu, 01 Jul 2021 03:40:58 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-ag05/mFZpjpAYLVJ4wMRIA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 mGzIkP9MbilhhXayH-4FXVj5Hth0Auc0RFP8Od1UZbs.js Show response
pagead2.googlesyndication.com/bg/ Frame 863F 14 KB
6 KB 20ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mGzIkP9MbilhhXayH-4FXVj5Hth0Auc0RFP8Od1UZbs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

986cc890ff4c6e29618576b21fee055d58f91ed87402e7344453fc39dd5465bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 13:01:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 139184
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5744
x-xss-protection: 0
last-modified: Tue, 22 Jun 2021 16:28:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 29 Jun 2022 13:01:14 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3875 0
20 B 17ms
17ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210628&jk=1381435669394293&bg=!cXKlcjbNAAYo4NJEKOA7ACkAdvg8Wjy9abijxA78MtYx5uQxBTMqt4u2y_yR9NrR-dqEXrmFGYeMuAIAAABUUgAAAAxoAQcKAGEPSqlE5NlCWGlarGEln85f1DfNt2oBZgGcEPUPdo-nIV_Bmim68GzI5HiciYYd-CzuO7YlTcgWXBqTWT-hv6ERQbMN6A51u0ASl77n4lSTts2AVJ4AsPsJ2WFrdAFntlGMmQJupEWHwmlgAIuqQ944JgtSVxk2TSDjjQsBwhkcc31WTDKQfMuiQ_imkewLgytXnkMUxdoWkpe-XWMlyAFzX4i574Uj_3nkpog2JaxicB-l7q7Qz0h_GTfgEeiEmiSW6pfKFOrA83_0WnsisgO-NT90Wi-nJd2eFhDyMNTsM39E2O7PWc2tLK5uwU7cIXc6z5YpuGEuTodEix8VroRdKbnYHv-Ik2sijsHYPbzeGDu5G2FZj4GRAKN87m783HMcURmL5Wy2EvirP5hM-eJAFmFBdj4PVuW-DI0BhW-8Re0W5UY7pKfLynxB_joXCEtqGJ7nDwpYDwIO5Ns3M9dTEtlMnmRy3Ozk7Tn8QqLcKNMIkdfNvNjrLmAB-1N7K33qiY3SHAmKRIQ-3YSNmK89ZiRx6Fs4ihe8lNI_2f4piFZGvt3fIuVG7pqFt9Qn_2sz-wkfeNdTvYM9BeJ3G7recwOqUbbXe0INgKQnpWGjmfjXa8zQ5s9pFJ4Kw4Ev2y_nXeLi0JObe7SrfccU56OUJ4hTXS5_gmktkUk2SqjVMHrC6sk_IqBwY2FwGhtqJfZgcDs56C1Zx3UO-GA2LM6vCVzNDHKi04CyRjeukY0_oHABn0dvuYKX3YzzbaPBDkBk-nrJz-8T-FCO4gq5pI51FrFGQiPE7CWQwreu3EjyCYQprh4rFETPJBiGbFoHC34JwUi26qisIgmcd-rtSefyb0d126X3fiWSK0kecprCjLRYsM_nG2mFPm-VX4jhymGAujnIeA7e12EQuoTy7EZWtAIAq6iyD6CiSmG3GCOxX3fEAktGmfUKOvFnyWOHKqxHag

Requested by

Host: yol.tc
URL: http://yol.tc/outlookserv

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://yol.tc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jul 2021 03:40:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK insane-481107.jpg
5.thumbs.xtstatic.com/100/50/-/578d0bcc2530f4abf70ce0004aaa26d5/awesometattoos.xtgem.com/images/blog/ Frame 8502 1 KB
2 KB 111ms
84ms Image
image/jpeg 178.33.123.218
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://5.thumbs.xtstatic.com/100/50/-/578d0bcc2530f4abf70ce0004aaa26d5/awesometattoos.xtgem.com/images/blog/insane-481107.jpg
Requested by: Host: wuir83.yn.lt
URL: http://wuir83.yn.lt/js/?out=look
Protocol: HTTP/1.1
Server: 178.33.123.218 , France, ASN16276 (OVH, FR),
Reverse DNS: d2.xtgem.com
Software: /
Resource Hash: 1eb0bef08d2354244362c141711ab669eb8c2a30f49bdfd03c551af896dc4863

Request headers

Referer: http://wuir83.yn.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Jul 2021 03:41:02 GMT
X-Ngz: 1
Last-Modified: Sun, 28 Oct 2018 05:23:34 GMT
Age: 0
ETag: "50f-0"
Sent-XS: 0.000
X-Cache: MISS
Content-Type: image/jpeg
Expires: Sat, 03 Jul 2021 03:41:02 GMT
Cache-Control: max-age=172800, pre-check=172800
Connection: close
Accept-Ranges: bytes
Content-Length: 1295
X-Cache-Hits: 0

GET
H/1.1 200
OK powered_by_xtgem.png
xtgem.com/images/ Frame 8502 10 KB
11 KB 58ms
51ms Image
image/png 178.33.123.218
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://xtgem.com/images/powered_by_xtgem.png
Requested by: Host: wuir83.yn.lt
URL: http://wuir83.yn.lt/js/?out=look
Protocol: HTTP/1.1
Server: 178.33.123.218 , France, ASN16276 (OVH, FR),
Reverse DNS: d2.xtgem.com
Software: /
Resource Hash: 4e99adbc172ae5f3d664308a109b0ad623f6f0fc869eb421b58c5e05578495bf

Request headers

Referer: http://wuir83.yn.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Jul 2021 03:41:02 GMT
X-Ngz: 1
Last-Modified: Sat, 16 Nov 2019 11:03:28 GMT
Age: 0
ETag: "28b0-59774aa04e000"
X-Cache: MISS
Content-Type: image/png
Expires: Sat, 31 Jul 2021 03:41:02 GMT
Cache-Control: max-age=2592000
Connection: close
Accept-Ranges: bytes
Content-Length: 10416
X-Cache-Hits: 0

GET
H/1.1 200
OK quant.js Show response
edge.quantserve.com/ Frame 8502 24 KB
9 KB 14ms
7ms Script
application/javascript 2620:116:800d:21:51e4:db4b:4436:b305
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://edge.quantserve.com/quant.js
Requested by: Host: wuir83.yn.lt
URL: http://wuir83.yn.lt/js/?out=look
Protocol: HTTP/1.1
Server: 2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: bba4d46952f094b62205fe06e4a78114cac5d934971925a4716ef40c33f96012

Request headers

Referer: http://wuir83.yn.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Jul 2021 03:41:02 GMT
Content-Encoding: gzip
Etag: "WhyxmPkT7L77qVDcrjxwGw=="
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: private, max-age=604800
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Accept-Ranges: bytes
Expires: Thu, 08 Jul 2021 03:41:02 GMT

GET
H2

200

rules-p-0cfM8Oh7M9bVQ.js Show response
rules.quantcount.com/ Frame 8502
Redirect Chain

http://rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js
https://rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js

3 B
427 B

39ms
12ms

Script
application/javascript

2600:9000:2104:6e00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js
Requested by: Host: wuir83.yn.lt
URL: http://wuir83.yn.lt/js/?out=look
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:6e00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: http://wuir83.yn.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 18:58:24 GMT
via: 1.1 043fc2faaa02eeb59193e3fa300adb6b.cloudfront.net (CloudFront)
age: 31358
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 3
last-modified: Sat, 04 Mar 2017 19:40:53 GMT
server: AmazonS3
etag: "8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
x-amz-cf-id: Jr0KCNBbvlsJAJ9f_rio6Nulp0XDsbgnEKJ_EBq33ditJx8eNIXMyw==

Redirect headers

Date: Thu, 01 Jul 2021 03:41:02 GMT
Via: 1.1 d143bdfb7cce4cf7ec0bcf9ec13e5915.cloudfront.net (CloudFront)
Server: CloudFront
X-Amz-Cf-Pop: AMS1-C1
X-Cache: Redirect from cloudfront
Content-Type: text/html
Location: https://rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js
Connection: keep-alive
Content-Length: 183
X-Amz-Cf-Id: Toi-PVmgbiO_ssqfpvkIODrRgNRHYpqcwcwXEFIRr1sqb3wrwFE51Q==

GET
H2

200

pixel;r=685550052;rf=0;a=p-0cfM8Oh7M9bVQ;url=http%3A%2F%2Fwuir83.yn.lt%2Fjs%2F%3Fout%3Dlook;ref=http%3A%2F%2Fyol.tc%2F;uht=2;fpan=1;fpa=P0-760207648-1625110862389;pbcn=u;pbc=;ns=1;ce=1;qjs=1;qv=82e...
pixel.quantserve.com/ Frame 8502
Redirect Chain

http://pixel.quantserve.com/pixel;r=685550052;rf=0;a=p-0cfM8Oh7M9bVQ;url=http%3A%2F%2Fwuir83.yn.lt%2Fjs%2F%3Fout%3Dlook;ref=http%3A%2F%2Fyol.tc%2F;uht=2;fpan=1;fpa=P0-760207648-1625110862389;pbcn=u...
https://pixel.quantserve.com/pixel;r=685550052;rf=0;a=p-0cfM8Oh7M9bVQ;url=http%3A%2F%2Fwuir83.yn.lt%2Fjs%2F%3Fout%3Dlook;ref=http%3A%2F%2Fyol.tc%2F;uht=2;fpan=1;fpa=P0-760207648-1625110862389;pbcn=...

35 B
372 B

23ms
9ms

Image
image/gif

2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=685550052;rf=0;a=p-0cfM8Oh7M9bVQ;url=http%3A%2F%2Fwuir83.yn.lt%2Fjs%2F%3Fout%3Dlook;ref=http%3A%2F%2Fyol.tc%2F;uht=2;fpan=1;fpa=P0-760207648-1625110862389;pbcn=u;pbc=;ns=1;ce=1;qjs=1;qv=82efd7d8-20210517233434;cm=;gdpr=0;d=wuir83.yn.lt;je=0;sr=1600x1200x24;dst=1;et=1625110862389;tzo=-120;ogl=

Requested by

Host: wuir83.yn.lt
URL: http://wuir83.yn.lt/js/?out=look

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: http://wuir83.yn.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jul 2021 03:41:02 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

Redirect headers

Location: https://pixel.quantserve.com/pixel;r=685550052;rf=0;a=p-0cfM8Oh7M9bVQ;url=http%3A%2F%2Fwuir83.yn.lt%2Fjs%2F%3Fout%3Dlook;ref=http%3A%2F%2Fyol.tc%2F;uht=2;fpan=1;fpa=P0-760207648-1625110862389;pbcn=u;pbc=;ns=1;ce=1;qjs=1;qv=82efd7d8-20210517233434;cm=;gdpr=0;d=wuir83.yn.lt;je=0;sr=1600x1200x24;dst=1;et=1625110862389;tzo=-120;ogl=
Date: Thu, 01 Jul 2021 03:41:02 GMT
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 0
Expires: Fri, 02 Jul 2021 03:41:02 GMT

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5.thumbs.xtstatic.com
adservice.google.com
adservice.google.de
edge.quantserve.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.quantserve.com
rules.quantcount.com
tpc.googlesyndication.com
wuir83.yn.lt
www.google.com
www.googletagservices.com
xtgem.com
yol.tc
178.33.123.218
194.1.184.22
216.58.212.162
2600:9000:2104:6e00:6:44e3:f8c0:93a1
2620:116:800d:21:51e4:db4b:4436:b305
2620:116:800d:21:5a23:9c4e:e774:96c1
2a00:1450:4001:802::2002
2a00:1450:4001:809::2004
2a00:1450:4001:813::2002
2a00:1450:4001:827::2001
2a00:1450:4001:828::2002
2a00:1450:4001:830::2002
2a00:1450:4001:831::2002
54.36.158.41
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
172655710f5c9c3abca11e8be5c9c8731f4362625d34655165b780fbe4828e5f
180abe7207414d26e3b0e9ed418ca9f79e18d1ebed46d55892e609550f0236f6
1eb0bef08d2354244362c141711ab669eb8c2a30f49bdfd03c551af896dc4863
20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4
243bf61965cab60798b6887df8a05e6aba69f1cb74cedbc26ff9330250c2385d
29d592e34e3d2c8ca0c55ceafd75940de79cdb6381d8ceb372d226e7820e7220
38dad26542fbca70762103948fb4af1482e2e0f0087684cc179b091820a168ba
4915305748c2750e4a8228ac479fa9a84dc7625773b12a7e120dd89d138247c3
4e99adbc172ae5f3d664308a109b0ad623f6f0fc869eb421b58c5e05578495bf
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
789df383df07e1952c855b7b9d8ab9ac2ddcd72eccfe746eed62ef08b96ceddd
9349517ae5b218dbbd8f88d761badabd64bd36e6f0eaae0ad685995360765cda
986cc890ff4c6e29618576b21fee055d58f91ed87402e7344453fc39dd5465bb
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
bba4d46952f094b62205fe06e4a78114cac5d934971925a4716ef40c33f96012
bdcde256f3ff84fdf3f097b17ff942cca5670d5a2b051affcd771cb86cc34efa
c0eff9c9e3405059ee7bc183adeea3a83199520a4cb0e659852751eecee85e80
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
e233a147eb1f2dc7932e22c7199051febacd3246e31ee3cb3675db87dec8c042
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e59179702fff6732311be76961a0b18cd160eb27057b22cfae2d0a567f14345f

yol.tc Open in urlscan Pro 194.1.184.22 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

28 Requests

54 %HTTPS

71 %IPv6

12 Domains

15 Subdomains

14 IPs

4 Countries

290 kBTransfer

897 kBSize

0 Cookies

0 Outgoing links

Redirected requests

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

yol.tc Open in urlscan Pro
194.1.184.22 Public Scan

Screenshot
Live screenshot

Full Image

28
Requests

54 %
HTTPS

71 %
IPv6

12
Domains

15
Subdomains

14
IPs

4
Countries

290 kB
Transfer

897 kB
Size

0
Cookies

28 HTTP transactions
0 data transactions