turnip.exchange Open in urlscan Pro
2606:4700:20::ac43:4728 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://turnip.exchange/
Effective URL:
https://turnip.exchange/
Submission: On July 08 via manual (July 8th 2020, 11:46:40 am UTC) from NL

Summary HTTP 49 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 15 IPs in 4 countries across 14 domains to perform 49 HTTP transactions. The main IP is 2606:4700:20::ac43:4728, located in United States and belongs to CLOUDFLARENET, US. The main domain is turnip.exchange.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on March 29th 2020. Valid for: 6 months.

This is the only time turnip.exchange was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 22	2606:4700:20:... 2606:4700:20::ac43:4728	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
5	2606:4700:10:... 2606:4700:10::ac43:1b35	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:816::2003	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:81b::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700:10:... 2606:4700:10::6816:227d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
2	185.33.221.53 185.33.221.53	29990 (ASN-APPNEX) (ASN-APPNEX)
1	104.16.68.69 104.16.68.69	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	67.202.110.21 67.202.110.21	32748 (STEADFAST) (STEADFAST)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:817::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
49	15

22 2606:4700:20::ac43:4728 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

turnip.exchange	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:10::ac43:1b35 (United States)

ASN13335 (CLOUDFLARENET, US)

s.nitropay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:816::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:81b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:227d (United States)

ASN13335 (CLOUDFLARENET, US)

tracker.nitropay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.nitropay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.221.53 (Netherlands)

ASN29990 (ASN-APPNEX, US)

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.68.69 (United States)

ASN13335 (CLOUDFLARENET, US)

dmx.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.110.21 (Chicago, United States)

ASN32748 (STEADFAST, US)

ssc.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Mountain View, United States)

ASN15169 (GOOGLE, US)

ggsoftware-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:817::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	turnip.exchange 1 redirects turnip.exchange	446 KB
7	nitropay.com s.nitropay.com tracker.nitropay.com	225 KB
6	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	137 KB
3	doubleclick.net googleads.g.doubleclick.net
2	adnxs.com ib.adnxs.com	2 KB
2	gstatic.com fonts.gstatic.com	32 KB
1	googletagservices.com www.googletagservices.com	27 KB
1	openx.net ggsoftware-d.openx.net	574 B
1	33across.com ssc.33across.com	344 B
1	pubmatic.com hbopenbid.pubmatic.com	116 B
1	districtm.io dmx.districtm.io	426 B
1	google.com adservice.google.com	887 B
1	google.de adservice.google.de	887 B
1	googleapis.com fonts.googleapis.com	672 B
49	14

	Domain	Requested by
22	turnip.exchange	1 redirects turnip.exchange
6	s.nitropay.com	turnip.exchange s.nitropay.com
4	pagead2.googlesyndication.com	s.nitropay.com pagead2.googlesyndication.com
3	googleads.g.doubleclick.net	s.nitropay.com
2	tpc.googlesyndication.com	s.nitropay.com
2	ib.adnxs.com	s.nitropay.com
2	fonts.gstatic.com	turnip.exchange
1	www.googletagservices.com	s.nitropay.com
1	ggsoftware-d.openx.net	s.nitropay.com
1	ssc.33across.com	s.nitropay.com
1	hbopenbid.pubmatic.com	s.nitropay.com
1	dmx.districtm.io	s.nitropay.com
1	adservice.google.com	s.nitropay.com
1	adservice.google.de	s.nitropay.com
1	tracker.nitropay.com	s.nitropay.com
1	fonts.googleapis.com	turnip.exchange
49	16

This site contains links to these domains. Also see Links.

Domain
nookazon.com
patreon.warp.world
crowdmade.com
discord.gg
twitter.com
nitropay.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-03-29` - `2020-10-09`	6 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-06-17` - `2020-09-09`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-06-17` - `2020-09-09`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-06-17` - `2020-09-09`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-06-17` - `2020-09-09`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-06-17` - `2020-09-09`	3 months	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
districtm.io Cloudflare Inc ECC CA-3	`2020-07-01` - `2021-07-01`	a year	crt.sh
*.pubmatic.com Sectigo RSA Organization Validation Secure Server CA	`2019-02-22` - `2021-02-21`	2 years	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-01` - `2021-09-30`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-06-17` - `2020-09-09`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://turnip.exchange/
Frame ID: 3BA3907951E7A186B67073DEA28AB59E
Requests: 48 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200706/r20190131/zrt_lookup.html
Frame ID: 351C39A2D16C11A64ECFA70B7C094395
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9872233689689746&output=html&h=90&slotname=nitroadsPassbackNR&adk=3291266011&adf=1104304089&w=970&lmt=1594083252&psa=0&guci=1.2.0.0.2.2.0.0&us_privacy=1---&format=970x90&url=https%3A%2F%2Fturnip.exchange%2F&flash=0&wgl=1&adsid=NT&dt=1594208794135&bpp=9&bdt=11563&idt=56&shv=r20200706&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=3607400238714&frm=20&pv=2&ga_vid=85370065.1594208794&ga_sid=1594208794&ga_hid=24907653&ga_fc=0&iag=0&icsg=34991&dssz=9&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=1315&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066653%2C42530493%2C42530495%2C42530499%2C42530501&oid=3&pvsid=2532718384899062&pem=256&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8208&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=VBOIkVGeoD&p=https%3A//turnip.exchange&dtd=79
Frame ID: BEFA376A9F5D0AFAF49DC37E7A30EC31
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9872233689689746&output=html&adk=1812271804&adf=3025194257&lmt=1594083252&plat=1%3A32776%2C2%3A32776%2C8%3A32768%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&us_privacy=1---&format=0x0&url=https%3A%2F%2Fturnip.exchange%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1594208794144&bpp=3&bdt=11572&idt=84&shv=r20200706&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90&nras=1&correlator=3607400238714&frm=20&pv=1&ga_vid=85370065.1594208794&ga_sid=1594208794&ga_hid=24907653&ga_fc=0&iag=0&icsg=166063&dssz=10&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066653%2C42530493%2C42530495%2C42530499%2C42530501&oid=3&pvsid=2532718384899062&pem=256&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=31&ifi=1&uci=a!1&fsb=1&dtd=116
Frame ID: 099219E933690CEAFA8322B4DE7C9A24
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: 5F536B7E0E8BFE9A2162444CDAA39336
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://turnip.exchange/ HTTP 301
https://turnip.exchange/ Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Page Statistics

49
Requests

100 %
HTTPS

64 %
IPv6

14
Domains

16
Subdomains

15
IPs

4
Countries

872 kB
Transfer

2578 kB
Size

1
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://nookazon.com/exchange

Search URL Search Domain Scan URL

URL: https://patreon.warp.world/
Title: Check out our Patreon

Search URL Search Domain Scan URL

URL: https://crowdmade.com/collections/warpworld
Title: Dress like us

Search URL Search Domain Scan URL

URL: https://discord.gg/warpworld
Title: Talk with us

Search URL Search Domain Scan URL

URL: https://twitter.com/WarpWorld
Title: Follow us

Search URL Search Domain Scan URL

URL: https://nitropay.com/
Title:

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://turnip.exchange/ HTTP 301
https://turnip.exchange/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

49 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
turnip.exchange/
Redirect Chain

http://turnip.exchange/
https://turnip.exchange/

3 KB
1 KB

437ms
394ms

Document
text/html

2606:4700:20::ac43:4728
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://turnip.exchange/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4728 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17395d6c85f80a5b30230ca59f3bc865f835cf9b9e92f9160289b92a2090d6f2

Request headers

:method: GET
:authority: turnip.exchange
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Wed, 08 Jul 2020 11:46:22 GMT
content-type: text/html
set-cookie: __cfduid=deb35ade5aa2626f5198c3eef47afa5361594208782; expires=Fri, 07-Aug-20 11:46:22 GMT; path=/; domain=.turnip.exchange; HttpOnly; SameSite=Lax; Secure
x-amz-id-2: LzMj8R3tXSUKLvsv2a6IkpgQN4XCzptke+2RWoiNVdQ2v6vnA7ox6QfwqPO6UQQ+24ETjVQRdI0=
x-amz-request-id: 94AEB2499C5B3112
last-modified: Tue, 07 Jul 2020 00:54:12 GMT
cf-cache-status: DYNAMIC
cf-request-id: 03cfd89f5b000097de8eaca200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5af990789c5b97de-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

Date: Wed, 08 Jul 2020 11:46:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 08 Jul 2020 12:46:22 GMT
Location: https://turnip.exchange/
cf-request-id: 03cfd89f1d0000dfef0fa8c200000001
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 5af990782949dfef-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 app.67ad253c.css
turnip.exchange/css/ 790 KB
48 KB 31ms
30ms Stylesheet
text/css 2606:4700:20::ac43:4728
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://turnip.exchange/css/app.67ad253c.css
Requested by: Host: turnip.exchange
URL: https://turnip.exchange/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4728 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ade6539cbb131eb1d95d95aec6e77ce4a95119597bf6e51cf5bb2039a912cf6

Request headers

Referer: https://turnip.exchange/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 08 Jul 2020 11:46:22 GMT
content-encoding: br
cf-cache-status: HIT
age: 1503
cf-polished: origSize=808645
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 7D47997AF1241352
x-amz-id-2: HYpdxhFLTZTpruBhlDou+SXzqGYUvp5anpAJgrov1Jy/e2i1BENLUwh1aW8F501Rmsprs/5WARY=
last-modified: Tue, 07 Jul 2020 00:54:11 GMT
server: cloudflare
etag: W/"e005b7c8761bb7e5bb2e7b6ada51e744"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=86400
cf-request-id: 03cfd8a0eb000097de8eae4200000001
cf-ray: 5af9907b1e6997de-FRA
cf-bgj: minify

GET
H2 200 app.49ee2432.js Show response
turnip.exchange/js/ 44 KB
19 KB 37ms
36ms Script
application/javascript 2606:4700:20::ac43:4728
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://turnip.exchange/js/app.49ee2432.js
Requested by: Host: turnip.exchange
URL: https://turnip.exchange/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4728 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49e599db358ac486670c1bc1f7f3ff8390f3dfbd6282da3869f7a9d50ce5b861

Request headers

Referer: https://turnip.exchange/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 08 Jul 2020 11:46:22 GMT
content-encoding: br
cf-cache-status: HIT
age: 1503
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: E245064D5AC6AA3D
x-amz-id-2: iDYVwNPhtoiGM6QWmNf9z00c/H37bXXv5BegMJnuuEBwcYbe4lHwW8UVOkQLc+H4z9ciQ3RYpso=
last-modified: Tue, 07 Jul 2020 00:54:12 GMT
server: cloudflare
etag: W/"399b63533f77be3bce02eb9736eb585a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-request-id: 03cfd8a0eb000097de8eae5200000001
cf-ray: 5af9907b1e6a97de-FRA
cf-bgj: minify

GET
H2 200 chunk-vendors.d3a55170.js Show response
turnip.exchange/js/ 183 KB
61 KB 32ms
31ms Script
application/javascript 2606:4700:20::ac43:4728
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://turnip.exchange/js/chunk-vendors.d3a55170.js
Requested by: Host: turnip.exchange
URL: https://turnip.exchange/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4728 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df3621033f43a931055efbba6361a584067edc75a1d2fa792d89c1f522ba6531

Request headers

Referer: https://turnip.exchange/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 08 Jul 2020 11:46:22 GMT
content-encoding: br
cf-cache-status: HIT
age: 2932
cf-polished: origSize=187576
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: CA7C788E3E3CB08E
x-amz-id-2: qeLbta+POBvzWcTmWzN4W0389oogk0VCnnb3RgjsG5dFMPIMIl6v86k+w4ZglQPWhwiWubm+hnE=
last-modified: Thu, 11 Jun 2020 18:08:50 GMT
server: cloudflare
etag: W/"bf9157b18869be28b9319f965bb0b6dd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-request-id: 03cfd8a0eb000097de8eae6200000001
cf-ray: 5af9907b1e6b97de-FRA
cf-bgj: minify

GET
H2 200 host.9585b828.css
turnip.exchange/css/ 0
2 KB 25ms
23ms Other
text/css 2606:4700:20::ac43:4728
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://turnip.exchange/css/host.9585b828.css
Requested by: Host: turnip.exchange
URL: https://turnip.exchange/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4728 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://turnip.exchange/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 08 Jul 2020 11:46:22 GMT
content-encoding: br
cf-cache-status: HIT
age: 5210
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: CFC3C8F920FD4854
x-amz-id-2: kBqJ7jgAI1tIsytBs2YlA+zd19Saq+uyI37h1ZliAgwMcfq6ThbWbzS1P4KnjD+wfTeMSExdgRM=
last-modified: Thu, 11 Jun 2020 18:08:50 GMT
server: cloudflare
etag: W/"a942d139cb589b65938af35a98ac4cde"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=86400
cf-request-id: 03cfd8a0ee000097de8eae7200000001
cf-ray: 5af9907b1e7097de-FRA
cf-bgj: minify

GET
H2 200 islands.0988e632.css
turnip.exchange/css/ 0
737 B 40ms
38ms Other
text/css 2606:4700:20::ac43:4728
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://turnip.exchange/css/islands.0988e632.css
Requested by: Host: turnip.exchange
URL: https://turnip.exchange/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4728 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://turnip.exchange/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 08 Jul 2020 11:46:22 GMT
content-encoding: br
cf-cache-status: HIT
age: 1490
cf-polished: origSize=1690
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 75D4D10E8A13E6D3
x-amz-id-2: p7Glit6qy0OHe/S2rBrdBFJ4XXet3KnPOo2pOH6ox8AUJWrql1daxHYWGCwKUcRQk/eeqX5RLFc=
last-modified: Thu, 11 Jun 2020 18:08:50 GMT
server: cloudflare
etag: W/"17dd020168dde518f01c346ce298b004"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=86400
cf-request-id: 03cfd8a0ee000097de8eae8200000001
cf-ray: 5af9907b1e7197de-FRA
cf-bgj: minify

GET
H2 200 404.6a1167a2.js
turnip.exchange/js/ 0
887 B 41ms
39ms Other
application/javascript 2606:4700:20::ac43:4728
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://turnip.exchange/js/404.6a1167a2.js
Requested by: Host: turnip.exchange
URL: https://turnip.exchange/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4728 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://turnip.exchange/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 08 Jul 2020 11:46:22 GMT
content-encoding: br
cf-cache-status: HIT
age: 5210
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: CE5D7CF875DBCD24
x-amz-id-2: B7pzox47CIAh7j8ew8w2ON5wVJMRZwVQ06jWcimEeg3JY1NLPFShTuHqyqdRPOPAUNWhy39VaWQ=
last-modified: Thu, 11 Jun 2020 18:08:50 GMT
server: cloudflare
etag: W/"fd8a1183418171a5c21fb97be2f29a59"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-request-id: 03cfd8a0ee000097de8eae9200000001
cf-ray: 5af9907b1e7297de-FRA
cf-bgj: minify

GET
H2 200 background-gallery.2f33e6a5.js
turnip.exchange/js/ 0
2 KB 36ms
34ms Other
application/javascript 2606:4700:20::ac43:4728
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://turnip.exchange/js/background-gallery.2f33e6a5.js
Requested by: Host: turnip.exchange
URL: https://turnip.exchange/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4728 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://turnip.exchange/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 08 Jul 2020 11:46:22 GMT
content-encoding: br
cf-cache-status: HIT
age: 3434
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: F46D57FDCE14C9A0
x-amz-id-2: hZ4z8YyxmeebPg4Bvr34bdI+UExlAFq+zLQRDOs9jG0Fot6MQ+qw+ZLXWamFW520djut+x2bLdc=
last-modified: Thu, 11 Jun 2020 18:08:50 GMT
server: cloudflare
etag: W/"aaa9ef963e27a6c815a6d8664e572cf3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-request-id: 03cfd8a0ee000097de8eaea200000001
cf-ray: 5af9907b1e7397de-FRA
cf-bgj: minify

GET
H2 200 commitment.7f40ede8.js
turnip.exchange/js/ 0
2 KB 34ms
32ms Other
application/javascript 2606:4700:20::ac43:4728
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://turnip.exchange/js/commitment.7f40ede8.js
Requested by: Host: turnip.exchange
URL: https://turnip.exchange/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4728 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://turnip.exchange/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 08 Jul 2020 11:46:22 GMT
content-encoding: br
cf-cache-status: HIT
age: 5210
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 98F653C127743383
x-amz-id-2: f4e2a6PYbVvzKLFcRIiAAKP3LFOsR0SujlzncyyvFdTVy3rG8eWuoppi9yi7+Uo3mfw1X2Qg5Ws=
last-modified: Thu, 11 Jun 2020 18:08:50 GMT
server: cloudflare
etag: W/"90d54824a9b74effc38a198291caac78"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-request-id: 03cfd8a0ee000097de8eaeb200000001
cf-ray: 5af9907b1e7597de-FRA
cf-bgj: minify

GET
H2 200 faq.681fd2e5.js
turnip.exchange/js/ 0
3 KB 29ms
27ms Other
application/javascript 2606:4700:20::ac43:4728
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://turnip.exchange/js/faq.681fd2e5.js
Requested by: Host: turnip.exchange
URL: https://turnip.exchange/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4728 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://turnip.exchange/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 08 Jul 2020 11:46:22 GMT
content-encoding: br
cf-cache-status: HIT
age: 5210
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 2689E11751BC692A
x-amz-id-2: AZzTgT/BRnuMm7rr65RP8w0Xw/RWbCXtXAGmjLCDC3HcqlGtnarUmZBHB370V4AUcLhKTlFnNDY=
last-modified: Thu, 11 Jun 2020 18:08:50 GMT
server: cloudflare
etag: W/"0c5ca61aa76a185e34ee4ea8b6b4358c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-request-id: 03cfd8a0f1000097de8eaec200000001
cf-ray: 5af9907b1e7697de-FRA
cf-bgj: minify

GET
H2 200 host.9c5bb14b.js
turnip.exchange/js/ 0
27 KB 40ms
38ms Other
application/javascript 2606:4700:20::ac43:4728
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://turnip.exchange/js/host.9c5bb14b.js
Requested by: Host: turnip.exchange
URL: https://turnip.exchange/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4728 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://turnip.exchange/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 08 Jul 2020 11:46:22 GMT
content-encoding: br
cf-cache-status: HIT
age: 5210
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: AF139738E0524752
x-amz-id-2: 2CDob0yvJgJVkUixvlsWiwB+ef5I+laMKbHP4U2sIdJ+hf+auNMGuC5MbpoCFwl7I9LXit8zix4=
last-modified: Thu, 11 Jun 2020 18:08:50 GMT
server: cloudflare
etag: W/"d80cad71401e0b5705d8290f18e1bebf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-request-id: 03cfd8a0f1000097de8eaed200000001
cf-ray: 5af9907b1e7897de-FRA
cf-bgj: minify

GET
H2 200 islands.905e7fa3.js
turnip.exchange/js/ 0
12 KB 36ms
34ms Other
application/javascript 2606:4700:20::ac43:4728
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://turnip.exchange/js/islands.905e7fa3.js
Requested by: Host: turnip.exchange
URL: https://turnip.exchange/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4728 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://turnip.exchange/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 08 Jul 2020 11:46:22 GMT
content-encoding: br
cf-cache-status: HIT
age: 1104
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 941B14C1526B05D8
x-amz-id-2: yWfmDDCUG1bJMcd3A0QWNvHVAgFqCCQIrDpi+6T9HolCBkNATdmqkPmobMA+GlbZlDEeYm8sBQ0=
last-modified: Thu, 11 Jun 2020 18:08:50 GMT
server: cloudflare
etag: W/"38e1b46b0e975b6bb977337e3f294141"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-request-id: 03cfd8a0f1000097de8eaee200000001
cf-ray: 5af9907b1e7a97de-FRA
cf-bgj: minify

GET
H2 200 privacy.b662bd0b.js
turnip.exchange/js/ 0
4 KB 85ms
83ms Other
application/javascript 2606:4700:20::ac43:4728
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://turnip.exchange/js/privacy.b662bd0b.js
Requested by: Host: turnip.exchange
URL: https://turnip.exchange/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4728 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://turnip.exchange/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 08 Jul 2020 11:46:22 GMT
content-encoding: br
cf-cache-status: HIT
age: 5210
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: F671E9092FB06E20
x-amz-id-2: eHEzi63G9ZXk0M6B6VTw/QIoh8rEG8ZOY/dyQCHcjwq0HesElCs8ta9z2S2y3ITX1PMuOFVx8NU=
last-modified: Thu, 11 Jun 2020 18:08:50 GMT
server: cloudflare
etag: W/"ea3cfcb3d692136e07a586f8e0f9657c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-request-id: 03cfd8a0f1000097de8eaef200000001
cf-ray: 5af9907b1e7c97de-FRA
cf-bgj: minify

GET
H2 200 view.0710a37a.js
turnip.exchange/js/ 0
15 KB 49ms
48ms Other
application/javascript 2606:4700:20::ac43:4728
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://turnip.exchange/js/view.0710a37a.js
Requested by: Host: turnip.exchange
URL: https://turnip.exchange/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4728 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://turnip.exchange/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 08 Jul 2020 11:46:22 GMT
content-encoding: br
cf-cache-status: HIT
age: 2761
cf-polished: origSize=59309
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 0325515A24CFBD66
x-amz-id-2: GPDj+zSOTNWS+TfVY94fBceuB/QXPzL3juRocJhotfn/oeWmvYX/fQVN7jLS44TTOWypzy6Dc3Q=
last-modified: Thu, 11 Jun 2020 18:08:50 GMT
server: cloudflare
etag: W/"b09e96922f0587ede759f0e03ca8b39a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-request-id: 03cfd8a0f1000097de8eaf0200000001
cf-ray: 5af9907b1e7e97de-FRA
cf-bgj: minify

GET
H2 200 css
fonts.googleapis.com/ 4 KB
672 B 53ms
15ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Rubik:400,500,700&display=swap

Requested by

Host: turnip.exchange
URL: https://turnip.exchange/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1be81e61d94d540d17b03df53c65caf23903836f31c0936ba903a6859367b7ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://turnip.exchange/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 08 Jul 2020 11:46:22 GMT
server: ESF
date: Wed, 08 Jul 2020 11:46:22 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 08 Jul 2020 11:46:22 GMT

GET
H2 200 ads-434.js Show response
s.nitropay.com/ 346 KB
113 KB 80ms
41ms Script
application/javascript 2606:4700:10::ac43:1b35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.nitropay.com/ads-434.js

Requested by

Host: turnip.exchange
URL: https://turnip.exchange/js/app.49ee2432.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1b35 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fda6792b3a9849b1a417a82049e7fcc600b05ccc4617146d121443a50bca5efd

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://turnip.exchange/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 08 Jul 2020 11:46:22 GMT
content-encoding: gzip
cf-cache-status: HIT
x-goog-meta-goog-reserved-file-mtime: 1593024765
age: 82
status: 200
x-guploader-uploadid: AAANsUlffOgWKkCfFHsh79ejDECE9aLBSXRCaePwgJvQVD_g2zHxvgODfRyu-l80G2jUP25HHJO0rSEXGtXRZF6MDp8
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
strict-transport-security: max-age=2592000; includeSubDomains
cf-request-id: 03cfd8a1e600001f2dbcad2200000001
cf-ray: 5af9907ca88a1f2d-FRA
last-modified: Wed, 08 Jul 2020 02:48:13 GMT
server: cloudflare
etag: W/"d07639c5439df2d731f326c63dae58e0:1594176493000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=Yy7v/w==, md5=0HY5xUOd8tcx8ybGPa5Y4A==
x-goog-generation: 1593024810993401
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: private, max-age=600
x-goog-stored-content-length: 329002
content-type: application/javascript
expires: Wed, 08 Jul 2020 12:45:00 GMT

GET
H2 200 discord.f8389ca1.svg
turnip.exchange/img/ 1 KB
795 B 24ms
24ms Image
image/svg+xml 2606:4700:20::ac43:4728
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://turnip.exchange/img/discord.f8389ca1.svg
Requested by: Host: turnip.exchange
URL: https://turnip.exchange/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4728 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e93e0f5dc61ee9c07bd0056b3a57d7c3e8b09020c350b688a6a5fbc09e7fff59

Request headers

Referer: https://turnip.exchange/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 08 Jul 2020 11:46:22 GMT
content-encoding: br
cf-cache-status: HIT
age: 500
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: FA4EDA800CC4584F
x-amz-id-2: 5NDcAxEnO9PtOecJ2HUuDyrCVhzO7UPpdv1UOgxsHLLou8SqjqHUVRhWEgq3VeMD04yr3hxqOjQ=
last-modified: Thu, 11 Jun 2020 18:08:50 GMT
server: cloudflare
etag: W/"f8389ca1a741a115313bede9ac02e2c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-request-id: 03cfd8a1f2000097de8eb01200000001
cf-ray: 5af9907cb80697de-FRA

GET
H2 200 nookazon-banner.5733797c.jpg
turnip.exchange/img/ 54 KB
54 KB 19ms
19ms Image
image/jpeg 2606:4700:20::ac43:4728
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://turnip.exchange/img/nookazon-banner.5733797c.jpg
Requested by: Host: turnip.exchange
URL: https://turnip.exchange/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4728 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b6883624114f545868cdf1e3d2fae80d9b9749a1d55538f1ab1115f3daf984d

Request headers

Referer: https://turnip.exchange/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 08 Jul 2020 11:46:22 GMT
cf-cache-status: HIT
age: 4250
cf-ray: 5af9907cb80897de-FRA
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 55021
x-amz-id-2: nnk0DljYLgJRBPzsVkFK/jXyqsluyF9n+NPYI7VQR5kTOm+K+bMonCMF5VTaf248VVwLGzlCZWY=
last-modified: Tue, 07 Jul 2020 00:54:11 GMT
server: cloudflare
etag: "5733797ca129cb9ab0d17fccb4bef37c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 5C472269A962000F
cache-control: max-age=86400
cf-request-id: 03cfd8a1f3000097de8eb02200000001
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: h2pri

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 405abba7e89b3c2871eb5865e06cfbc8cc27feb8636bb8079d254bcf9fd2e04c

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: af21b06ba2b4c1b84e378bfaa696409a91abeba81129449f907202f643655545

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 24bb1f2567777a448f5f731a41bb9f9f16d5b7f0d557caa0e73f7b1eb36511aa

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 patreon.d66dc81f.svg
turnip.exchange/img/ 404 B
430 B 17ms
16ms Image
image/svg+xml 2606:4700:20::ac43:4728
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://turnip.exchange/img/patreon.d66dc81f.svg
Requested by: Host: turnip.exchange
URL: https://turnip.exchange/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4728 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2af53bbba5c57d78d1ae2f0584f6277c5644fe5d6838542678c0c9383bc17246

Request headers

Referer: https://turnip.exchange/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 08 Jul 2020 11:46:22 GMT
content-encoding: br
cf-cache-status: HIT
age: 500
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: DC061C64DB306D0A
x-amz-id-2: 7A0hwBiWaeYsCT6Xh3TVkAaLlREl+NtyLjTaoPYoqHLNm0e5AznLZ2AkwptRfm2JwKBfGbTDTo0=
last-modified: Thu, 11 Jun 2020 18:08:50 GMT
server: cloudflare
etag: W/"d66dc81f7fc1ee70a314f33760f86534"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-request-id: 03cfd8a1f5000097de8eb04200000001
cf-ray: 5af9907cb80b97de-FRA

GET
H2 200 twitter.c4f438fa.svg
turnip.exchange/img/ 2 KB
1 KB 18ms
18ms Image
image/svg+xml 2606:4700:20::ac43:4728
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://turnip.exchange/img/twitter.c4f438fa.svg
Requested by: Host: turnip.exchange
URL: https://turnip.exchange/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4728 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 331ec3645a55f091d911530da5d3dab7f127240da99c69975153709f1646ca20

Request headers

Referer: https://turnip.exchange/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 08 Jul 2020 11:46:22 GMT
content-encoding: br
cf-cache-status: HIT
age: 500
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: DT3R4P2N6S5JDV7J
x-amz-id-2: 3G4LnEYY7gM4gg4RGcZG7KgrtD43MI5NUQ3HM4EeTj15WJe/g8kP/dweArq277r3lYWpQfaMPxU=
last-modified: Thu, 11 Jun 2020 18:08:50 GMT
server: cloudflare
etag: W/"c4f438fa6064cce71e3a97aae3d9684a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-request-id: 03cfd8a1f6000097de8eb05200000001
cf-ray: 5af9907cb80d97de-FRA

GET
H2 200 wood-tile.d441e536.jpg
turnip.exchange/img/ 141 KB
141 KB 26ms
21ms Image
image/jpeg 2606:4700:20::ac43:4728
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://turnip.exchange/img/wood-tile.d441e536.jpg
Requested by: Host: turnip.exchange
URL: https://turnip.exchange/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4728 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5a85581b3b3de6ce76cc7d6b17f34de992f95e03a1bd42ccaab56a428f9f7fc

Request headers

Referer: https://turnip.exchange/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 08 Jul 2020 11:46:22 GMT
cf-cache-status: HIT
age: 500
cf-ray: 5af9907ce82b97de-FRA
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 144386
x-amz-id-2: X2zLCVL7zUawMnBYVkRtQ5oSX+V5tmOuGOR9sSPBA9kMynJHW76mvF7g9AHE7s9Ty6I1Wfgbtbk=
last-modified: Thu, 11 Jun 2020 18:08:50 GMT
server: cloudflare
etag: "d441e536227d75d1eb481d15841c2808"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: F877B2A14109D8BF
cache-control: max-age=86400
cf-request-id: 03cfd8a20d000097de8eb07200000001
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: h2pri

GET
H2 200 animal-crossing-beach.635f0bf0.jpg
turnip.exchange/img/ 16 KB
16 KB 30ms
26ms Image
image/jpeg 2606:4700:20::ac43:4728
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://turnip.exchange/img/animal-crossing-beach.635f0bf0.jpg
Requested by: Host: turnip.exchange
URL: https://turnip.exchange/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4728 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f9bdbe65fb185f445f96bbbf0863240449ff5954448cddf00460db76779992d

Request headers

Referer: https://turnip.exchange/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 08 Jul 2020 11:46:22 GMT
cf-cache-status: HIT
age: 3467
cf-ray: 5af9907ce82c97de-FRA
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16127
x-amz-id-2: 058RAfGQs2rbW/LE5paLlSgItghcOepgCQ71o7AXJ5g70F1eWl66NWlGZQyGXSI1j4DCURFVb/Q=
last-modified: Thu, 11 Jun 2020 18:08:50 GMT
server: cloudflare
etag: "635f0bf0e5c7c31016824eac7daec507"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: F71D8C4B999CD9A4
cache-control: max-age=86400
cf-request-id: 03cfd8a20d000097de8eb08200000001
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: h2pri

GET
H2 200 iJWKBXyIfDnIV7nBrXyw023e.woff2
fonts.gstatic.com/s/rubik/v9/ 16 KB
16 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rubik/v9/iJWKBXyIfDnIV7nBrXyw023e.woff2

Requested by

Host: turnip.exchange
URL: https://turnip.exchange/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8aa337fc37713d6c02cdbb773733509a0d5186d4185d6cefe101467797dd815

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Rubik:400,500,700&display=swap
Origin: https://turnip.exchange

Response headers

date: Wed, 10 Jun 2020 04:30:05 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:27:24 GMT
server: sffe
age: 2445377
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16268
x-xss-protection: 0
expires: Thu, 10 Jun 2021 04:30:05 GMT

GET
H2 200 FinkHeavy.a5b5fd43.ttf
turnip.exchange/fonts/ 35 KB
35 KB 22ms
20ms Font
binary/octet-stream 2606:4700:20::ac43:4728
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://turnip.exchange/fonts/FinkHeavy.a5b5fd43.ttf
Requested by: Host: turnip.exchange
URL: https://turnip.exchange/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4728 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f63d3b4932e21a7791b5617f3a527c891e3be270ed7bd462f028df892d0eafe

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://turnip.exchange/css/app.67ad253c.css
Origin: https://turnip.exchange

Response headers

date: Wed, 08 Jul 2020 11:46:22 GMT
cf-cache-status: HIT
age: 3382
cf-ray: 5af9907ce82a97de-FRA
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35488
x-amz-id-2: c9jW2dqtWXqbN5Bzi+bpI83DlWfUOOd+YVEn6BWE+Od6+2QkhMOw3Q6DKKCA53YS0dDaHqJXB4w=
last-modified: Thu, 11 Jun 2020 18:08:50 GMT
server: cloudflare
etag: "a5b5fd438bf859bfd9bb4c708d44f11a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 8A9467EFDFF010D2
cache-control: max-age=86400
cf-request-id: 03cfd8a20d000097de8eb06200000001
accept-ranges: bytes
content-type: binary/octet-stream

GET
H2 200 iJWHBXyIfDnIV7F6iGmd8WD07oB-.woff2
fonts.gstatic.com/s/rubik/v9/ 16 KB
16 KB 11ms
10ms Font
font/woff2 2a00:1450:4001:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rubik/v9/iJWHBXyIfDnIV7F6iGmd8WD07oB-.woff2

Requested by

Host: turnip.exchange
URL: https://turnip.exchange/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

817f9ddf55f874b27bb1934c13b2f2b200a2854de5daf285c96f33ffdb35b3f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Rubik:400,500,700&display=swap
Origin: https://turnip.exchange

Response headers

date: Mon, 08 Jun 2020 21:29:55 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:27:17 GMT
server: sffe
age: 2556987
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16320
x-xss-protection: 0
expires: Tue, 08 Jun 2021 21:29:55 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 115 KB
42 KB 80ms
21ms Script
text/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-434.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

beafdcdacf17a009b4e9b6c3a1a058c578d08c12b114127e00b9dcfc7a98b14e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://turnip.exchange/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 08 Jul 2020 11:46:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 41928
x-xss-protection: 0
server: cafe
etag: 4599739206219768156
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 08 Jul 2020 11:46:23 GMT

GET
H2 200 ncmp-2017.min.js Show response
s.nitropay.com/ 363 KB
87 KB 18ms
16ms Script
text/javascript 2606:4700:10::ac43:1b35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.nitropay.com/ncmp-2017.min.js

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-434.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1b35 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c3a079f734ee2c72edc302268e6f23ca611bef4f62ec4d4209909e1593f76b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://turnip.exchange/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 08 Jul 2020 11:46:23 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
age: 1836
x-guploader-uploadid: AAANsUnbdu_85yeh3OJGHtXU7qVVpdkCEH9u0--j8iaj6zYD11QtU8zauK5e3diPbQzbofJNz6nXoTRZgmUNLkMUDg
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: text/javascript
cf-request-id: 03cfd8a33800001f2dbcb01200000001
last-modified: Thu, 18 Jun 2020 22:49:06 GMT
server: cloudflare
etag: W/"f4581a90e7f7cf120eeb2f4455fbb079"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains
x-goog-hash: crc32c=MY6qgA==, md5=9FgakOf3zxIO6y9EVfuweQ==
x-goog-generation: 1592520546278453
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 371810
cf-ray: 5af9907ecd3f1f2d-FRA
expires: Wed, 08 Jul 2020 12:15:47 GMT

GET
H2 200 analytics
tracker.nitropay.com/sites/434/ 0
0 159ms
125ms Fetch 2606:4700:10::6816:227d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tracker.nitropay.com/sites/434/analytics?ab=eyJocmVmIjoiaHR0cHM6Ly90dXJuaXAuZXhjaGFuZ2UvIn0%3D

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-434.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:227d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://turnip.exchange/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 08 Jul 2020 11:46:23 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains
status: 200
cf-ray: 5af9907efb6a177e-FRA
content-length: 0
cf-request-id: 03cfd8a35d0000177eb5bc9200000001

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
887 B 47ms
25ms Script
application/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=turnip.exchange

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-434.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://turnip.exchange/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 08 Jul 2020 11:46:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
887 B 43ms
18ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=turnip.exchange

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-434.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://turnip.exchange/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 08 Jul 2020 11:46:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 vendor-list.json Show response
s.nitropay.com/ 117 KB
18 KB 57ms
54ms XHR
application/json 2606:4700:10::6816:227d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.nitropay.com/vendor-list.json

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ncmp-2017.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:227d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2450038329776a9895d06dae31eca94e23280f038bb7a27d7fdc4073ea54a8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://turnip.exchange/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 08 Jul 2020 11:46:23 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
age: 2854
x-guploader-uploadid: AAANsUm3vfOar2n1vYDgcU-Gkv1UvYRwuNIeZWD3IqpPB1B1vq6sdKyXyUv_mpRdYuhOp7PQv_-9E_sSs0oysWWqs70
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
content-type: application/json
cf-request-id: 03cfd8a40d0000177eb5be0200000001
last-modified: Thu, 02 Jul 2020 16:15:05 GMT
server: cloudflare
etag: W/"2cb06a94693a6d6ca8dc8753ec5cf56f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains
x-goog-hash: crc32c=6tySEQ==, md5=LLBqlGk6bWyo3IdT7Fz1bw==
x-goog-generation: 1593706505864176
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=604800
x-goog-stored-content-length: 119707
cf-ray: 5af990801dd8177e-FRA
expires: Wed, 15 Jul 2020 10:58:49 GMT

GET
H2 200 lang-alt.png
s.nitropay.com/assets/ 2 KB
2 KB 13ms
13ms Image
image/png 2606:4700:10::ac43:1b35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.nitropay.com/assets/lang-alt.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1b35 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eda5ec1c59939f001bdc15f557f3a905110aac0a60afc5a1eb92d8cdc2d2cbb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://turnip.exchange/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 08 Jul 2020 11:46:23 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 928
x-guploader-uploadid: AAANsUkIV2ZD6hHb8alLvOjJ_2TG4kiCPBq3ckhSFgz51260fYiRYgHmsfPflCEiFC5diNXLnGd-2PjQUp_Mc7rsnw
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: image/png
content-length: 1887
cf-request-id: 03cfd8a45300001f2dbcb09200000001
last-modified: Sun, 14 Jun 2020 01:12:51 GMT
server: cloudflare
etag: "ca072a3965f49a2c242c45d535163a53"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains
x-goog-hash: crc32c=7x+tRA==, md5=ygcqOWX0miwkLEXVNRY6Uw==
x-goog-generation: 1592097171393463
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 1887
accept-ranges: bytes
cf-ray: 5af9908089191f2d-FRA
expires: Wed, 08 Jul 2020 12:30:55 GMT

GET
H2 200 cancel-w.png
s.nitropay.com/assets/ 1 KB
2 KB 12ms
12ms Image
image/png 2606:4700:10::ac43:1b35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.nitropay.com/assets/cancel-w.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1b35 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89863d0411e5273c7c2befe50bceeab57034e26b5df8751cc13c3bd78c73511d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://turnip.exchange/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 08 Jul 2020 11:46:23 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 374
x-guploader-uploadid: AAANsUkaWo9oi49yY58lYg7PY2qdrOTV_Ag_7IWkar4EWYm97I3rb9GQquOSDUka8GONwrKHDE2Jtoo1am6W01Fk6A
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: image/png
content-length: 1302
cf-request-id: 03cfd8a45300001f2dbcb0a200000001
last-modified: Wed, 26 Sep 2018 06:50:42 GMT
server: cloudflare
etag: "c707b2d501a53bc2c66e98e4e5cabefb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains
x-goog-hash: crc32c=QrhBNA==, md5=xwey1QGlO8LGbpjk5cq++w==
x-goog-generation: 1537944642617286
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 1302
accept-ranges: bytes
cf-ray: 5af99080891b1f2d-FRA
expires: Wed, 08 Jul 2020 12:40:09 GMT

GET
H2 200 np-cmp-n2.png
s.nitropay.com/assets/ 3 KB
3 KB 14ms
13ms Image
image/png 2606:4700:10::ac43:1b35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.nitropay.com/assets/np-cmp-n2.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1b35 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d8fea63a817b75ec9bfbc153b60b576dd31392e4d2afbec0d83cc813f8aca4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://turnip.exchange/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 08 Jul 2020 11:46:23 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 3562
x-guploader-uploadid: AAANsUklmAfCcBLiLBnglmtmm20O0bv-1TcONPvEh1_rZIAMMpeMehVVuYpTeDVPv-fS86CGm9D-49N_KzyqPTs7tA
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: image/png
content-length: 2592
cf-request-id: 03cfd8a45300001f2dbcb0b200000001
expires: Wed, 08 Jul 2020 11:47:01 GMT
last-modified: Tue, 21 Apr 2020 13:05:46 GMT
server: cloudflare
etag: "940aa5b81e99bbb7414acc474a89bad9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains
x-goog-hash: crc32c=naGVVg==, md5=lAqluB6Zu7dBSsxHSom62Q==
x-goog-generation: 1587474346178492
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 2592
accept-ranges: bytes
cf-ray: 5af99080891d1f2d-FRA
cf-bgj: h2pri

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 143 B
1 KB 207ms
72ms XHR
application/json 185.33.221.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-434.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.53 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.13.4 /

Resource Hash

243fbeed7c3cda209b94ed7efdccfe9a3eb64e4369e2e0e62db0e86d42b5c171

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://turnip.exchange/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 08 Jul 2020 11:46:35 GMT
X-Proxy-Origin: 165.231.142.36; 165.231.142.36; 718.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.234:80
AN-X-Request-Uuid: c29d73ef-999b-412f-b34f-d04b87354437
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://turnip.exchange
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 143
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 v1 Show response
dmx.districtm.io/b/ 0
426 B 129ms
52ms XHR
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-434.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://turnip.exchange/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 08 Jul 2020 11:46:33 GMT
server: cloudflare
status: 204
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://turnip.exchange
access-control-allow-credentials: true
cf-ray: 5af990c11e58f132-ARN
access-control-allow-headers: Content-Type, Origin
cf-request-id: 03cfd8ccad0000f132d7acd200000001

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
116 B 246ms
128ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-434.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://turnip.exchange/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Wed, 08 Jul 2020 11:46:33 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://turnip.exchange

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 65 B
344 B 442ms
148ms XHR
application/json 67.202.110.21
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-434.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.110.21 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
Software: / 33Across
Resource Hash: 1dda8b7d033d96f7020dd26dde9bae845567600021d26542e22cfd2192c5e035

Request headers

Referer: https://turnip.exchange/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 08 Jul 2020 11:46:34 GMT
content-encoding: gzip
status: 200, 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://turnip.exchange
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 139 B
833 B 183ms
55ms XHR
application/json 185.33.221.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-434.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.53 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.13.4 /

Resource Hash

f367733fff878d83db220524c1efd4f2d29cba975d1012f1afa3ad70fa30a919

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://turnip.exchange/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 08 Jul 2020 11:46:35 GMT
X-Proxy-Origin: 165.231.142.36; 165.231.142.36; 718.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.58:80
AN-X-Request-Uuid: dcdde387-bf79-4fbb-8e7c-a27a440f5848
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://turnip.exchange
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 139
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 arj Show response
ggsoftware-d.openx.net/w/1.0/ 189 B
574 B 149ms
80ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ggsoftware-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fturnip.exchange%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.1&dddid=4abbdf3f-66fc-46d7-b1e3-e53e0a78ca7f&nocache=1594208793691&gdpr=0&us_privacy=1---&pubcid=8c0936f0-50f9-4592-8b26-8723b0a922ec&schain=1.0%2C1!nitropay.com%2C442%2C1%2C%2C%2C&aus=970x90&divIds=nitro-footer&auid=541130633&
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-434.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.189.0 /
Resource Hash: ee9fab6f6953dd5aeed4a86e93634ab125bc98fd642aad98fea9924f2a630f59

Request headers

Referer: https://turnip.exchange/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 08 Jul 2020 11:46:33 GMT
content-encoding: gzip
server: OXGW/16.189.0
status: 200
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://turnip.exchange
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 177
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 show_ads_impl_exp_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200706/r20190131/ 220 KB
83 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200706/r20190131/show_ads_impl_exp_fy2019.js?turnip.exchange

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-434.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bb7475f5bd29059004b9d2baacba1d051974166767997fc1cfa0235a40dba4e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://turnip.exchange/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 08 Jul 2020 11:46:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 84840
x-xss-protection: 0
server: cafe
etag: 12810413546594282314
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Jul 2020 11:46:34 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200706/r20190131/ Frame 351C 0
0 6ms
5ms Document
text/html 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20200706/r20190131/zrt_lookup.html

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-434.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20200706/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://turnip.exchange/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkEYftNCOHMzT2C09fTRYdnCIr95ov3PC1ym5TfCHMLksuc4jZv5xp50sKV
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://turnip.exchange/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Tue, 07 Jul 2020 01:51:48 GMT
expires: Tue, 21 Jul 2020 01:51:48 GMT
content-type: text/html; charset=UTF-8
etag: 4448614309292777386
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4502
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 122086
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame BEFA 0
0 380ms
365ms Document
text/html 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9872233689689746&output=html&h=90&slotname=nitroadsPassbackNR&adk=3291266011&adf=1104304089&w=970&lmt=1594083252&psa=0&guci=1.2.0.0.2.2.0.0&us_privacy=1---&format=970x90&url=https%3A%2F%2Fturnip.exchange%2F&flash=0&wgl=1&adsid=NT&dt=1594208794135&bpp=9&bdt=11563&idt=56&shv=r20200706&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=3607400238714&frm=20&pv=2&ga_vid=85370065.1594208794&ga_sid=1594208794&ga_hid=24907653&ga_fc=0&iag=0&icsg=34991&dssz=9&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=1315&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066653%2C42530493%2C42530495%2C42530499%2C42530501&oid=3&pvsid=2532718384899062&pem=256&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8208&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=VBOIkVGeoD&p=https%3A//turnip.exchange&dtd=79

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-434.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5958443237185055924/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5958443237185055924/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIGmhMfKveoCFU_6dwodWUMJsw&gqi=GrIFX4rXDtOArATPjqXwAw&layout=/sadbundle/%24csp%253Der3%24/5958443237185055924/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9872233689689746&output=html&h=90&slotname=nitroadsPassbackNR&adk=3291266011&adf=1104304089&w=970&lmt=1594083252&psa=0&guci=1.2.0.0.2.2.0.0&us_privacy=1---&format=970x90&url=https%3A%2F%2Fturnip.exchange%2F&flash=0&wgl=1&adsid=NT&dt=1594208794135&bpp=9&bdt=11563&idt=56&shv=r20200706&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=3607400238714&frm=20&pv=2&ga_vid=85370065.1594208794&ga_sid=1594208794&ga_hid=24907653&ga_fc=0&iag=0&icsg=34991&dssz=9&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=1315&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066653%2C42530493%2C42530495%2C42530499%2C42530501&oid=3&pvsid=2532718384899062&pem=256&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8208&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=VBOIkVGeoD&p=https%3A//turnip.exchange&dtd=79
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://turnip.exchange/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkEYftNCOHMzT2C09fTRYdnCIr95ov3PC1ym5TfCHMLksuc4jZv5xp50sKV
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://turnip.exchange/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5958443237185055924/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5958443237185055924/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIGmhMfKveoCFU_6dwodWUMJsw&gqi=GrIFX4rXDtOArATPjqXwAw&layout=/sadbundle/%24csp%253Der3%24/5958443237185055924/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 08 Jul 2020 11:46:34 GMT
server: cafe
content-length: 28932
x-xss-protection: 0
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 7 KB
6 KB 58ms
18ms XHR
application/json 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200706&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200706/r20190131/show_ads_impl_exp_fy2019.js?turnip.exchange

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02570c797bf70355466a5a05aa22daaf4f539bd48091615e484c274be5081e36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://turnip.exchange/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 08 Jul 2020 11:46:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 5661
x-xss-protection: 0

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 52ms
15ms Script
text/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-434.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7eb3806dc8507c221e384aa124ebca7865a91d9cd30b99d9c236dbd05f6b2b2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://turnip.exchange/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 08 Jul 2020 11:46:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1594034879209841"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27675
x-xss-protection: 0
expires: Wed, 08 Jul 2020 11:46:34 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 0992 0
0 17ms
17ms Document
text/html 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9872233689689746&output=html&adk=1812271804&adf=3025194257&lmt=1594083252&plat=1%3A32776%2C2%3A32776%2C8%3A32768%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&us_privacy=1---&format=0x0&url=https%3A%2F%2Fturnip.exchange%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1594208794144&bpp=3&bdt=11572&idt=84&shv=r20200706&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90&nras=1&correlator=3607400238714&frm=20&pv=1&ga_vid=85370065.1594208794&ga_sid=1594208794&ga_hid=24907653&ga_fc=0&iag=0&icsg=166063&dssz=10&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066653%2C42530493%2C42530495%2C42530499%2C42530501&oid=3&pvsid=2532718384899062&pem=256&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=31&ifi=1&uci=a!1&fsb=1&dtd=116

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-434.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9872233689689746&output=html&adk=1812271804&adf=3025194257&lmt=1594083252&plat=1%3A32776%2C2%3A32776%2C8%3A32768%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&us_privacy=1---&format=0x0&url=https%3A%2F%2Fturnip.exchange%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1594208794144&bpp=3&bdt=11572&idt=84&shv=r20200706&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90&nras=1&correlator=3607400238714&frm=20&pv=1&ga_vid=85370065.1594208794&ga_sid=1594208794&ga_hid=24907653&ga_fc=0&iag=0&icsg=166063&dssz=10&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066653%2C42530493%2C42530495%2C42530499%2C42530501&oid=3&pvsid=2532718384899062&pem=256&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=31&ifi=1&uci=a!1&fsb=1&dtd=116
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://turnip.exchange/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkEYftNCOHMzT2C09fTRYdnCIr95ov3PC1ym5TfCHMLksuc4jZv5xp50sKV
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://turnip.exchange/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 08 Jul 2020 11:46:34 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
6 KB 35ms
13ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-434.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://turnip.exchange/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 08 Jul 2020 11:46:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1591403518460474"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5540
x-xss-protection: 0
expires: Wed, 08 Jul 2020 11:46:34 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame 5F53 0
0 6ms
6ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-434.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/210/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://turnip.exchange/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://turnip.exchange/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4590
date: Wed, 08 Jul 2020 11:05:51 GMT
expires: Thu, 08 Jul 2021 11:05:51 GMT
last-modified: Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2443
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
120 B 44ms
38ms Image
image/gif 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gda_r20200706&jk=2532718384899062&bg=!09Cl0MhYPJqq_Wwvu2MCAAAAVlIAAAATmQGAB2OK26PyAJr06N4FggJrSNttWeIL8NtK2NlFVCYJrZeNljSY-iKpSItLq7R_dYSkerFGnvn6GJyb9P51OHdyC9EqYY6PEuPi-CjFvKXVlG-yDZMEJldUXEdxkffgF-qawRzPzaJgfEHV7VcoBKrK7sdVct8TCvDGHJz_eVgvo1l9jFCh5_yj6nMHh-JU2_xkP8zIk-N8pEHKOKnBfxAL-HJ8okQZCUKyo2iZskiXq4ss5sQ3LZ1JQxpWQ2W7EKejbSMbPID9GRLNHlsKJvodgAMT5yXE1RCaNxij8omC6rIQo8ougEvzjT3hViUyRellK8yHAusmdTvaGe1obfWi8I7FBrMtDh5J5_Gxs9x8oMmJX2WKBbBNkqzPsc2FdXkPaZlD6brtpJ0WRGcYKHniRhz5g1hoth80Pn3vviYlqnezbERV1mVVDGFvgQoqvuY6EMIn0IdBDTpYs1NsE5BzDk0W8VKFNjnhG9gQ7W29ZgAZqvOqkTUIdx0_J56KFrO4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://turnip.exchange/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Jul 2020 11:46:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.turnip.exchange/	1970-01-19 11:33:20	Name: __cfduid Value: deb35ade5aa2626f5198c3eef47afa5361594208782

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	URL: https://s.nitropay.com/ads-434.js(Line 1) Message: NitroAds: Loaded. Version: 20200624-2dbc3b9, Geo: DE Timeout: 2000.
console-api	info	URL: https://s.nitropay.com/ads-434.js(Line 1) Message: NitroAds: Ad Unit: nitro-footer, display, 3a9c095b-8329-4e2a-8f4a-ab162b45a129

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
dmx.districtm.io
fonts.googleapis.com
fonts.gstatic.com
ggsoftware-d.openx.net
googleads.g.doubleclick.net
hbopenbid.pubmatic.com
ib.adnxs.com
pagead2.googlesyndication.com
s.nitropay.com
ssc.33across.com
tpc.googlesyndication.com
tracker.nitropay.com
turnip.exchange
www.googletagservices.com
104.16.68.69
185.33.221.53
185.64.189.112
2606:4700:10::6816:227d
2606:4700:10::ac43:1b35
2606:4700:20::ac43:4728
2a00:1450:4001:801::2001
2a00:1450:4001:801::200a
2a00:1450:4001:802::2002
2a00:1450:4001:816::2003
2a00:1450:4001:817::2002
2a00:1450:4001:81b::2002
35.244.159.8
67.202.110.21
02570c797bf70355466a5a05aa22daaf4f539bd48091615e484c274be5081e36
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
17395d6c85f80a5b30230ca59f3bc865f835cf9b9e92f9160289b92a2090d6f2
1be81e61d94d540d17b03df53c65caf23903836f31c0936ba903a6859367b7ea
1dda8b7d033d96f7020dd26dde9bae845567600021d26542e22cfd2192c5e035
1f63d3b4932e21a7791b5617f3a527c891e3be270ed7bd462f028df892d0eafe
243fbeed7c3cda209b94ed7efdccfe9a3eb64e4369e2e0e62db0e86d42b5c171
24bb1f2567777a448f5f731a41bb9f9f16d5b7f0d557caa0e73f7b1eb36511aa
2af53bbba5c57d78d1ae2f0584f6277c5644fe5d6838542678c0c9383bc17246
2c3a079f734ee2c72edc302268e6f23ca611bef4f62ec4d4209909e1593f76b3
2f9bdbe65fb185f445f96bbbf0863240449ff5954448cddf00460db76779992d
331ec3645a55f091d911530da5d3dab7f127240da99c69975153709f1646ca20
405abba7e89b3c2871eb5865e06cfbc8cc27feb8636bb8079d254bcf9fd2e04c
49e599db358ac486670c1bc1f7f3ff8390f3dfbd6282da3869f7a9d50ce5b861
6b6883624114f545868cdf1e3d2fae80d9b9749a1d55538f1ab1115f3daf984d
6d8fea63a817b75ec9bfbc153b60b576dd31392e4d2afbec0d83cc813f8aca4d
7eb3806dc8507c221e384aa124ebca7865a91d9cd30b99d9c236dbd05f6b2b2c
817f9ddf55f874b27bb1934c13b2f2b200a2854de5daf285c96f33ffdb35b3f3
89863d0411e5273c7c2befe50bceeab57034e26b5df8751cc13c3bd78c73511d
9ade6539cbb131eb1d95d95aec6e77ce4a95119597bf6e51cf5bb2039a912cf6
af21b06ba2b4c1b84e378bfaa696409a91abeba81129449f907202f643655545
b2450038329776a9895d06dae31eca94e23280f038bb7a27d7fdc4073ea54a8f
bb7475f5bd29059004b9d2baacba1d051974166767997fc1cfa0235a40dba4e6
beafdcdacf17a009b4e9b6c3a1a058c578d08c12b114127e00b9dcfc7a98b14e
c8aa337fc37713d6c02cdbb773733509a0d5186d4185d6cefe101467797dd815
df3621033f43a931055efbba6361a584067edc75a1d2fa792d89c1f522ba6531
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5a85581b3b3de6ce76cc7d6b17f34de992f95e03a1bd42ccaab56a428f9f7fc
e93e0f5dc61ee9c07bd0056b3a57d7c3e8b09020c350b688a6a5fbc09e7fff59
eda5ec1c59939f001bdc15f557f3a905110aac0a60afc5a1eb92d8cdc2d2cbb5
ee9fab6f6953dd5aeed4a86e93634ab125bc98fd642aad98fea9924f2a630f59
f367733fff878d83db220524c1efd4f2d29cba975d1012f1afa3ad70fa30a919
fda6792b3a9849b1a417a82049e7fcc600b05ccc4617146d121443a50bca5efd

turnip.exchange Open in urlscan Pro 2606:4700:20::ac43:4728 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

49 Requests

100 %HTTPS

64 %IPv6

14 Domains

16 Subdomains

15 IPs

4 Countries

872 kBTransfer

2578 kBSize

1 Cookies

6 Outgoing links

Page URL History

Redirected requests

49 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

turnip.exchange Open in urlscan Pro
2606:4700:20::ac43:4728 Public Scan

Screenshot
Live screenshot

Full Image

49
Requests

100 %
HTTPS

64 %
IPv6

14
Domains

16
Subdomains

15
IPs

4
Countries

872 kB
Transfer

2578 kB
Size

1
Cookies

49 HTTP transactions
3 data transactions