s1.turoktvcom.lol
193.124.129.109 Public Scan Open in urlscan Pro

Software

sffe /

Resource Hash

a8824b32c20407f3e05b353ffe9b606670ff4fe88574afcbee6b02e31eab7fc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://s1.turoktvcom.lol
sec-ch-ua-platform: "Linux"
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

age: 357762
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Mon, 26 Apr 2027 04:07:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 26 Apr 2026 04:07:05 GMT
last-modified: Tue, 09 Sep 2025 18:58:19 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18128
x-xss-protection: 0
server: sffe

GET
H2 200 fa-light-300.woff2
s1.turoktvcom.lol/templates/turkrucom/webfonts/ 181 KB
181 KB 219ms
218ms Font
font/woff2 193.124.129.109
VDSINA-AS Hosting...

General

Check archive.org

Download Go to

Full URL: https://s1.turoktvcom.lol/templates/turkrucom/webfonts/fa-light-300.woff2
Requested by: Host: s1.turoktvcom.lol
URL: https://s1.turoktvcom.lol/templates/turkrucom/css/engine.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 193.124.129.109 Moscow, Russian Federation, ASN48282 (VDSINA-AS Hosting technology LTD, RU),
Reverse DNS: v3096303.hosted-by-vdsina.ru
Software: nginx /
Resource Hash: 2dc0e215dc2374fc5cdacf24707fabeabc2e4193e12ec9c0203ac9a52a5daf3e

Request headers

Origin: https://s1.turoktvcom.lol
sec-ch-ua-platform: "Linux"
Referer: https://s1.turoktvcom.lol/templates/turkrucom/css/engine.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-control: max-age=315360000
etag: "68391f1e-2d410"
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
content-length: 185360
date: Thu, 30 Apr 2026 07:29:47 GMT
content-type: font/woff2
last-modified: Fri, 30 May 2025 02:59:42 GMT
server: nginx

GET
H2 200 fa-solid-900.woff2
s1.turoktvcom.lol/templates/turkrucom/webfonts/ 134 KB
135 KB 243ms
242ms Font
font/woff2 193.124.129.109
VDSINA-AS Hosting...

General

Check archive.org

Download Go to

Full URL: https://s1.turoktvcom.lol/templates/turkrucom/webfonts/fa-solid-900.woff2
Requested by: Host: s1.turoktvcom.lol
URL: https://s1.turoktvcom.lol/templates/turkrucom/css/engine.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 193.124.129.109 Moscow, Russian Federation, ASN48282 (VDSINA-AS Hosting technology LTD, RU),
Reverse DNS: v3096303.hosted-by-vdsina.ru
Software: nginx /
Resource Hash: 68eb827a2fa6f035eab41392f863522ae5dc0d4c0c31d5245362a7f1a5aed46a

Request headers

Origin: https://s1.turoktvcom.lol
sec-ch-ua-platform: "Linux"
Referer: https://s1.turoktvcom.lol/templates/turkrucom/css/engine.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-control: max-age=315360000
etag: "68391f20-219e8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
content-length: 137704
date: Thu, 30 Apr 2026 07:29:47 GMT
content-type: font/woff2
last-modified: Fri, 30 May 2025 02:59:44 GMT
server: nginx

GET
H3 200 6ae84K2oVqwItm4TCpAy2g.woff2
fonts.gstatic.com/s/play/v21/ 18 KB
18 KB 177ms
85ms Font
font/woff2 192.178.183.94
Google LLC

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/play/v21/6ae84K2oVqwItm4TCpAy2g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Play:400,700&subset=cyrillic

Protocol

Security

QUIC, , AES_128_GCM

Server

192.178.183.94 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

d539e6e7c0240f1565b1156395d914d93200b2c3ba312809813bb6ca6f96578b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://s1.turoktvcom.lol
sec-ch-ua-platform: "Linux"
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

age: 372048
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Mon, 26 Apr 2027 00:08:59 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 26 Apr 2026 00:08:59 GMT
last-modified: Tue, 09 Sep 2025 19:04:00 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18156
x-xss-protection: 0
server: sffe

GET
H3 200 6aez4K2oVqwIvtE2H68T.woff2
fonts.gstatic.com/s/play/v21/ 9 KB
9 KB 181ms
89ms Font
font/woff2 192.178.183.94
Google LLC

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/play/v21/6aez4K2oVqwIvtE2H68T.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Play:400,700&subset=cyrillic

Protocol

Security

QUIC, , AES_128_GCM

Server

192.178.183.94 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

0599b725423fcbeac02aa9c108d13e650c1d519496c8705b874abc1a30b213fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://s1.turoktvcom.lol
sec-ch-ua-platform: "Linux"
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

age: 364918
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Mon, 26 Apr 2027 02:07:49 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 26 Apr 2026 02:07:49 GMT
last-modified: Tue, 09 Sep 2025 18:58:18 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 9572
x-xss-protection: 0
server: sffe

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 244 KB
90 KB 654ms
205ms Script
application/javascript 87.250.251.119
YANDEX YANDEX LLC

General

Check archive.org

Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js?id=108548868

Requested by

Host: s1.turoktvcom.lol
URL: https://s1.turoktvcom.lol/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

87.250.251.119 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

cdn-185-199-111-153.github.com

Software

Resource Hash

ca9a12c747eb941ae3dc46acda31a805d4b4586ff818116034bda5a798ea7691

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://s1.turoktvcom.lol/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=3600
timing-allow-origin: *
content-encoding: br
etag: W/"ca9a12c747eb941ae3dc46acda31a805d4b4586ff818116034bda5a798ea7691"
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires: Thu, 30 Apr 2026 08:29:47 GMT
access-control-allow-origin: *
date: Thu, 30 Apr 2026 07:29:47 GMT
content-type: application/javascript
vary: Accept-Encoding

GET
H2 200 quebec Show response
code.moviead55.ru/ 2 B
168 B 463ms
129ms Fetch
text/html 87.242.110.166
SELECTEL-MSK JSC ...

General

Check archive.org

Download Go to

Full URL: https://code.moviead55.ru/quebec?rnd=1777534187202
Requested by: Host: vak345.com
URL: https://vak345.com/s.js?v=02aaceb3f3c05eb335337785785d6573
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.242.110.166 , Russian Federation, ASN50340 (SELECTEL-MSK JSC Selectel, RU),
Reverse DNS
Software: nginx /
Resource Hash: 169b032adf2ab80f3bdffbdf14358d9d72565fad7708f65c65cb4d7918a4ffb2

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://s1.turoktvcom.lol/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

access-control-allow-origin: https://s1.turoktvcom.lol
alt-svc: h3=":443"; ma=86400
content-length: 2
date: Thu, 30 Apr 2026 07:29:47 GMT
content-type: text/html;charset=UTF-8
vary: Origin
server: nginx
x-movieads-country: PT

GET
H2 200 script.js Show response
trplayerdomain.github.io/ 492 B
447 B 332ms
332ms Script
application/javascript 185.199.111.153
Fastly

General

Check archive.org

Download Go to

Full URL

https://trplayerdomain.github.io/script.js?0.8744981958120663

Requested by

Host: trplayerdomain.github.io
URL: https://trplayerdomain.github.io/boot.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.199.111.153 , United States, ASN54113 (FASTLY - Fastly, Inc., US),

Reverse DNS

Software

GitHub.com /

Resource Hash

638330ee709dca1d7a0513768aacf527223ec9e2e98bbdfcd38eaa8d55819e8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://s1.turoktvcom.lol/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

x-fastly-request-id: 0a9518b6f0e44e7cff45d607c891a3b2161e3f74
content-encoding: gzip
etag: W/"69a9e260-1ec"
age: 0
x-github-request-id: 44B4:2ADB96:10CFF04A:10F86FDB:69F304EB
expires: Thu, 30 Apr 2026 07:39:47 GMT
x-proxy-cache: MISS
x-cache: MISS
date: Thu, 30 Apr 2026 07:29:47 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 05 Mar 2026 20:06:56 GMT
x-served-by: cache-lis1490053-LIS
x-cache-hits: 0
vary: Accept-Encoding
strict-transport-security: max-age=31556952
cache-control: max-age=600
x-timer: S1777534187.253093,VS0,VE285
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 296
server: GitHub.com

GET
H3 200 6ae84K2oVqwItm4TCpQy2knT.woff2
fonts.gstatic.com/s/play/v21/ 9 KB
9 KB 86ms
85ms Font
font/woff2 192.178.183.94
Google LLC

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/play/v21/6ae84K2oVqwItm4TCpQy2knT.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Play:400,700&subset=cyrillic

Protocol

Security

QUIC, , AES_128_GCM

Server

192.178.183.94 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

aaad4322e79227dd131106e0504d1dee78b530f05af5278bbf36db348358f8db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://s1.turoktvcom.lol
sec-ch-ua-platform: "Linux"
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

age: 357720
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Mon, 26 Apr 2027 04:07:47 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 26 Apr 2026 04:07:47 GMT
last-modified: Tue, 09 Sep 2025 19:04:01 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 9480
x-xss-protection: 0
server: sffe

GET
H2 200 context.js Show response
yandex.ru/ads/system/ 381 KB
101 KB 401ms
138ms Script
text/javascript 77.88.55.88
YANDEX YANDEX LLC

General

Check archive.org

Download Go to

Full URL

https://yandex.ru/ads/system/context.js

Requested by

Host: cdn.adfinity.pro
URL: https://cdn.adfinity.pro/code/7486/adfinity.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

77.88.55.88 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

Software

Resource Hash

a07a627c227a492832d6e7c63307f02c3374e7aa02f5d097499f48e25a636656

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://s1.turoktvcom.lol/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

x-robots-tag: noindex, noarchive, nofollow
x-yandex-req-id: 1777534187835993-7094870782707859912-balancer-l7leveler-kubr-yp-sas-67-BAL
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
timing-allow-origin: *
content-encoding: br
cache-control: private, max-age=3600
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Sec-CH-Viewport-Width, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT, Width, Sec-Ch-Viewport-Height
etag: "8fcd45bc5a60d9e51c6b9d9b7e2dcc21-1304851"
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
x-content-type-options: nosniff
expires: Thu, 30 Apr 2026 08:29:47 GMT
access-control-allow-origin: *
content-type: text/javascript; charset=utf-8

GET
H2 200 header-bidding.js Show response
yandex.ru/ads/system/ 133 KB
38 KB 399ms
136ms Script
text/javascript 77.88.55.88
YANDEX YANDEX LLC

General

Check archive.org

Download Go to

Full URL

https://yandex.ru/ads/system/header-bidding.js

Requested by

Host: cdn.adfinity.pro
URL: https://cdn.adfinity.pro/code/7486/adfinity.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

77.88.55.88 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

Software

Resource Hash

d6fa67b90ef928e5ac60dfb67be75a9bf82e0c7f70a3c328cd667f5b0d8d7ccc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://s1.turoktvcom.lol/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

x-robots-tag: noindex, noarchive, nofollow
x-yandex-req-id: 1777534187835395-8430636311045167028-balancer-l7leveler-kubr-yp-sas-67-BAL
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
timing-allow-origin: *
content-encoding: br
cache-control: private, max-age=3600
etag: "4f85131359c462f8affa7490a33dce10-1304863"
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Sec-CH-Viewport-Width, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT, Width, Sec-Ch-Viewport-Height
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
x-content-type-options: nosniff
expires: Thu, 30 Apr 2026 08:29:47 GMT
access-control-allow-origin: *
content-type: text/javascript; charset=utf-8

GET
H2 200 adfinity.css
cdn.adfinity.pro/code/css/ 12 KB
3 KB 115ms
115ms Stylesheet
text/css 95.181.182.182
EdgeCenterLLC Edg...

General

Check archive.org

Download Go to

Full URL: https://cdn.adfinity.pro/code/css/adfinity.css
Requested by: Host: cdn.adfinity.pro
URL: https://cdn.adfinity.pro/code/7486/adfinity.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.181.182.182 Perm, Russian Federation, ASN210756 (EdgeCenterLLC EdgeCenter LLC, RU),
Reverse DNS
Software: nginx /
Resource Hash: a2550bce070763ea1eb0f337e7f7a3daf9a9c38945115171df5be323f21cacfa

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://s1.turoktvcom.lol/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache: HIT
access-control-expose-headers: X-Country-Code
content-encoding: gzip
etag: W/"69f1f8d9-31a6"
access-control-allow-methods: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
x-country-code: PT
date: Thu, 30 Apr 2026 07:29:47 GMT
last-modified: Wed, 29 Apr 2026 12:26:01 GMT
content-type: text/css
vary: Accept-Encoding
x-node: blm-up-gc142
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-origin: *
x-cached-since: 2026-04-30T01:30:48+00:00
server: nginx

GET
H2 200 202604301029.js Show response
vak345.com/csn/ 114 KB
38 KB 135ms
135ms Script
text/javascript 87.242.110.168
SELECTEL-MSK JSC ...

General

Check archive.org

Download Go to

Full URL: https://vak345.com/csn/202604301029.js?v=02aaceb3f3c05eb335337785785d6573&_t=1777534187201.201&retry=1&rnd=1777534187666
Requested by: Host: vak345.com
URL: https://vak345.com/s.js?v=02aaceb3f3c05eb335337785785d6573
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.242.110.168 , Russian Federation, ASN50340 (SELECTEL-MSK JSC Selectel, RU),
Reverse DNS
Software: nginx /
Resource Hash: 2dbd0817c4a85d907d0afa7e68c455981023ca448c5a112bfee159fbfc769569

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://s1.turoktvcom.lol/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

x-host: nginx6
content-encoding: gzip
x-skyadvert-udata: cache,parsed,515036
server-timing: udata;dur=0.0000, country_accepts;dur=0.0000, config;dur=0.0000, tpl_transform;dur=0.0000, tpl_get;dur=0.0000, APP;dur=1.0000, cache;dur=0.0000, keyManager;dur=0.0000, dataArr;dur=0.0000, tpl_replace;dur=0.0000, key_checks;dur=0.0000
alt-svc: h3=":443"; ma=86400
date: Thu, 30 Apr 2026 07:29:47 GMT
x-build: fc35a210
content-type: text/javascript;charset=UTF-8
vary: Accept-Encoding
server: nginx
x-movieads-country: PT

GET
H2 204 logger
logger.moviead55.ru/ 0
102 B 385ms
127ms Image
text/plain 87.242.110.166
SELECTEL-MSK JSC ...

General

Check archive.org

Download Go to Show image

Full URL: https://logger.moviead55.ru/logger?t=target_country_load&c=6e7f0056-2fa1-b3cd-09e9-5ea76e50bb8d&a=&m=%7B%22browser%22%3A%22%7B%5C%22name%5C%22%3A%5C%22chrome%5C%22%2C%5C%22version%5C%22%3A%5C%22147%5C%22%7D%22%2C%22isMobile%22%3Afalse%2C%22format%22%3A%22new%22%2C%22time%22%3A677%7D&v=02aaceb3f3c05eb335337785785d6573&o=%7B%7D
Requested by: Host: s1.turoktvcom.lol
URL: https://s1.turoktvcom.lol/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.242.110.166 , Russian Federation, ASN50340 (SELECTEL-MSK JSC Selectel, RU),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://s1.turoktvcom.lol/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

x-logger-tdb: skyadvert
alt-svc: h3=":443"; ma=86400
date: Thu, 30 Apr 2026 07:29:48 GMT
x-movieads-country: PT
server: nginx

GET
H2 200 sf.html Show response
user91471.clients-cdnnow.ru/mp_dist/td/ Frame AC95 2 KB
1 KB 389ms
127ms Document
text/html 185.40.155.13
CDNNOW-AS Cluster...

General

Check archive.org

Download Go to

Full URL: https://user91471.clients-cdnnow.ru/mp_dist/td/sf.html
Requested by: Host: vak345.com
URL: https://vak345.com/csn/202604301029.js?v=02aaceb3f3c05eb335337785785d6573&_t=1777534187201.201&retry=1&rnd=1777534187666
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.40.155.13 , Russian Federation, ASN21030 (CDNNOW-AS Cluster LLC, RU),
Reverse DNS
Software: nginx /
Resource Hash: cf006e33df6b5da4b3aa79291c20c0017a8be950af2e79eeb781a7e6101abea5

Request headers

Referer: https://s1.turoktvcom.lol/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Linux"

Response headers

content-encoding: gzip
content-type: text/html
date: Thu, 30 Apr 2026 07:29:48 GMT
etag: W/"69f1f51c-8d8"
last-modified: Wed, 29 Apr 2026 12:10:04 GMT
server: nginx
vary: Accept-Encoding
x-edge-cache: HIT
x-edge-ip: 172.19.25.31
x-movieads-country: US

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check?scid=ebb3c7b4-f94e-5d77-8488-9f0318820997&cid=108548868
https://mc.yandex.ru/sync_cookie_image_start?cid=108548868&redirect_domain=mc.yandex.com&scid=ebb3c7b4-f94e-5d77-8488-9f0318820997&token=11017.Mtj8PX7gdxRPtbMVPgZ7xCQrKBI8Fs-JRgDhG_LVv8fGrC__tnUjr-...
https://mc.yandex.com/sync_cookie_image_decide?cid=108548868&scid=ebb3c7b4-f94e-5d77-8488-9f0318820997&token=11017.dz9rwlA968mahH4ZyE861ZZh_ewBa15Ffz_KokDDDgWSXA5LvLjHwLLmcspftktZwFnKEPzq_X3K9N7wZ5...

43 B
481 B

128ms
128ms

Image
image/gif

87.250.251.119
YANDEX YANDEX LLC

General

Check archive.org

Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?cid=108548868&scid=ebb3c7b4-f94e-5d77-8488-9f0318820997&token=11017.dz9rwlA968mahH4ZyE861ZZh_ewBa15Ffz_KokDDDgWSXA5LvLjHwLLmcspftktZwFnKEPzq_X3K9N7wZ5oMHXAMfvmCEbG6x1cEfnMB6aA3TcqtFmFHZX0S2xxYrlw24018aUaZrtVY3fyZmmKQMXFU3Wgn1YGpBDd1CUJaYDjTb8bXiU9Op8eUwkz2wxnUDEuH_60qtVISHsixL06p90gZtIHT4Umqtwfa0xWIpeo%2C.2ObRA8ql4ugDM0fu14qvz4GGsGQ%2C

Requested by

Host: s1.turoktvcom.lol
URL: https://s1.turoktvcom.lol/

Protocol

Server

87.250.251.119 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
Referer: https://s1.turoktvcom.lol/

Response headers

strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
location: https://mc.yandex.com/sync_cookie_image_decide?cid=108548868&scid=ebb3c7b4-f94e-5d77-8488-9f0318820997&token=11017.dz9rwlA968mahH4ZyE861ZZh_ewBa15Ffz_KokDDDgWSXA5LvLjHwLLmcspftktZwFnKEPzq_X3K9N7wZ5oMHXAMfvmCEbG6x1cEfnMB6aA3TcqtFmFHZX0S2xxYrlw24018aUaZrtVY3fyZmmKQMXFU3Wgn1YGpBDd1CUJaYDjTb8bXiU9Op8eUwkz2wxnUDEuH_60qtVISHsixL06p90gZtIHT4Umqtwfa0xWIpeo%2C.2ObRA8ql4ugDM0fu14qvz4GGsGQ%2C

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
148 B 126ms
126ms Image
image/gif 87.250.251.119
YANDEX YANDEX LLC

General

Check archive.org

Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif?t=gdpr(14)ti(4)

Requested by

Host: s1.turoktvcom.lol
URL: https://s1.turoktvcom.lol/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

87.250.251.119 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

matchid-production.adfox.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://s1.turoktvcom.lol/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=3600
timing-allow-origin: *
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "69becf8a-2b"
expires: Thu, 30 Apr 2026 08:29:47 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 43
date: Thu, 30 Apr 2026 07:29:47 GMT
content-type: image/gif
last-modified: Sat, 21 Mar 2026 17:04:10 GMT

GET
H2 200 getcookie Show response
matchid.adfox.yandex.ru/ 88 B
276 B 401ms
130ms XHR
application/json 93.158.134.118
YANDEX YANDEX LLC

General

Check archive.org

Download Go to

Full URL

https://matchid.adfox.yandex.ru/getcookie

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

93.158.134.118 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

Software

Resource Hash

f9df18d50016ba53318dcf2de4ee811a5a82c308911cf98d9c34d06c243c5034

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://s1.turoktvcom.lol/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
Content-Type: application/x-www-form-urlencoded
sec-ch-ua-mobile: ?0

Response headers

access-control-allow-origin: https://s1.turoktvcom.lol
timing-allow-origin: *
content-length: 88
date: Thu, 30 Apr 2026 07:29:48 GMT
content-type: application/json
access-control-allow-credentials: true
x-content-type-options: nosniff

GET
H2 200 fe40735d85f20412.js Show response
yastatic.net/partner-code-bundles/1304863/ 39 KB
12 KB 417ms
242ms Script
text/javascript 37.9.64.225
YANDEX YANDEX LLC

General

Check archive.org

Download Go to

Full URL

https://yastatic.net/partner-code-bundles/1304863/fe40735d85f20412.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.9.64.225 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

Software

nginx /

Resource Hash

d8db8257aaef044c103a936e378edb983a23fb2ce8ff81d2c1634b3047783f89

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Origin: https://s1.turoktvcom.lol
sec-ch-ua-platform: "Linux"
Referer: https://s1.turoktvcom.lol/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

x-robots-tag: noindex, noarchive, nofollow
x-request-id: ebc1b06f1f807d98
content-encoding: br
etag: "253b78327221f9b7eadcdaf3504f8f95"
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
expires: Sat, 29 Apr 2056 13:59:26 GMT
date: Thu, 30 Apr 2026 07:29:48 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 29 Apr 2026 15:50:56 GMT
cache-host: cloudcdn-ams-07.cdn.yandex.net
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
cache-control: public, max-age=946708560
timing-allow-origin: *
accept-ranges: bytes
access-control-allow-origin: *
content-length: 11517
x-strm-log-split: 1
cache-status: HIT
server: nginx

POST
H2 200 yhb Show response
yhb.p.otm-r.com/ 11 B
278 B 387ms
122ms XHR
text/plain 94.139.250.243
YACLOUDBMS Yandex...

General

Check archive.org

Download Go to

Full URL: https://yhb.p.otm-r.com/yhb
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 94.139.250.243 Asbest, Russian Federation, ASN210656 (YACLOUDBMS Yandex.Cloud LLC, RU),
Reverse DNS
Software: /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://s1.turoktvcom.lol/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
Content-Type: text/plain
sec-ch-ua-mobile: ?0

Response headers

access-control-allow-origin: https://s1.turoktvcom.lol
content-length: 11
date: Thu, 30 Apr 2026 07:29:47 GMT
content-type: text/plain; charset=utf-8
vary: Origin
access-control-allow-credentials: true

POST
H2 200 adfoxhb Show response
ssp-rtb.sape.ru/ 11 B
330 B 406ms
136ms XHR
application/json 193.3.184.91
QWARTA QWARTA LLC

General

Check archive.org

Download Go to

Full URL: https://ssp-rtb.sape.ru/adfoxhb
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.184.91 , Russian Federation, ASN50214 (QWARTA QWARTA LLC, RU),
Reverse DNS
Software: openresty /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://s1.turoktvcom.lol/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
Content-Type: text/plain
sec-ch-ua-mobile: ?0

Response headers

access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-allow-origin: https://s1.turoktvcom.lol
content-length: 11
accept-encoding: gzip, zstd, identity
date: Thu, 30 Apr 2026 07:29:48 GMT
content-type: application/json
server: openresty

POST
H/1.1 200
OK adfox Show response
kimberlite.io/rtb/bid/hb/ 11 B
374 B 426ms
167ms XHR
text/plain 37.0.127.86
NETRACK-AS Start2...

General

Check archive.org

Download Go to

Full URL: https://kimberlite.io/rtb/bid/hb/adfox
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 37.0.127.86 Moscow, Russian Federation, ASN61400 (NETRACK-AS Start2 LLC, RU),
Reverse DNS: s17.kimberlie.io
Software: nginx /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://s1.turoktvcom.lol/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
Content-Type: text/plain
sec-ch-ua-mobile: ?0

Response headers

access-control-allow-origin: https://s1.turoktvcom.lol
server-timing: app;srv=s25;dur=0.0043
Content-Length: 11
Date: Thu, 30 Apr 2026 07:29:48 GMT
Server: nginx
Connection: keep-alive
access-control-allow-credentials: true

POST
H/1.1 204
No Content bid.cgi Show response
pb.adriver.ru/cgi-bin/ 0
324 B 371ms
130ms XHR
text/plain 195.209.109.142
ADRIVER LLC AdRiver

General

Check archive.org

Download Go to

Full URL: https://pb.adriver.ru/cgi-bin/bid.cgi
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 195.209.109.142 , Russian Federation, ASN52007 (ADRIVER LLC AdRiver, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://s1.turoktvcom.lol/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
Content-Type: text/plain
sec-ch-ua-mobile: ?0

Response headers

Cache-control: no-cache, max-age=0, must-revalidate, no-store
Pragma: no-cache
Connection: keep-alive
Access-Control-Allow-Credentials: true
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Access-Control-Allow-Origin: https://s1.turoktvcom.lol
Content-Length: 0
Date: Thu, 30 Apr 2026 07:29:48 GMT

POST
H3 204 auction Show response
pbs.alfasense.com/yandex/ 0
612 B 188ms
121ms XHR
text/plain 188.114.97.3
Cloudflare

General

Check archive.org

Download Go to

Full URL: https://pbs.alfasense.com/yandex/auction
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://s1.turoktvcom.lol/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
Content-Type: text/plain
sec-ch-ua-mobile: ?0

Response headers

x-bid: d7pg9r1gv6k2htu2ndbg
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
x-error: empty targeted bids
cf-ray: 9f44d663dbf2344b-MAD
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=C7ak2SpnH%2B6yndP9RM9yKXUgJaETHfaf4dyQNR0%2FzdUNzaG03aDeBKZe2bNCC2vtUpjce6C0wDtc08f23L5angy7RQvUYTZUSempHbzYINwBIfWkLgKIfzH0wkHJBrayvKF7LQ%3D%3D"}]}
access-control-allow-origin: https://s1.turoktvcom.lol
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 30 Apr 2026 07:29:48 GMT
server: cloudflare
priority: u=1,i
access-control-allow-headers: Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT

POST
H/1.1 200
OK bids Show response
ssp.al-adtech.com/api/adfox/ 11 B
275 B 398ms
132ms XHR
application/json 45.139.25.121
PROCLOUD KVIKTEL LLC

General

Check archive.org

Download Go to

Full URL: https://ssp.al-adtech.com/api/adfox/bids
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.139.25.121 Moscow, Russian Federation, ASN34959 (PROCLOUD KVIKTEL LLC, RU),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://s1.turoktvcom.lol/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
Content-Type: text/plain
sec-ch-ua-mobile: ?0

Response headers

Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://s1.turoktvcom.lol
Content-Length: 11
Date: Thu, 30 Apr 2026 07:29:48 GMT
Content-Type: application/json
Vary: Origin
Server: nginx/1.20.1

POST
H2

200

adfox Show response
exchange.buzzoola.com/ssp/
Redirect Chain

https://exchange.buzzoola.com/ssp/adfox
https://exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t

11 B
334 B

128ms
128ms

XHR
text/plain

45.138.161.89
SELECTEL-MSK JSC ...

General

Check archive.org

Download Go to

Full URL: https://exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t
Requested by: Host: s1.turoktvcom.lol
URL: https://s1.turoktvcom.lol/
Protocol: H2
Server: 45.138.161.89 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK JSC Selectel, RU),
Reverse DNS
Software: nginx /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
Referer: https://s1.turoktvcom.lol/

Response headers

serverid: TODO
access-control-expose-headers: Set-Cookie, Etag
access-control-allow-credentials: true
access-control-allow-origin: https://s1.turoktvcom.lol
content-length: 11
date: Thu, 30 Apr 2026 07:29:48 GMT
content-type: text/plain; charset=utf-8
server: nginx
access-control-allow-headers: Set-Cookie, X-Alt-Referer, X-First-Party-Cookie, X-Aidata-FP, If-None-Match

Redirect headers

serverid: TODO
access-control-expose-headers: Set-Cookie, Etag
location: /ssp/adfox?set_buzzoola_cookie=t
access-control-allow-credentials: true
access-control-allow-origin: https://s1.turoktvcom.lol
content-length: 0
date: Thu, 30 Apr 2026 07:29:48 GMT
server: nginx
access-control-allow-headers: Set-Cookie, X-Alt-Referer, X-First-Party-Cookie, X-Aidata-FP, If-None-Match

POST
H/1.1 200
OK / Show response
hb.bumlam.com/yandex/ 11 B
269 B 325ms
147ms XHR
application/json 31.172.81.160
DE-FIRSTCOLO firs...

General

Check archive.org

Download Go to

Full URL: https://hb.bumlam.com/yandex/
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 31.172.81.160 , Germany, ASN44066 (DE-FIRSTCOLO firstcolo GmbH, DE),
Reverse DNS
Software: nginx /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://s1.turoktvcom.lol/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
Content-Type: text/plain
sec-ch-ua-mobile: ?0

Response headers

Access-Control-Allow-Origin: https://s1.turoktvcom.lol
Content-Length: 11
Date: Thu, 30 Apr 2026 07:29:48 GMT
Content-Type: application/json; charset=utf-8
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

POST
H2 200 adjson Show response
ads.betweendigital.com/ 11 B
898 B 372ms
198ms XHR
application/json 188.42.189.231
Servers.com

General

Check archive.org

Download Go to

Full URL: https://ads.betweendigital.com/adjson?t=adfox
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.42.189.231 , Luxembourg, ASN7979 (SERVERS-COM - Servers.com, Inc., US),
Reverse DNS
Software: /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://s1.turoktvcom.lol/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
Content-Type: text/plain
sec-ch-ua-mobile: ?0

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-origin: https://s1.turoktvcom.lol
content-encoding: gzip
content-type: application/json
vary: Accept-Encoding
access-control-allow-credentials: true

GET
H2 200 /
acint.net/cmatch/ 43 B
342 B 382ms
124ms Image
image/gif 193.3.184.76
QWARTA QWARTA LLC

General

Check archive.org

Download Go to Show image

Full URL: https://acint.net/cmatch/?dp=14&pi=1628885
Requested by: Host: s1.turoktvcom.lol
URL: https://s1.turoktvcom.lol/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.184.76 , Russian Federation, ASN50214 (QWARTA QWARTA LLC, RU),
Reverse DNS
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://s1.turoktvcom.lol/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
date: Thu, 30 Apr 2026 07:29:48 GMT
content-type: image/gif
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty

GET
H2

200

sync
a.sportradarserving.com/
Redirect Chain

https://ads.betweendigital.com/sspmatch?p=42565&r=${CACHEBUSTER1}
https://ads.betweendigital.com/sspmatch?p=42565&r=${CACHEBUSTER1}&crf=1&rts=-5284614412511329316
https://x.bidswitch.net/sync?ssp=between&uid=48a50264-f611-5278-8925-b2d7e0d6b63b&gdpr=0&gdpr_consent=&us_privacy=${GPP_STRING_123}&redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D...
https://x.bidswitch.net/ul_cb/sync?ssp=between&uid=48a50264-f611-5278-8925-b2d7e0d6b63b&gdpr=0&gdpr_consent=&us_privacy=${GPP_STRING_123}&redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder...
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=between&gdpr=0&gdpr_consent=

43 B
164 B

332ms
91ms

Image
image/gif

35.214.183.184
Google LLC

General

Check archive.org

Download Go to Show image

Full URL: https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=between&gdpr=0&gdpr_consent=
Requested by: Host: s1.turoktvcom.lol
URL: https://s1.turoktvcom.lol/
Protocol: H2
Server: 35.214.183.184 Groningen, Netherlands, ASN19527 (GOOGLE-2 - Google LLC, US),
Reverse DNS: 184.183.214.35.bc.googleusercontent.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
Referer: https://s1.turoktvcom.lol/

Response headers

via: 1.1 google
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000
content-length: 43
date: Thu, 30 Apr 2026 07:29:49 GMT
content-type: image/gif

Redirect headers

via: 1.1 google
cache-control: no-cache, no-store, must-revalidate
location: //a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=between&gdpr=0&gdpr_consent=
content-length: 0
alt-svc: h3=":443"; ma=2592000
date: Thu, 30 Apr 2026 07:29:48 GMT

GET
H2 200 libs-b3f8aa7d.js Show response
yastatic.net/partner-code-bundles/libs/ 9 KB
4 KB 171ms
145ms Script
text/javascript 37.9.64.225
YANDEX YANDEX LLC

General

Check archive.org

Download Go to

Full URL

https://yastatic.net/partner-code-bundles/libs/libs-b3f8aa7d.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.9.64.225 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

Software

nginx /

Resource Hash

b370e738d148cee40305e9bb53a2a8ab7337f7c2fea0b33388dfb8ec32997df8

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Origin: https://s1.turoktvcom.lol
sec-ch-ua-platform: "Linux"
Referer: https://s1.turoktvcom.lol/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

x-robots-tag: noindex, noarchive, nofollow
x-request-id: 62eec42119327f80
content-encoding: br
etag: "28da4b584da2cf67755881ebbcf6d298"
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
expires: Sat, 29 Apr 2056 13:39:22 GMT
date: Thu, 30 Apr 2026 07:29:48 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Mon, 20 Apr 2026 15:11:46 GMT
cache-host: cloudcdn-ams-07.cdn.yandex.net
strict-transport-security: max-age=43200000; includeSubDomains;
cache-control: public, max-age=946708560
timing-allow-origin: *
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3884
x-strm-log-split: 5
cache-status: HIT
server: nginx

GET
H2 200 d2c232fa3ed7bf20.js Show response
yastatic.net/partner-code-bundles/1304851/ 4 KB
2 KB 173ms
147ms Script
text/javascript 37.9.64.225
YANDEX YANDEX LLC

General

Check archive.org

Download Go to

Full URL

https://yastatic.net/partner-code-bundles/1304851/d2c232fa3ed7bf20.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.9.64.225 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

Software

nginx /

Resource Hash

ca39b72b99bdeaaf23f540cfd38a7da7f0e4316d6464a7ed83e21fa936a212e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Origin: https://s1.turoktvcom.lol
sec-ch-ua-platform: "Linux"
Referer: https://s1.turoktvcom.lol/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

x-robots-tag: noindex, noarchive, nofollow
x-request-id: 01f632dc97afb86e
content-encoding: br
etag: "45c52b14d027dd24aa31e7e58147876e"
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
expires: Sat, 29 Apr 2056 13:59:11 GMT
date: Thu, 30 Apr 2026 07:29:48 GMT
content-type: text/javascript; charset=utf-8
last-modified: Wed, 29 Apr 2026 15:30:29 GMT
vary: Accept-Encoding
cache-host: cloudcdn-ams-07.cdn.yandex.net
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
cache-control: public, max-age=946708560
timing-allow-origin: *
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1765
x-strm-log-split: 4
cache-status: HIT
server: nginx

GET
H2 200 text-variable-full.woff2
yastatic.net/s3/home/fonts/ys/3/ 25 KB
26 KB 153ms
128ms Font
font/woff2 37.9.64.225
YANDEX YANDEX LLC

General

Check archive.org

Download Go to

Full URL

https://yastatic.net/s3/home/fonts/ys/3/text-variable-full.woff2

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.9.64.225 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

Software

nginx /

Resource Hash

033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Origin: https://s1.turoktvcom.lol
sec-ch-ua-platform: "Linux"
Referer: https://s1.turoktvcom.lol/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

x-request-id: c030d6443f751de7
etag: "7f0cdaf91230f9789ca4162aedff612e"
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
expires: Fri, 30 Apr 2027 13:16:26 GMT
date: Thu, 30 Apr 2026 07:29:48 GMT
content-type: font/woff2
vary: Accept-Encoding
last-modified: Mon, 25 Apr 2022 14:02:39 GMT
cache-host: cloudcdn-ams-07.cdn.yandex.net
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
timing-allow-origin: *
cache-control: public, max-age=31556952
x-amz-meta-owner: {"role":"admin","login":"4eb0da"}
x-nginx-request-id: d50ea7396023ca93
accept-ranges: bytes
access-control-allow-origin: *
content-length: 26004
x-strm-log-split: 2
cache-status: HIT
server: nginx

GET
H2 200 4c76b132c0f812d9.js Show response
yastatic.net/partner-code-bundles/1304851/ 664 KB
130 KB 190ms
172ms Script
text/javascript 37.9.64.225
YANDEX YANDEX LLC

General

Check archive.org

Download Go to

Full URL

https://yastatic.net/partner-code-bundles/1304851/4c76b132c0f812d9.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.9.64.225 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

Software

nginx /

Resource Hash

c4c869d52f980173ae79cb2d3885be720131989fc13399a757fc40b65079bf52

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Origin: https://s1.turoktvcom.lol
sec-ch-ua-platform: "Linux"
Referer: https://s1.turoktvcom.lol/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

x-robots-tag: noindex, noarchive, nofollow
x-request-id: 0acc60940849e0c6
content-encoding: br
etag: "68bde03ac39d2d0a4a020d69de3add9f"
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
expires: Sat, 29 Apr 2056 13:59:11 GMT
date: Thu, 30 Apr 2026 07:29:48 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 29 Apr 2026 15:30:28 GMT
cache-host: cloudcdn-ams-07.cdn.yandex.net
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
timing-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
access-control-allow-origin: *
content-length: 132784
x-strm-log-split: 8
cache-status: HIT
server: nginx

GET
H2 200 host.js Show response
yastatic.net/safeframe-bundles/0.83/ 33 KB
9 KB 174ms
156ms Script
text/javascript 37.9.64.225
YANDEX YANDEX LLC

General

Check archive.org

Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/host.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.9.64.225 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

Software

nginx /

Resource Hash

34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Origin: https://s1.turoktvcom.lol
sec-ch-ua-platform: "Linux"
Referer: https://s1.turoktvcom.lol/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

x-robots-tag: noindex, noarchive, nofollow
x-request-id: fd4e02ea546b3ecc
content-encoding: br
etag: "f80882bf67cf261aa08d636da095149a"
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
expires: Sat, 29 Apr 2056 14:03:13 GMT
date: Thu, 30 Apr 2026 07:29:48 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
cache-host: cloudcdn-ams-07.cdn.yandex.net
strict-transport-security: max-age=43200000; includeSubDomains;
cache-control: public, max-age=946708560
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
timing-allow-origin: *
accept-ranges: bytes
access-control-allow-origin: *
content-length: 8878
x-strm-log-split: 6
cache-status: HIT
server: nginx

GET
H2 200 6d5f46a0ef8021a1.js Show response
yastatic.net/partner-code-bundles/1304851/ 157 KB
32 KB 232ms
231ms Script
text/javascript 37.9.64.225
YANDEX YANDEX LLC

General

Check archive.org

Download Go to

Full URL

https://yastatic.net/partner-code-bundles/1304851/6d5f46a0ef8021a1.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.9.64.225 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

Software

nginx /

Resource Hash

b06fba0d50418c78deb5e1d9a4a759a838c0380a446cfb944f78a860e2b74a74

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Origin: https://s1.turoktvcom.lol
sec-ch-ua-platform: "Linux"
Referer: https://s1.turoktvcom.lol/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

x-robots-tag: noindex, noarchive, nofollow
x-request-id: 789992863c9d06eb
content-encoding: br
etag: "1d01d5937e7c5fb9e9e7c7dc2fc1b7b7"
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
expires: Sat, 29 Apr 2056 13:59:11 GMT
date: Thu, 30 Apr 2026 07:29:48 GMT
content-type: text/javascript; charset=utf-8
last-modified: Wed, 29 Apr 2026 15:30:28 GMT
vary: Accept-Encoding
cache-host: cloudcdn-ams-07.cdn.yandex.net
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
timing-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
access-control-allow-origin: *
content-length: 32478
x-strm-log-split: 6
cache-status: HIT
server: nginx

GET
H3 200 madstyle.css
code.moviead55.ru/ 195 B
489 B 247ms
123ms Stylesheet
text/css 87.242.110.166
SELECTEL-MSK JSC ...

General

Check archive.org

Download Go to

Full URL: https://code.moviead55.ru/madstyle.css
Requested by: Host: vak345.com
URL: https://vak345.com/csn/202604301029.js?v=02aaceb3f3c05eb335337785785d6573&_t=1777534187201.201&retry=1&rnd=1777534187666
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 87.242.110.166 , Russian Federation, ASN50340 (SELECTEL-MSK JSC Selectel, RU),
Reverse DNS
Software: nginx /
Resource Hash: c68a9ed3d21bc3dc8e95d7f3bef86de0fd7033263e2fd60dfe8128e7e73bb5e3

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://s1.turoktvcom.lol/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

access-control-max-age: 86400
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
access-control-expose-headers: *
content-encoding: gzip
etag: W/"28021-7Ba9Gb9K6bwuIzasQJpQO7varK0"
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Thu, 30 Apr 2026 07:29:48 GMT
content-type: text/css;charset=UTF-8
vary: accept-encoding, Origin, Access-Control-Request-Headers, Access-Control-Request-Method
server: nginx
x-movieads-country: PT

GET
H2

200

1 Show response
mc.yandex.com/watch/108548868/
Redirect Chain

https://mc.yandex.com/watch/108548868?wmode=7&page-url=https%3A%2F%2Fs1.turoktvcom.lol%2F&charset=utf-8&uah=chu%0A%22Chromium%22%3Bv%3D%22147%22%2C%22Google%20Chrome%22%3Bv%3D%22147%22%2C%22Not-A.B...
https://mc.yandex.com/watch/108548868/1?wmode=7&page-url=https%3A%2F%2Fs1.turoktvcom.lol%2F&charset=utf-8&uah=chu%0A%22Chromium%22%3Bv%3D%22147%22%2C%22Google%20Chrome%22%3Bv%3D%22147%22%2C%22Not-A...

709 B
1 KB

132ms
132ms

Fetch
application/json

87.250.251.119
YANDEX YANDEX LLC

General

Check archive.org

Download Go to

Full URL

https://mc.yandex.com/watch/108548868/1?wmode=7&page-url=https%3A%2F%2Fs1.turoktvcom.lol%2F&charset=utf-8&uah=chu%0A%22Chromium%22%3Bv%3D%22147%22%2C%22Google%20Chrome%22%3Bv%3D%22147%22%2C%22Not-A.Brand%22%3Bv%3D%2224%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A147.0.7727.116%0Achl%0A%22Chromium%22%3Bv%3D%22147.0.0.0%22%2C%22Google%20Chrome%22%3Bv%3D%22147.0.0.0%22%2C%22Not-A.Brand%22%3Bv%3D%2224.0.0.0%22%0Achm%0A%3F0%0Achp%0ALinux&browser-info=pv%3A1%3Avf%3Afx7u6d3xcvwvlb6j92kblsugezhej%3Afu%3A0%3Aen%3Autf-8%3Ala%3Apt-PT%3Av%3A2482%3Acn%3A1%3Adp%3A0%3Als%3A523969201647%3Ahid%3A676719071%3Az%3A0%3Ai%3A20260430072947%3Aet%3A1777534188%3Ac%3A1%3Arn%3A21533479%3Arqn%3A1%3Au%3A1777534188424720601%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A1276%3Awv%3A2%3Ads%3A63%2C245%2C213%2C9%2C436%2C0%2C%2C438%2C14%2C%2C%2C%2C1477%3Aco%3A0%3Acpf%3A1%3Ans%3A1777534185832%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1777534188%3At%3A%D0%A2%D1%83%D1%80%D0%BA%D0%A0%D1%83%20%E2%80%94%20%D0%9D%D0%BE%D0%B2%D1%8B%D0%B5%20%D0%B8%20%D0%BF%D0%BE%D0%BF%D1%83%D0%BB%D1%8F%D1%80%D0%BD%D1%8B%D0%B5%20%D1%82%D1%83%D1%80%D0%B5%D1%86%D0%BA%D0%B8%D0%B5%20%D1%81%D0%B5%D1%80%D0%B8%D0%B0%D0%BB%D1%8B%20%D0%BD%D0%B0%20%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%BE%D0%BC%20%D1%8F%D0%B7%D1%8B%D0%BA%D0%B5%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%21&t=clt%28830%29gdpr%2814%29clc%280-0-0%29rqnt%281%29rfs%281%29ufs%281%29aw%281%29rcm%281%29cdl%28na%29eco%2842275364%29ti%281%29

Requested by

Host: s1.turoktvcom.lol
URL: https://s1.turoktvcom.lol/

Protocol

Server

87.250.251.119 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

Software

Resource Hash

44c3980d56019e9be9a8123e40289aa7de61719e13c8dee035de0bf4aea10c5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
Referer: https://s1.turoktvcom.lol/

Response headers

strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-credentials: true
x-content-type-options: nosniff
expires: Thu, 30-Apr-2026 07:29:48 GMT
access-control-allow-origin: https://s1.turoktvcom.lol
content-length: 709
x-xss-protection: 1; mode=block
content-type: application/json; charset=utf-8
last-modified: Thu, 30-Apr-2026 07:29:48 GMT

Redirect headers

strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
location: /watch/108548868/1?wmode=7&page-url=https%3A%2F%2Fs1.turoktvcom.lol%2F&charset=utf-8&uah=chu%0A%22Chromium%22%3Bv%3D%22147%22%2C%22Google%20Chrome%22%3Bv%3D%22147%22%2C%22Not-A.Brand%22%3Bv%3D%2224%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A147.0.7727.116%0Achl%0A%22Chromium%22%3Bv%3D%22147.0.0.0%22%2C%22Google%20Chrome%22%3Bv%3D%22147.0.0.0%22%2C%22Not-A.Brand%22%3Bv%3D%2224.0.0.0%22%0Achm%0A%3F0%0Achp%0ALinux&browser-info=pv%3A1%3Avf%3Afx7u6d3xcvwvlb6j92kblsugezhej%3Afu%3A0%3Aen%3Autf-8%3Ala%3Apt-PT%3Av%3A2482%3Acn%3A1%3Adp%3A0%3Als%3A523969201647%3Ahid%3A676719071%3Az%3A0%3Ai%3A20260430072947%3Aet%3A1777534188%3Ac%3A1%3Arn%3A21533479%3Arqn%3A1%3Au%3A1777534188424720601%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A1276%3Awv%3A2%3Ads%3A63%2C245%2C213%2C9%2C436%2C0%2C%2C438%2C14%2C%2C%2C%2C1477%3Aco%3A0%3Acpf%3A1%3Ans%3A1777534185832%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1777534188%3At%3A%D0%A2%D1%83%D1%80%D0%BA%D0%A0%D1%83%20%E2%80%94%20%D0%9D%D0%BE%D0%B2%D1%8B%D0%B5%20%D0%B8%20%D0%BF%D0%BE%D0%BF%D1%83%D0%BB%D1%8F%D1%80%D0%BD%D1%8B%D0%B5%20%D1%82%D1%83%D1%80%D0%B5%D1%86%D0%BA%D0%B8%D0%B5%20%D1%81%D0%B5%D1%80%D0%B8%D0%B0%D0%BB%D1%8B%20%D0%BD%D0%B0%20%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%BE%D0%BC%20%D1%8F%D0%B7%D1%8B%D0%BA%D0%B5%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%21&t=clt%28830%29gdpr%2814%29clc%280-0-0%29rqnt%281%29rfs%281%29ufs%281%29aw%281%29rcm%281%29cdl%28na%29eco%2842275364%29ti%281%29
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
pragma: no-cache
access-control-allow-credentials: true
expires: Thu, 30-Apr-2026 07:29:48 GMT
access-control-allow-origin: https://s1.turoktvcom.lol
x-xss-protection: 1; mode=block
last-modified: Thu, 30-Apr-2026 07:29:48 GMT

GET
H2 200 v2 Show response
yandex.ru/ads/adfox/389280/getBulk/ 170 B
805 B 301ms
299ms XHR
application/json 77.88.55.88
YANDEX YANDEX LLC

General

Check archive.org

Download Go to

Full URL

https://yandex.ru/ads/adfox/389280/getBulk/v2?pr=4177928059&pr1=936012130&dl=https%3A%2F%2Fturoktvcom.lol&prr=&extid_loader=MTc3NzUzNDE4ODQyNDcyMDYwMQ%3D%3D&extid_tag_loader=s1.turoktvcom.lol&fa=&date=2026-04-30T07%3A29%3A48.557%2B00%3A00&pd=30&pw=4&pv=7&pdw=1600&pdh=1200&ylv=0.1304851&ybv=0.1304851&ytt=151182848819205&is-turbo=0&skip-token=&ad-session-id=503341777534188569&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22isInIframe%22%3Afalse%2C%22w%22%3A273%2C%22h%22%3A0%2C%22width%22%3A0%2C%22height%22%3A600%2C%22visible%22%3A0%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A1051%2C%22top%22%3A1200%2C%22req_no%22%3A0%2C%22ad_no%22%3A0%7D&pcode-version=1304851&yaru=true&p2=jifh&pp=bwdx&ps=mkqd&ld=https%3A%2F%2Fturoktvcom.lol&slotNumber=1&bids=W3siYmlkZGVyTmFtZSI6Im90bSIsImNhbXBhaWduX2lkIjoxNjk4MDIyLCJyZXNwb25zZV90aW1lIjozODksImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiIxNDk2NDQifSx7ImJpZGRlck5hbWUiOiJzYXBlIiwiY2FtcGFpZ25faWQiOjE2OTgwMjUsInJlc3BvbnNlX3RpbWUiOjQwOCwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjEwNjczNDcifSx7ImJpZGRlck5hbWUiOiJzb2x0YSIsImNhbXBhaWduX2lkIjoyNzI0MTM4LCJyZXNwb25zZV90aW1lIjo0NDIsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiI2Ny1HbDJTZCJ9LHsiYmlkZGVyTmFtZSI6ImFkcml2ZXIiLCJjYW1wYWlnbl9pZCI6MTY5ODAyNCwicmVzcG9uc2VfdGltZSI6Mzc0LCJlcnJvciI6eyJjb2RlIjo0fSwicGxhY2VtZW50X2lkIjoiOTk6dHVyb2t0dmNvbS5sb2xfMzAweDYwMF9EX1NpZGViYXJfMSJ9LHsiYmlkZGVyTmFtZSI6ImFsZmFzZW5zZSIsImNhbXBhaWduX2lkIjozMTcwNTE0LCJyZXNwb25zZV90aW1lIjoxOTEsImVycm9yIjp7ImNvZGUiOjR9LCJwbGFjZW1lbnRfaWQiOiIxMjIzODgifSx7ImJpZGRlck5hbWUiOiJhc3RyYWxhYiIsImNhbXBhaWduX2lkIjoyMjkyOTEwLCJyZXNwb25zZV90aW1lIjo0MDEsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiI2OWQ4ZDg5YmU4ODFjYzE3YWQyMjFiZWIifSx7ImJpZGRlck5hbWUiOiJidXp6b29sYSIsImNhbXBhaWduX2lkIjoxNjk4MDIwLCJyZXNwb25zZV90aW1lIjo1MTAsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiIxMzIwNTc0In0seyJiaWRkZXJOYW1lIjoibWVkaWFzbmlwZXIiLCJjYW1wYWlnbl9pZCI6Mjg4MDU0OSwicmVzcG9uc2VfdGltZSI6MzI4LCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiNDA2ODEifSx7ImJpZGRlck5hbWUiOiJiZXR3ZWVuZGlnaXRhbCIsImNhbXBhaWduX2lkIjoxNjk4MDE3LCJyZXNwb25zZV90aW1lIjozNzYsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiI0ODg5ODkzIn1d&utf8=%E2%9C%93&duid=MTc3NzUzNDE4ODQyNDcyMDYwMQ%3D%3D&pcode-test-ids=1387855%2C0%2C35%3B1520060%2C0%2C87%3B1519498%2C0%2C18%3B1539372%2C0%2C76%3B1471934%2C0%2C50%3B1534006%2C0%2C85%3B1538641%2C0%2C18%3B1549206%2C0%2C98%3B1513556%2C0%2C46%3B1543959%2C0%2C49%3B1545953%2C0%2C6%3B1551119%2C0%2C58%3B1503322%2C0%2C28%3B1485712%2C0%2C83%3B1536911%2C0%2C50%3B1534168%2C0%2C89%3B1513551%2C0%2C79%3B1556135%2C0%2C79%3B1550660%2C0%2C81%3B1533445%2C0%2C43%3B912286%2C0%2C36%3B1533436%2C0%2C93&csrf-token=7e69487f088889682567257ba16d1a579390d7b5%3A1777534187&pcode-uid=7151346401777534187&pcode-flags-map=eJyFllGP4yYUhf9LnkcrMGCD34i5dtAQ8AJ2Jq2qq9nd2VbqaFt1p1Wr1fz3leM0rTNS%2FBQlgo%2FLuece8m1z1KlPWW8djBA39Y%2FfNn89Pv%2F5tKk39J0s5DvKlGSbu83L09cX%2B2n6WQiqSrp5%2FeluM%2BqE82YcISYb%2FJLACC1ludjNeMWFvOx2ocMm%2BAw%2BoxmizjZ47CE24POStaQUFSmLE8XYdCrAQMoxHBEeMkSvHTYRdLYjoDY4JIjYuJAAYbxGP%2F39%2BwLOuSoqsXm9W1lSXG4RodGuGZzOgBHeD5Ay7iHvgsE2RDxE3fcQcYju9sGCCC5O1PcRt0439%2Bhsytg4OwlkTVpqQlTBpOKilrKqioKSmhFFyoKUoqZEcF4qIWtGVamqUrCaEU5JwQirlaKcEFHVlBJCaVGRmlFJOSmraRktCJEFrSnhhHOhipoVlBVcXnmBV5QUsxe0MWj3ugPstHMQj2g9ehhimFpjO3%2F76pIqwv8FWd%2Fh9DG5QTvsddR7yBDTSU5jU452O%2BRrv72FlkrJ242clszngj%2F5qI%2BwtQbNYM1NuCBSqblZQwJMU9t9ttqhC9pMpptqTfe2xxzu4XalgjImycVP7XRfnEzjDY7WQMDkQsYc0IT9bRLjlMlLWVnHDjJGaGfpHPZNMLCOqG4gRp3WAeUJ0IGHqB2mHHWG7ogHm3cYet3YfFxAPj8%2BP394%2FPgr%2Fvbl%2BZ8ljlNK1QnX2gc8WG%2FCAX0I%2FQS%2FXQkX1TknHGjThrhPOGpnzTSq%2FS74FSm4qPh89Em3lbTjkpOrrOTqnHZne6UcQe%2FPTT3ANqSCUIkjW7A%2BvjxfK0pIeWmJPwdbzrrZYdppEw4rHZEln%2Bc0pR732jqMw7mK1rq8qqMqzueb1M%2Bu7kOyb0bwTeGUCTFv7HVMMNsPrW8DWp%2FDOSGa4Fvb4cgXsJfHP35%2BerkqhCmh%2FsdLu2j9PU7GSPYHwBSG2Kw19cIII0Snj6h7hId%2B6cev105Qgs2dTAl8c3px7nPosXUhRNTmthDiYuJpwqdn9yw%2F%2BM56mL5ovZI4jBWzmXe6762HlDANcYQj2uaqEb88fvl0lXSiosXiAvuwtQ6wTSveKxWdvdMOzqUmAnhMKeIOtIGI3UpQMk5LufROaNsEy1f48wek5K136H%2FD9%2BYPyjRwgl7JXFI2pfLrd5emhcM%3D&pcode-icookie=2kvauwxAdYLezKvtMPy7K67PHnKhemKM6waj0iKWKJXsKpe6KJo%2FdSf8FRITj6%2BQix1MWvzQRNdrJknuwI9r55tGQqI%3D&disable-base64=1&top-ancestor=https%3A%2F%2Fs1.turoktvcom.lol&top-ancestor-undetermined=0&tga-with-creatives=1&banner-lang=ru&grab-orig-len=4224&grab=eyJncmFiX3ZlcnNpb24iOjJ9ChKkpIzsJu4B1NiBuU3T8_TWHisRGdJkJVV7G4q0J_wpnbR1y5nesG06kjT5-HilrU859IY2NKk2TfucptwAemZAb6BtEVAw5jKXmdvsu2qiuuopmovRIoIFDYpgWU-VUFDS6qlSHTWtPtEmlCltCCmQBvJQEAIdSCuA5DBqSBjyQnFAGgprGNcQe0FiB9IQJyBentFhBGRnLAzgLcN44MsWtHzBSZYjaQ2jUFID-fKVLdCCpZ5fA-IQwrIRDE285Y-znHDDCMh6hl5cT5EmuqrRUaQoGalTBY1Sq0q0ag1jpVFrklSToGQMARKKly3EBRSG_N5vVzwhZGG8gMKlKm4i8qSz-iddyAE-kJUVZUPAMK4zUw35uyrEU_uJF9SONsORBSTDWzbcounyThbNIJydD-C7Oz_cqsFoQFdDvAUjmmXZddpUQwAv1fKFM73C_aIh_i4ur6FoYUhCPvraLHcs0XBGX8-Bv0BGbz7c3V9WVp6ux0sq2dDOCSTHWksv3OEX4m_TF0tEnwvnDRcXBt337dYsQFqaPZR2H4Q7t9zHeWGIa2JkcGMVkhQh8GoltcKDW-zavSOJXUDhThFDWGKkO_K5s666ph3-x-cFcKaOp3uS7vlnHLqdGOItrxmdodMZuZoaYaWh1CkUKBlBUDDS6qm1iAv08E-VtHpdBoJSjVRdNWrglTrV8lOodBpaFIAGLEiARwEoPcNBggIS4A7Hw95MrabQaTWMtCaQQQK5cNQz6E545tjEmpEnmjqAICjMy2wYh0TT3ql8PcOXZci7km8yUGq9O-poEi3idFkD7KOJn-bEJ5Zh-J0PbQjZnSpTM_a8Bd0jLtAMQyK3zVbQrklVahU5pU5p1iYphfnRvuo0Wgq_eyGMV9vsK9yNJu2EebAhpsGCI-kEr6OIKTRBfUXFoWDqUvxklTCFcOiLt9hdQI8tuBPkJktEzOjtqz3afBQ-0TZQ4k8O1Fz2QwBTyII0ZHWSyCaxmEB8F4VooeB2ys-kvK0DEqYQC9RgQN2CET5uwpmAyxTCgV3chbD4TvKQuGX4cLlEdQOZMax75rqkjHu61xe89PjMSNZ_a7DbQoLHZtHDnASsdxTYpUlu3nwaZwKPCTUDzLZ4XQD-XPlZYIKEHfFsoJoUhZY65S6dlx9Y63uXTMIlHM5c3HnaUQDLuYOXqUaHuPd5SOLVX8aoP3Jh6PvUmVzYwbP5b62236Kno_P4OI_DhcHJy4DaaMkLoLYnd-NYYYfGivS-dvt7Fwv3oRcOVgTDHK_6JyconOisOBGdU1SiRx7Jkgs07unbgNpc0KC24vI4wv-DWnfh99fJ4f6DAesY2D5HfOwldeIgYFIFELSA0PqjW_YL1FSjBVWr1CGh0GVOFrgp7w3qDPE_JfZxBXTLVoGGOEVBrkSS-4vOkgrCvzb-QsF_8Qqb_MLQyH4D0JAhS5O8g-UKu7waCT0qVMbMz6o8Cd2WeeFiMLDFV5tIbpdQkNdXzt_-RWqD0X1m3DngZqFMadQUFKmG-mH4wZiRs8Ipzlnh-dnxP4r8tu8ayd6wCw5UQD7utmEdbdEJx3C-Bc06Wjk6TXCrDecZG91qL0ZpR0qyiSYLJ7btjYOimdpMmSZJqpxnwrG8_wXGyp3zoCNPqNTnNZu37T2ZtX97g5vId44eRtS6ZBPPiMpEbzQZ0FqRnqSIkqpdY3QXRjZj8SYi9scX77WbO7yufcyDaZy75Gs3KCCZprdFAvcmyJoskKbdY1beIezhi-8T4uUhmwf7zAJqYAcIahsao60PgGuipXtQNyIF8PrHPexMyXmt1_aS9p6mxDf2_ox5GC7xXZijB-iMpm0AePeAwNO9qPTDYxo9usyF3f62orx4y5iLzfFYSkXlfmNGNvfj57Adz02GPZ-wAzi39RGEEiBa9AkYn_1-LJ89lj99-fhjS7FNUiiLKVHW1pcU5dC-2-Dew2FIVPzKMBPkyKdIlGoN0vafDa5wKWZvn4gSzSxfKzJEZnpXaEaqVJOrQFSkSm2q8NxTv6XQSticLky9LK5tSUAdJe03g-t9Wx77wEGPhnzDI2qD3_WpS89CD27gtBHhvUurxMF_Uzp0YGdRGMcHYdaJ4mXnjoXt0BjB0nown6sTJIG7ovQ-DQsboqUHSxtaphIWsIfdguxsfWdWpDRJWXDG9uT0eOnODjwsqrPouOosh56RnT6PxWIJ1fvP6D3hA1dTVQozpVaDhNGO9XVnCwFIch1lUUpf7Xp9XeQgisrgZcOJlVADWNfTi_PIV66QDq16BiqDA_sx6wqQr7GH0KYB0KNzwvi7EN1-E7ZmdYs0xvjLEOSnVD2qfYzfFcnN6MmZCMN3ZuP4XKSizRIXdH2yfMsxxfz0RiP9f9-6fRKM3xDCova-_iBr3TDDKtBvdw4iowTjrwTlKKWDrlVKJb5znoPVKbYuSILRk0z-sB2PkY8J3NzV-3OQZbWE70aPm7CNC6RakJelv7yvAIw_qx1iJGZYBVqx2nEekyUlwGFsT1CQ31ivhVydJOo9DrqBraxapBq1MjUrUso9Hoy-XfSl8ebR7BEu6AfCUUC76KLV06SaZNB1XCooHa2hmNXoCgRdgUBbINAUCNALBOoCgapA0BsP3mNz7zYgpoh2N5PJ5CWXvrfNe7PWxLsU8tst-iw4bSFs7UUtOHLaAjHIW5LOKlZm-pKuVxU0cV-Euxa1vOjU4I2Y9cDzyr0v7fwf9cX-ls6OuPpBx-pOe5iVVLL4gt0Li1d24ZCQN1WWXW4tfwsxOySC-QVOkQdvPSp_XF4gRT_D9xS3JxcmcaONDMo57ugG_1tPLkmeIozRtzYPfkGgJD0ErLFMrjNd67aljiUzsNeDxqfmot_Yn741cfEOB2WIdWL40kVWN-8sBZUzCuyln0dGeheDdYUXcT2ajxdd-CLbfBdqa4HZkskelNuWYXXLFNvpJC4-3Y4R57GcdNgFsJcsOGGE3lp8eGjw1z-x_IcYvNa2ip4NB71thtnqo6WQl3UlOJnOlhA-afLbiUM1r9HxJpjbKxa7uCEc26e0pz3HHohXdb7CPfkPq_Uml7MuornmgW6KRSNjvFDEE2m_xNCVi_eSsxm3roM5XfdWBTNKtpjf6ehuSPhalbdA6MQevE7T3l1inUvDrBsdbUbvKi-mofF6OEmpfWkt-ibRf2v8QB2VOZ4yvOcc_jQe-yY7N1kkNi3jSq-Kj5Awag_pJNLCfmFMTPeIqMYtUIk3jz0XTJzRhLIAaWujLiApfyIR5xbZLzr4en3D1qudgGeWDR-i5H_PcaPcd7LGGUWdV9qUs-qECN6VpeUVxxHPL7GdGzORUHoKxQULX67Y7_Uj6yOxRcsvG3jCRe0MG8mdY5qsyXDhudjZQ7_ghItbxN6emSqnjrRVxv4qbuk823K0iLSsNJvrxlTz20ffbCFGWf-6vAKNx3Cnv0Zw1GSSweE-4qr58aJHeBI_S9pqx_vijz6-PFtZg1uBHOKHbhTi-hTntZNdDo--k49Db2eVL5vXhW-XAOOoFvsBvhvcNwsm6Y4xj-SyVq-6w2ovhT8-rcvfE2cnF4o563BON70n1mB3hk3Llwyitk2H3hmYnwWvApIssZYrXpK9_iSyKEff2BV_Wzhr5mjyAmK3qNlrrQ_9ICeWx-h45d7PL-T4_Dy7LGCbJqZ6gVqeO8C1hysosPkzlyidRb3ehJYBjsr3n_RkVSXOgrZJkiN2eVPkdIvLo-ZqSvpCx2WnDIwX3woyZW7-W_yz3Onj7N9LkQgA-36jgxvQ4599lcnc3jMV3bQuPjiuX_Lo24ddamketXTW79vKe2EMfvgPc1jdbeUvK8jDxbXFZSckbUIWpDoWB8-LC_-r70Z2LzNmdMc6_Sm3-hIm_HzKiwTP9HAe8SdteRqcPqq9oeS_VOgjiQ1Aq2vXqFveY_e5oVs4t643nNc9biNuyVtaxNajB7DvEfjO-5QHjT8L__6_5PHGrR8Q7PGVQwh7d2-qN9u9RdMwOhrZOVVWqNgsrH7nvh6Xbn9fy3XiTfU90vvriYv1b4W9F8Dgvqh-93dS8bWvnegk-UrVDiZtgrYCtZ2jwwZEplbfuvOgYR6umUatQqjUIqVKaiNZguKDMBgNaOrYOwQvUXF_o4IVEm5uedBBM8HgL6YMRuwRjNgjGLFHzCf2CEb20VZ1OQBiegBo9wBgTwD-

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

77.88.55.88 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

Software

Resource Hash

2264ad974c3f9ad6c4a477304e0dd0634de2e0f2ae4ef3b9c88ec7108a76815d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://s1.turoktvcom.lol/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
Content-Type: application/x-www-form-urlencoded
sec-ch-ua-mobile: ?0

Response headers

x-yandex-req-id: 1777534188641297-10775681572496060557-balancer-l7leveler-kubr-yp-sas-67-BAL
content-encoding: gzip
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
x-ads-queuetime: 0.272000
x-content-type-options: nosniff
expires: Mon, 04 Dec 1999 21:29:02 GMT
p3p: policyref=/w3c/w3c.p3p, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
x-ads-loadaverageonarrival: 0.263158
content-type: application/json
cache-control: no-store, no-cache, must-revalidate, max-age=0
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
timing-allow-origin: *
pragma: no-cache
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Sec-CH-Viewport-Width, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT, Width, Sec-Ch-Viewport-Height
x-yt-request-id: 4201fab0-9bb6963c-5395fa04-639864ef
access-control-allow-credentials: true
x-ads-degradation: 0.000000
x-adfox-request-id: 16210950794070332709
x-ads-loadaverage: 0.315789
access-control-allow-origin: https://s1.turoktvcom.lol
x-yt-trace-id: 0-1-0-0
x-xss-protection: 1; mode=block

GET
H3 200 player_js Show response
vak345.com/ Frame 4C4D 6 KB
3 KB 130ms
129ms Script
text/javascript 87.242.110.168
SELECTEL-MSK JSC ...

General

Check archive.org

Download Go to

Full URL: https://vak345.com/player_js?ver=1&autoplay=1&v=02aaceb3f3c05eb335337785785d6573&cb=6e7f0056-2fa1-b3cd-09e9-5ea76e50bb8d&fclose=false&dbg=false&sub_id=ap&fmt_id=1&testad=no&nomon=1&r=https%3A%2F%2Fs1.turoktvcom.lol%2F&cdiv=244&frnd=true&maid=1cbe2ce8-6f38-b9e2-ec3c-9e76a798f738&country=PT&retry=1&rnd=1777534188571
Requested by: Host: s1.turoktvcom.lol
URL: https://s1.turoktvcom.lol/
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 87.242.110.168 , Russian Federation, ASN50340 (SELECTEL-MSK JSC Selectel, RU),
Reverse DNS
Software: nginx /
Resource Hash: cf606589db3399c9b3147b0d2b3f544f0464f43694be5696fbc3b7acfbc0dc47

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://s1.turoktvcom.lol/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

x-host: nginx7
content-encoding: gzip
x-skyadvert-udata: cache,parsed,515032
alt-svc: h3=":443"; ma=86400
date: Thu, 30 Apr 2026 07:29:48 GMT
x-build: fc35a210
content-type: text/javascript;charset=UTF-8
vary: accept-encoding
server: nginx
x-movieads-country: PT

POST
H2 200 1
mc.yandex.com/watch/108548868/ 43 B
208 B 125ms
125ms Ping
image/gif 87.250.251.119
YANDEX YANDEX LLC

General

Check archive.org

Download Go to

Full URL

https://mc.yandex.com/watch/108548868/1?page-url=https%3A%2F%2Fs1.turoktvcom.lol%2F&charset=utf-8&uah=chu%0A%22Chromium%22%3Bv%3D%22147%22%2C%22Google%20Chrome%22%3Bv%3D%22147%22%2C%22Not-A.Brand%22%3Bv%3D%2224%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A147.0.7727.116%0Achl%0A%22Chromium%22%3Bv%3D%22147.0.0.0%22%2C%22Google%20Chrome%22%3Bv%3D%22147.0.0.0%22%2C%22Not-A.Brand%22%3Bv%3D%2224.0.0.0%22%0Achm%0A%3F0%0Achp%0ALinux&hidv2=2271999046910476489&hittoken=1777534188_4228a340fcffa198d972cb915be09be6281a6268d4afdccb69f12b6c1e0021d8&browser-info=pa%3A1%3Aar%3A1%3Avf%3Afx7u6d3xcvwvlb6j92kblsugezhej%3Afu%3A0%3Aen%3Autf-8%3Ala%3Apt-PT%3Av%3A2482%3Acn%3A1%3Adp%3A1%3Als%3A523969201647%3Ahid%3A676719071%3Az%3A0%3Ai%3A20260430072948%3Aet%3A1777534189%3Ac%3A1%3Arn%3A1010406924%3Arqn%3A2%3Au%3A1777534188424720601%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Ans%3A1777534185832%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1777534189&t=gdpr(14)mc(p-1)clc(0-0-0)rqnt(2)rfs(1)ufs(1)aw(1)rcm(1)ecs(0)cdl(na)eco(42275364)ti(0)&force-urlencoded=1&site-info=%7B%22__ym%22%3A%7B%22adSessionID%22%3A%22503341777534188569%22%7D%7D

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js?id=108548868

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

87.250.251.119 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://s1.turoktvcom.lol/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
pragma: no-cache
access-control-allow-credentials: true
expires: Thu, 30-Apr-2026 07:29:48 GMT
access-control-allow-origin: https://s1.turoktvcom.lol
content-length: 43
x-xss-protection: 1; mode=block
last-modified: Thu, 30-Apr-2026 07:29:48 GMT
content-type: image/gif

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ Frame 4C4D 257 KB
85 KB 135ms
133ms Script
application/javascript 87.250.251.119
YANDEX YANDEX LLC

General

Check archive.org

Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: vak345.com
URL: https://vak345.com/player_js?ver=1&autoplay=1&v=02aaceb3f3c05eb335337785785d6573&cb=6e7f0056-2fa1-b3cd-09e9-5ea76e50bb8d&fclose=false&dbg=false&sub_id=ap&fmt_id=1&testad=no&nomon=1&r=https%3A%2F%2Fs1.turoktvcom.lol%2F&cdiv=244&frnd=true&maid=1cbe2ce8-6f38-b9e2-ec3c-9e76a798f738&country=PT&retry=1&rnd=1777534188571

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

87.250.251.119 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

Software

Resource Hash

1c024d7ecf6f12e545ee3ffe30b085cd0d62ad36de8d4b708354792978167a89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://s1.turoktvcom.lol/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=3600
timing-allow-origin: *
content-encoding: br
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "69eb4f88-1538b"
expires: Thu, 30 Apr 2026 08:29:48 GMT
access-control-allow-origin: *
content-length: 86923
date: Thu, 30 Apr 2026 07:29:48 GMT
last-modified: Fri, 24 Apr 2026 11:10:00 GMT
content-type: application/javascript

GET
H2 200 mstream2.js Show response
user91471.clients-cdnnow.ru/mp_dist/ Frame 4C4D 173 KB
61 KB 399ms
132ms Script
application/javascript 185.40.155.13
CDNNOW-AS Cluster...

General

Check archive.org

Download Go to

Full URL: https://user91471.clients-cdnnow.ru/mp_dist/mstream2.js?ver=1777464586725
Requested by: Host: vak345.com
URL: https://vak345.com/player_js?ver=1&autoplay=1&v=02aaceb3f3c05eb335337785785d6573&cb=6e7f0056-2fa1-b3cd-09e9-5ea76e50bb8d&fclose=false&dbg=false&sub_id=ap&fmt_id=1&testad=no&nomon=1&r=https%3A%2F%2Fs1.turoktvcom.lol%2F&cdiv=244&frnd=true&maid=1cbe2ce8-6f38-b9e2-ec3c-9e76a798f738&country=PT&retry=1&rnd=1777534188571
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.40.155.13 , Russian Federation, ASN21030 (CDNNOW-AS Cluster LLC, RU),
Reverse DNS
Software: nginx /
Resource Hash: 2ba9941406d536e89c03f81b6045cdcf2003681c004322b623fd96db3b59e7c5

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://s1.turoktvcom.lol/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-encoding: gzip
etag: W/"69f1f51c-2b58e"
x-edge-ip: 172.19.25.31
x-edge-cache: HIT
date: Thu, 30 Apr 2026 07:29:49 GMT
content-type: application/javascript
x-movieads-country: DE
server: nginx
last-modified: Wed, 29 Apr 2026 12:10:04 GMT
vary: Accept-Encoding

GET
H/1.1 200
OK ujs Show response
kimberlite.io/rtb/ Frame 4C4D 4 KB
2 KB 151ms
149ms Script
application/javascript 37.0.127.86
NETRACK-AS Start2...

General

Check archive.org

Download Go to

Full URL: https://kimberlite.io/rtb/ujs?ymss=skyadvert
Requested by: Host: vak345.com
URL: https://vak345.com/player_js?ver=1&autoplay=1&v=02aaceb3f3c05eb335337785785d6573&cb=6e7f0056-2fa1-b3cd-09e9-5ea76e50bb8d&fclose=false&dbg=false&sub_id=ap&fmt_id=1&testad=no&nomon=1&r=https%3A%2F%2Fs1.turoktvcom.lol%2F&cdiv=244&frnd=true&maid=1cbe2ce8-6f38-b9e2-ec3c-9e76a798f738&country=PT&retry=1&rnd=1777534188571
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 37.0.127.86 Moscow, Russian Federation, ASN61400 (NETRACK-AS Start2 LLC, RU),
Reverse DNS: s17.kimberlie.io
Software: nginx /
Resource Hash: 2a5d5ff621a6bcd8644d127b1835e0c68cb31479deac8fac4282d429a6da2a94

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://s1.turoktvcom.lol/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-control: no-cache
content-encoding: gzip
Connection: keep-alive
access-control-allow-credentials: true
access-control-allow-origin: *
server-timing: app;srv=s23a;dur=0.0004
Content-Length: 1674
Date: Thu, 30 Apr 2026 07:29:48 GMT
Content-Type: application/javascript
Server: nginx

GET
H2 200 aci.js Show response
acint.net/ Frame 4C4D 31 KB
9 KB 127ms
126ms Script
application/x-javascript 193.3.184.76
QWARTA QWARTA LLC

General

Check archive.org

Download Go to

Full URL: https://acint.net/aci.js
Requested by: Host: vak345.com
URL: https://vak345.com/player_js?ver=1&autoplay=1&v=02aaceb3f3c05eb335337785785d6573&cb=6e7f0056-2fa1-b3cd-09e9-5ea76e50bb8d&fclose=false&dbg=false&sub_id=ap&fmt_id=1&testad=no&nomon=1&r=https%3A%2F%2Fs1.turoktvcom.lol%2F&cdiv=244&frnd=true&maid=1cbe2ce8-6f38-b9e2-ec3c-9e76a798f738&country=PT&retry=1&rnd=1777534188571
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.184.76 , Russian Federation, ASN50214 (QWARTA QWARTA LLC, RU),
Reverse DNS
Software: openresty /
Resource Hash: aea695f22dc94b7d78ece57753cdd605584357e788b9a18bde7a8e9dc1c7442a

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://s1.turoktvcom.lol/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-control: max-age=43200
content-encoding: gzip
etag: "699db657-228f"
expires: Thu, 30 Apr 2026 19:29:48 GMT
content-length: 8847
date: Thu, 30 Apr 2026 07:29:48 GMT
content-type: application/x-javascript
last-modified: Tue, 24 Feb 2026 14:31:51 GMT
server: openresty

GET
H2 200 sync-loader.js Show response
ad.mail.ru/static/ Frame 4C4D 83 KB
22 KB 443ms
196ms Script
application/javascript 95.163.41.56
VK-AS LLC VK

General

Check archive.org

Download Go to

Full URL: https://ad.mail.ru/static/sync-loader.js
Requested by: Host: vak345.com
URL: https://vak345.com/player_js?ver=1&autoplay=1&v=02aaceb3f3c05eb335337785785d6573&cb=6e7f0056-2fa1-b3cd-09e9-5ea76e50bb8d&fclose=false&dbg=false&sub_id=ap&fmt_id=1&testad=no&nomon=1&r=https%3A%2F%2Fs1.turoktvcom.lol%2F&cdiv=244&frnd=true&maid=1cbe2ce8-6f38-b9e2-ec3c-9e76a798f738&country=PT&retry=1&rnd=1777534188571
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 95.163.41.56 , Russian Federation, ASN47764 (VK-AS LLC VK, RU),
Reverse DNS: r.myadx.net
Software: nginx /
Resource Hash: ce24fe54ce3a08c6fffddbbd0efeda3cf530ea519bef2226d98139a1cb7d10d8

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://s1.turoktvcom.lol/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-control: max-age=600
timing-allow-origin: *
content-encoding: gzip
expires: Thu, 30 Apr 2026 07:39:49 GMT
access-control-allow-origin: *
date: Thu, 30 Apr 2026 07:29:49 GMT
content-type: application/javascript;charset=UTF-8
server: nginx

GET
H/1.1

200
OK

cmft Show response
sp.ohmy.bid/ Frame D07E
Redirect Chain

https://sp.ohmy.bid/cmf?0.5183091961116806
https://sp.ohmy.bid/cmft

2 KB
871 B

127ms
127ms

Document
text/html

37.0.127.200
NETRACK-AS Start2...

General

Check archive.org

Download Go to

Full URL: https://sp.ohmy.bid/cmft
Requested by: Host: vak345.com
URL: https://vak345.com/player_js?ver=1&autoplay=1&v=02aaceb3f3c05eb335337785785d6573&cb=6e7f0056-2fa1-b3cd-09e9-5ea76e50bb8d&fclose=false&dbg=false&sub_id=ap&fmt_id=1&testad=no&nomon=1&r=https%3A%2F%2Fs1.turoktvcom.lol%2F&cdiv=244&frnd=true&maid=1cbe2ce8-6f38-b9e2-ec3c-9e76a798f738&country=PT&retry=1&rnd=1777534188571
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 37.0.127.200 Moscow, Russian Federation, ASN61400 (NETRACK-AS Start2 LLC, RU),
Reverse DNS: lounge.cartfreeshopping.com
Software: nginx /
Resource Hash: d99efbc3bec70470f1dfcd04e0fa09d1ee16c1c2d111b103ea28422277a0b8ed

Request headers

Referer: https://s1.turoktvcom.lol/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Linux"

Response headers

Access-Control-Allow-Credentials: true
Bidder: bid-09 1.2414.38dd0d92
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 634
Content-Type: text/html
Date: Thu, 30 Apr 2026 07:29:49 GMT
Server: nginx

Redirect headers

Access-Control-Allow-Credentials: true
Bidder: bid-07 1.2414.38dd0d92
Connection: keep-alive
Content-Length: 0
Date: Thu, 30 Apr 2026 07:29:49 GMT
Location: /cmft
Server: nginx

GET
H2 204 logger
logger.moviead55.ru/ Frame 4C4D 0
101 B 127ms
125ms Image
text/plain 87.242.110.166
SELECTEL-MSK JSC ...

General

Check archive.org

Download Go to Show image

Full URL: https://logger.moviead55.ru/logger?t=cdiv&c=6e7f0056-2fa1-b3cd-09e9-5ea76e50bb8d&a=&m=244&v=02aaceb3f3c05eb335337785785d6573&o=%7B%220%22%3A%22https%3A%2F%2Fs1.turoktvcom.lol%22%7D
Requested by: Host: s1.turoktvcom.lol
URL: https://s1.turoktvcom.lol/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.242.110.166 , Russian Federation, ASN50340 (SELECTEL-MSK JSC Selectel, RU),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://s1.turoktvcom.lol/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

x-logger-tdb: skyadvert
alt-svc: h3=":443"; ma=86400
date: Thu, 30 Apr 2026 07:29:48 GMT
x-movieads-country: PT
server: nginx

GET
H2

204

skyadvert
bid.sspnet.tech/sync/ Frame 4C4D
Redirect Chain

https://code.moviead55.ru/go/cinit?cn=plzkrtbnr&rnd=1777534188
https://bid.sspnet.tech/sync/skyadvert?user_id=00e52c8d-489d-03c7-7c64-1e9ee0974ac8&redirect=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dplzkrtbnr%26bid%3D%7Buserid%7D

0
46 B

422ms
143ms

Image
text/plain

212.41.25.245
SELECTEL-MSK JSC ...

General

Check archive.org

Download Go to Show image

Full URL: https://bid.sspnet.tech/sync/skyadvert?user_id=00e52c8d-489d-03c7-7c64-1e9ee0974ac8&redirect=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dplzkrtbnr%26bid%3D%7Buserid%7D
Requested by: Host: s1.turoktvcom.lol
URL: https://s1.turoktvcom.lol/
Protocol: H2
Server: 212.41.25.245 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK JSC Selectel, RU),
Reverse DNS
Software: nginx/1.28.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
Referer: https://s1.turoktvcom.lol/

Response headers

date: Thu, 30 Apr 2026 07:29:49 GMT
server: nginx/1.28.2

Redirect headers

alt-svc: h3=":443"; ma=86400
location: https://bid.sspnet.tech/sync/skyadvert?user_id=00e52c8d-489d-03c7-7c64-1e9ee0974ac8&redirect=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dplzkrtbnr%26bid%3D%7Buserid%7D
content-length: 0
date: Thu, 30 Apr 2026 07:29:48 GMT
x-movieads-country: PT
server: nginx

GET
H3

200

csync
code.moviead55.ru/go/ Frame 4C4D
Redirect Chain

https://code.moviead55.ru/go/cinit?cn=ohmybid&rnd=1777534188
https://match.ohmy.bid/cm?ssp=skyadv&redirect_url=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dohmybid%26bid%3D%7Buid%7D
https://code.moviead55.ru/go/csync?cn=ohmybid&bid=18c8b7ac-ec23-419f-8145-99467907540f

0
176 B

123ms
123ms

Image
image/jpeg

87.242.110.166
SELECTEL-MSK JSC ...

General

Check archive.org

Download Go to Show image

Full URL: https://code.moviead55.ru/go/csync?cn=ohmybid&bid=18c8b7ac-ec23-419f-8145-99467907540f
Requested by: Host: s1.turoktvcom.lol
URL: https://s1.turoktvcom.lol/
Protocol: H3
Server: 87.242.110.166 , Russian Federation, ASN50340 (SELECTEL-MSK JSC Selectel, RU),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
Referer: https://s1.turoktvcom.lol/

Response headers

alt-svc: h3=":443"; ma=86400
content-length: 0
date: Thu, 30 Apr 2026 07:29:49 GMT
content-type: image/jpeg
x-movieads-country: PT
server: nginx

Redirect headers

Location: https://code.moviead55.ru/go/csync?cn=ohmybid&bid=18c8b7ac-ec23-419f-8145-99467907540f
Content-Length: 0
Bidder: bid-07 1.2414.38dd0d92
Date: Thu, 30 Apr 2026 07:29:49 GMT
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

GET
H/1.1

204
No Content

sync
a.videohead.tech/ Frame 4C4D
Redirect Chain

https://code.moviead55.ru/go/cinit?cn=vhd&rnd=1777534188
https://a.videohead.tech/sync?ssp=sky_new

0
566 B

439ms
172ms

Image
text/plain

213.171.19.158
SmartApe LLC Smar...

General

Check archive.org

Download Go to Show image

Full URL: https://a.videohead.tech/sync?ssp=sky_new
Requested by: Host: s1.turoktvcom.lol
URL: https://s1.turoktvcom.lol/
Protocol: HTTP/1.1
Server: 213.171.19.158 Moscow, Russian Federation, ASN56694 (SmartApe LLC Smart Ape, RU),
Reverse DNS
Software: nginx/1.24.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
Referer: https://s1.turoktvcom.lol/

Response headers

Access-Control-Expose-Headers: Content-Length,Content-Range
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Length: 0
Date: Thu, 30 Apr 2026 07:29:49 GMT
Content-Type: text/plain
Vary: Origin
Server: nginx/1.24.0
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

Redirect headers

alt-svc: h3=":443"; ma=86400
location: https://a.videohead.tech/sync?ssp=sky_new
content-length: 0
date: Thu, 30 Apr 2026 07:29:48 GMT
x-movieads-country: PT
server: nginx

GET
H3

200

csync
code.moviead55.ru/go/ Frame 4C4D
Redirect Chain

https://code.moviead55.ru/go/cinit?cn=plzkrt&rnd=1777534188
https://adx.com.ru/sync/init/skyadvert-banner-rtb?uid=1efc9a80-333c-66f0-bab9-240faa858cb1&r=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dplzkrt%26bid%3D%7Buserid%7D
https://adx.com.ru/sync/confirm/skyadvert-banner-rtb?r=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dplzkrt%26bid%3D%7Buserid%7D&sspSysName=skyadvert-banner-rtb&uid=1efc9a80-333c-66f0-bab9-24...
https://2-69f304eda897d800017ab1bc.id.adx.com.ru/https://5--2--69f304eda897d800017ab1bc.stbid.ru?r=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D9712851%26id%3D69f304eda897d800017ab1bc%26dest%3Dhttps...
https://5--2--69f304eda897d800017ab1bc.stbid.ru/?r=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D9712851%26id%3D69f304eda897d800017ab1bc%26dest%3Dhttps%253A%252F%252Fssp.adriver.ru%252Fcgi-bin%252Fsy...
https://x01.aidata.io/0.gif?pid=9712851&id=69f304eda897d800017ab1bc&dest=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fdsp_id%3D162%26external_id%3D69f304eda897d800017ab1bc%26r%3Dhttps%253A%2...
https://x01.aidata.io/0.gif?pid=9712851&id=69f304eda897d800017ab1bc&dest=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fdsp_id%3D162%26external_id%3D69f304eda897d800017ab1bc%26r%3Dhttps%253A%2...
https://ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=162&external_id=69f304eda897d800017ab1bc&r=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dplzkrt%26bid%3D69f304eda897d800017ab1bc
https://code.moviead55.ru/go/csync?cn=plzkrt&bid=69f304eda897d800017ab1bc

0
166 B

123ms
122ms

Image
image/jpeg

87.242.110.166
SELECTEL-MSK JSC ...

General

Check archive.org

Download Go to Show image

Full URL: https://code.moviead55.ru/go/csync?cn=plzkrt&bid=69f304eda897d800017ab1bc
Requested by: Host: s1.turoktvcom.lol
URL: https://s1.turoktvcom.lol/
Protocol: H3
Server: 87.242.110.166 , Russian Federation, ASN50340 (SELECTEL-MSK JSC Selectel, RU),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
Referer: https://s1.turoktvcom.lol/

Response headers

alt-svc: h3=":443"; ma=86400
content-length: 0
date: Thu, 30 Apr 2026 07:29:52 GMT
content-type: image/jpeg
x-movieads-country: PT
server: nginx

Redirect headers

date: Thu, 30 Apr 2026 07:29:52 GMT
server: nginx
location: https://code.moviead55.ru/go/csync?cn=plzkrt&bid=69f304eda897d800017ab1bc

GET
H2 204 logger
logger.moviead55.ru/ Frame 4C4D 0
101 B 126ms
125ms Image
text/plain 87.242.110.166
SELECTEL-MSK JSC ...

General

Check archive.org

Download Go to Show image

Full URL: https://logger.moviead55.ru/logger?t=player_frame_loaded_new&c=6e7f0056-2fa1-b3cd-09e9-5ea76e50bb8d&a=&m=0&v=02aaceb3f3c05eb335337785785d6573&o=%7B%220%22%3A%22https%3A%2F%2Fs1.turoktvcom.lol%22%7D
Requested by: Host: s1.turoktvcom.lol
URL: https://s1.turoktvcom.lol/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.242.110.166 , Russian Federation, ASN50340 (SELECTEL-MSK JSC Selectel, RU),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://s1.turoktvcom.lol/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

x-logger-tdb: skyadvert
alt-svc: h3=":443"; ma=86400
date: Thu, 30 Apr 2026 07:29:48 GMT
x-movieads-country: PT
server: nginx

GET
H3 200 pixel
code.moviead55.ru/go/ Frame 4C4D 0
225 B 125ms
124ms Image
image/jpeg 87.242.110.166
SELECTEL-MSK JSC ...

General

Check archive.org

Download Go to Show image

Full URL: https://code.moviead55.ru/go/pixel?v=02aaceb3f3c05eb335337785785d6573&maid=1cbe2ce8-6f38-b9e2-ec3c-9e76a798f738&r=https%3A%2F%2Fs1.turoktvcom.lol%2F&fmt_id=1&rnd=1777534188.635575
Requested by: Host: s1.turoktvcom.lol
URL: https://s1.turoktvcom.lol/
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 87.242.110.166 , Russian Federation, ASN50340 (SELECTEL-MSK JSC Selectel, RU),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://s1.turoktvcom.lol/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

x-skyadvert-udata: cache,parsed,154604
alt-svc: h3=":443"; ma=86400
content-length: 0
x-skyadvert-path: /
date: Thu, 30 Apr 2026 07:29:48 GMT
content-type: image/jpeg
x-movieads-country: PT
server: nginx

GET
H2 200 thumbmark.umd.js Show response
static.kimberlite.io/js/ Frame 4C4D 30 KB
13 KB 364ms
118ms Script
application/javascript 212.8.232.117
NETRACK-AS Start2...

General

Check archive.org

Download Go to

Full URL: https://static.kimberlite.io/js/thumbmark.umd.js
Requested by: Host: kimberlite.io
URL: https://kimberlite.io/rtb/ujs?ymss=skyadvert
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.8.232.117 Moscow, Russian Federation, ASN61400 (NETRACK-AS Start2 LLC, RU),
Reverse DNS
Software: nginx /
Resource Hash: 54a39580526bca72122afde8131057b589c7b56ba96217438c4a41016ed759c8

Request headers

Origin: https://s1.turoktvcom.lol
sec-ch-ua-platform: "Linux"
Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-encoding: gzip
etag: W/"6995f66d-7737"
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, PATCH
access-control-allow-origin: https://s1.turoktvcom.lol
date: Thu, 30 Apr 2026 07:29:49 GMT
content-type: application/javascript
last-modified: Wed, 18 Feb 2026 17:27:09 GMT
server: nginx
access-control-allow-headers: Authorization,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 botd.js Show response
static.kimberlite.io/js/ Frame 4C4D 27 KB
8 KB 444ms
199ms Script
application/javascript 212.8.232.117
NETRACK-AS Start2...

General

Check archive.org

Download Go to

Full URL: https://static.kimberlite.io/js/botd.js
Requested by: Host: kimberlite.io
URL: https://kimberlite.io/rtb/ujs?ymss=skyadvert
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.8.232.117 Moscow, Russian Federation, ASN61400 (NETRACK-AS Start2 LLC, RU),
Reverse DNS
Software: nginx /
Resource Hash: bdb8b3b0ffef3a4c89ce8a6fa2bd1049813b5559cbc1906363c95f85bd9b8f56

Request headers

Origin: https://s1.turoktvcom.lol
sec-ch-ua-platform: "Linux"
Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-encoding: gzip
etag: W/"6995f66d-6b7f"
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, PATCH
access-control-allow-origin: https://s1.turoktvcom.lol
date: Thu, 30 Apr 2026 07:29:49 GMT
content-type: application/javascript
last-modified: Wed, 18 Feb 2026 17:27:09 GMT
server: nginx
access-control-allow-headers: Authorization,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 53399341 Show response
mc.yandex.com/watch/ Frame 4C4D 715 B
752 B 132ms
131ms Fetch
application/json 87.250.251.119
YANDEX YANDEX LLC

General

Check archive.org

Download Go to

Full URL

https://mc.yandex.com/watch/53399341?wmode=7&page-url=https%3A%2F%2Fs1.turoktvcom.lol%2F&charset=utf-8&uah=chu%0A%22Chromium%22%3Bv%3D%22147%22%2C%22Google%20Chrome%22%3Bv%3D%22147%22%2C%22Not-A.Brand%22%3Bv%3D%2224%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A147.0.7727.116%0Achl%0A%22Chromium%22%3Bv%3D%22147.0.0.0%22%2C%22Google%20Chrome%22%3Bv%3D%22147.0.0.0%22%2C%22Not-A.Brand%22%3Bv%3D%2224.0.0.0%22%0Achm%0A%3F0%0Achp%0ALinux&browser-info=pv%3A1%3Avf%3A6glgxny3ywmlt088t0nklbpybmq57%3Afu%3A1%3Aen%3Autf-8%3Ala%3Apt-PT%3Av%3A2482%3Acn%3A1%3Adp%3A0%3Als%3A739216901911%3Ahid%3A155866271%3Az%3A0%3Ai%3A20260430072948%3Aet%3A1777534189%3Ac%3A1%3Arn%3A341098828%3Arqn%3A1%3Au%3A1777534188424720601%3Aw%3A760x300%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C0%2C0%2C%2C%2C0%2C%2C0%2C0%2C3%2C3%2C0%2C3%3Aco%3A0%3Acpf%3A1%3Ans%3A1777534188553%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1777534189%3At%3A&t=clt(43)gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(42009088)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

87.250.251.119 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

Software

Resource Hash

200a899b68be2cc80cf3de4e54ffa52cba0ee8d651ac4548fd5892347a0f11aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://s1.turoktvcom.lol/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-credentials: true
x-content-type-options: nosniff
expires: Thu, 30-Apr-2026 07:29:48 GMT
access-control-allow-origin: https://s1.turoktvcom.lol
content-length: 715
x-xss-protection: 1; mode=block
content-type: application/json; charset=utf-8
last-modified: Thu, 30-Apr-2026 07:29:48 GMT

GET
H2 200 108486154 Show response
mc.yandex.com/watch/ Frame 4C4D 709 B
742 B 127ms
126ms Fetch
application/json 87.250.251.119
YANDEX YANDEX LLC

General

Check archive.org

Download Go to

Full URL

https://mc.yandex.com/watch/108486154?wmode=7&page-url=https%3A%2F%2Fs1.turoktvcom.lol%2F&charset=utf-8&site-info=%7B%22sessionId%22%3A%22afME7EBkXOU%22%2C%22p1%22%3A%2266%22%2C%22age_ok%22%3A1%7D&uah=chu%0A%22Chromium%22%3Bv%3D%22147%22%2C%22Google%20Chrome%22%3Bv%3D%22147%22%2C%22Not-A.Brand%22%3Bv%3D%2224%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A147.0.7727.116%0Achl%0A%22Chromium%22%3Bv%3D%22147.0.0.0%22%2C%22Google%20Chrome%22%3Bv%3D%22147.0.0.0%22%2C%22Not-A.Brand%22%3Bv%3D%2224.0.0.0%22%0Achm%0A%3F0%0Achp%0ALinux&browser-info=pv%3A1%3Avf%3A6glgxny3ywmlt088t0nklbpybmq57%3Afu%3A1%3Aen%3Autf-8%3Ala%3Apt-PT%3Av%3A2482%3Acn%3A2%3Adp%3A0%3Als%3A1610109701068%3Ahid%3A155866271%3Az%3A0%3Ai%3A20260430072948%3Aet%3A1777534189%3Ac%3A1%3Arn%3A138391314%3Arqn%3A1%3Au%3A1777534188424720601%3Aw%3A760x300%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C0%2C0%2C%2C%2C0%2C%2C0%2C0%2C3%2C3%2C0%2C3%3Aco%3A0%3Acpf%3A1%3Ans%3A1777534188553%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1777534189%3At%3A&t=clt(51)gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(42017284)evs(NTMzOTkzNDE6MDow)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

87.250.251.119 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

Software

Resource Hash

668cde28c80c3acc96502d88b1dc23dcfe5205cba9e6557550b5dcfd3da45be5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://s1.turoktvcom.lol/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-credentials: true
x-content-type-options: nosniff
expires: Thu, 30-Apr-2026 07:29:48 GMT
access-control-allow-origin: https://s1.turoktvcom.lol
content-length: 709
x-xss-protection: 1; mode=block
content-type: application/json; charset=utf-8
last-modified: Thu, 30-Apr-2026 07:29:48 GMT

GET
H2 200 108486154 Show response
mc.yandex.com/ytm-config/ Frame 4C4D 183 B
568 B 130ms
130ms Fetch
application/json 87.250.251.119
YANDEX YANDEX LLC

General

Check archive.org

Download Go to

Full URL

https://mc.yandex.com/ytm-config/108486154?wmode=7

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

87.250.251.119 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

Software

Resource Hash

16f0e8760f94da4117d7f6558c05f9c681ee66a4b007468d53e2924f869f0108

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://s1.turoktvcom.lol/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

strict-transport-security: max-age=31536000
cache-control: private, max-age=3600
access-control-allow-origin: https://s1.turoktvcom.lol
content-length: 183
content-type: application/json
vary: Origin
access-control-allow-credentials: true

GET
H3 200 bmap Show response
code.moviead55.ru/go/ Frame E74E 52 KB
25 KB 127ms
127ms Script
text/javascript 87.242.110.166
SELECTEL-MSK JSC ...

General

Check archive.org

Download Go to

Full URL: https://code.moviead55.ru/go/bmap?v=02aaceb3f3c05eb335337785785d6573&sub_id=ap&fmt_id=4&pl_key=banner&testad=no&r=https%3A%2F%2Fs1.turoktvcom.lol%2F&tanc=https%3A%2F%2Fs1.turoktvcom.lol&ancs=%5B%5D&maid=1cbe2ce8-6f38-b9e2-ec3c-9e76a798f738&retry=1&rnd=1777534189061
Requested by: Host: s1.turoktvcom.lol
URL: https://s1.turoktvcom.lol/
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 87.242.110.166 , Russian Federation, ASN50340 (SELECTEL-MSK JSC Selectel, RU),
Reverse DNS
Software: nginx /
Resource Hash: d59eebde8ddbac376a36db78769974487672145e84427a727d9cc9a8d4d5dd21

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://s1.turoktvcom.lol/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-encoding: gzip
x-skyadvert-udata: cache,parsed,154695
alt-svc: h3=":443"; ma=86400
x-skyadvert-path: /
date: Thu, 30 Apr 2026 07:29:49 GMT
content-type: text/javascript;charset=UTF-8
vary: accept-encoding
server: nginx
x-movieads-country: PT

OPTIONS
H/1.1 200
OK /
privacy-cs.mail.ru/fp/ Frame 0
0 1461ms
126ms Preflight
application/octet-stream 90.156.232.15
VK-AS LLC VK

General

Check archive.org

Download Go to

Full URL: https://privacy-cs.mail.ru/fp/?id=RZJrkVAEhRv7Y6x82T6DC
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 90.156.232.15 , Russian Federation, ASN47764 (VK-AS LLC VK, RU),
Reverse DNS
Software: envoy-lb7-prod /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://s1.turoktvcom.lol
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-method: POST
access-control-allow-origin: https://s1.turoktvcom.lol
access-control-max-age: 1728000
cache-control: max-age=7200
content-length: 0
content-type: application/octet-stream
date: Thu, 30 Apr 2026 07:29:50 GMT
expires: Thu, 30 Apr 2026 09:29:50 GMT
server: envoy-lb7-prod
x-envoy-upstream-service-time: 0

POST
H/1.1 200
OK /
privacy-cs.mail.ru/fp/ Frame 4C4D 0
0 1717ms
449ms Fetch
application/octet-stream 90.156.232.15
VK-AS LLC VK

General

Check archive.org

Download Go to

Full URL: https://privacy-cs.mail.ru/fp/?id=RZJrkVAEhRv7Y6x82T6DC
Requested by: Host: ad.mail.ru
URL: https://ad.mail.ru/static/sync-loader.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 90.156.232.15 , Russian Federation, ASN47764 (VK-AS LLC VK, RU),
Reverse DNS
Software: envoy-lb7-prod /
Resource Hash

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://s1.turoktvcom.lol/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
Content-Type: application/json
sec-ch-ua-mobile: ?0

Response headers

transfer-encoding: chunked
cache-control: max-age=7200
timing-allow-origin: *
x-envoy-upstream-service-time: 329
access-control-allow-credentials: true
expires: Thu, 30 Apr 2026 09:29:52 GMT
access-control-allow-origin: https://s1.turoktvcom.lol
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSAo PSDo OUR BUS UNI NAV STA INT"
date: Thu, 30 Apr 2026 07:29:52 GMT
content-type: application/octet-stream
server: envoy-lb7-prod

GET
H3

200

csync
code.moviead55.ru/go/ Frame 4C4D
Redirect Chain

https://code.moviead55.ru/go/cinit?cn=btwcookie&rnd=1777534188
https://ads.betweendigital.com/match?bidder_id=34348&callback_url=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dbtwcookie%26bid%3D%24%7BUSER_ID%7D
https://code.moviead55.ru/go/csync?cn=btwcookie&bid=543df9aa-0e0f-5278-af32-b0b2c6c1b45e

0
176 B

122ms
121ms

Image
image/jpeg

87.242.110.166
SELECTEL-MSK JSC ...

General

Check archive.org

Download Go to Show image

Full URL: https://code.moviead55.ru/go/csync?cn=btwcookie&bid=543df9aa-0e0f-5278-af32-b0b2c6c1b45e
Requested by: Host: s1.turoktvcom.lol
URL: https://s1.turoktvcom.lol/
Protocol: H3
Server: 87.242.110.166 , Russian Federation, ASN50340 (SELECTEL-MSK JSC Selectel, RU),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
Referer: https://s1.turoktvcom.lol/

Response headers

alt-svc: h3=":443"; ma=86400
content-length: 0
date: Thu, 30 Apr 2026 07:29:49 GMT
content-type: image/jpeg
x-movieads-country: PT
server: nginx

Redirect headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
location: https://code.moviead55.ru/go/csync?cn=btwcookie&bid=543df9aa-0e0f-5278-af32-b0b2c6c1b45e
content-length: 0

GET
H/1.1

200
OK

cm
match.ohmy.bid/ Frame D07E
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=45296&callback_url=https%3A%2F%2Fmatch.ohmy.bid%2Fcm%3Fdsp_id%3D84%26uid%3D%24%7BUSER_ID%7D
https://match.ohmy.bid/cm?dsp_id=84&uid=543df9aa-0e0f-5278-af32-b0b2c6c1b45e

44 B
294 B

354ms
118ms

Image
image/gif

37.0.127.200
NETRACK-AS Start2...

General

Check archive.org

Download Go to Show image

Full URL: https://match.ohmy.bid/cm?dsp_id=84&uid=543df9aa-0e0f-5278-af32-b0b2c6c1b45e
Requested by: Host: sp.ohmy.bid
URL: https://sp.ohmy.bid/cmft
Protocol: HTTP/1.1
Server: 37.0.127.200 Moscow, Russian Federation, ASN61400 (NETRACK-AS Start2 LLC, RU),
Reverse DNS: lounge.cartfreeshopping.com
Software: nginx /
Resource Hash: 82cb517a8f80c91dfcec543c6d140deb3baaf463ea9e77655475096eba7bc7d9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
Referer: https://sp.ohmy.bid/

Response headers

Content-Encoding: gzip
Connection: keep-alive
Access-Control-Allow-Credentials: true
Content-Length: 58
Bidder: bid-19 1.2414.38dd0d92
Date: Thu, 30 Apr 2026 07:29:49 GMT
Content-Type: image/gif
Server: nginx

Redirect headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
location: https://match.ohmy.bid/cm?dsp_id=84&uid=543df9aa-0e0f-5278-af32-b0b2c6c1b45e
content-length: 0

GET
H/1.1

400
Bad Request

sync
a.adlook.tech/ Frame D07E
Redirect Chain

https://sync.adsp.io/match/omb?id=be2d7da3-8185-4f0d-8fb1-10a0aa50e3c9
https://sync.adsp.io/match/omb?id=be2d7da3-8185-4f0d-8fb1-10a0aa50e3c9&chk=1
https://a.adlook.tech/sync?dsp=71&buyerid=M2U1YTBhNTE0OWIwYmVkZQ

0
637 B

1435ms
163ms

Image
text/plain

213.171.19.211
SmartApe LLC Smar...

General

Check archive.org

Download Go to Show image

Full URL: https://a.adlook.tech/sync?dsp=71&buyerid=M2U1YTBhNTE0OWIwYmVkZQ
Requested by: Host: sp.ohmy.bid
URL: https://sp.ohmy.bid/cmft
Protocol: HTTP/1.1
Server: 213.171.19.211 Moscow, Russian Federation, ASN56694 (SmartApe LLC Smart Ape, RU),
Reverse DNS
Software: nginx/1.24.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
Referer: https://sp.ohmy.bid/

Response headers

Access-Control-Expose-Headers: Content-Length,Content-Range
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
x-error: unknown dsp
Content-Length: 0
Date: Thu, 30 Apr 2026 07:29:52 GMT
Content-Type: text/plain
Server: nginx/1.24.0
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
location: https://a.adlook.tech/sync?dsp=71&buyerid=M2U1YTBhNTE0OWIwYmVkZQ
content-length: 0
date: Thu, 30 Apr 2026 07:29:50 GMT
server: nginx

GET
H/1.1

200
OK

cm
sp.ohmy.bid/ Frame D07E
Redirect Chain

https://www.acint.net/rmatch?dp=217&r=https%3A%2F%2Fsp.ohmy.bid%2Fcm%3Fdsp_id%3D5%26uid%3D%24%7BUSER_ID%7D
https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fsp.ohmy.bid%252Fcm%253Fdsp_id%253D5%2526uid%253D%2524%257BUSER_ID%257D&...
https://acint.net/rmatch?dp=14&euid=6303420AEC04F369BE026FA802642A54&r=https%3A%2F%2Fsp.ohmy.bid%2Fcm%3Fdsp_id%3D5%26uid%3D%24%7BUSER_ID%7D
https://sp.ohmy.bid/cm?dsp_id=5&uid=0300007FEC04F369783AB0A402DBCC50

44 B
294 B

128ms
128ms

Image
image/gif

37.0.127.200
NETRACK-AS Start2...

General

Check archive.org

Download Go to Show image

Full URL: https://sp.ohmy.bid/cm?dsp_id=5&uid=0300007FEC04F369783AB0A402DBCC50
Requested by: Host: sp.ohmy.bid
URL: https://sp.ohmy.bid/cmft
Protocol: HTTP/1.1
Server: 37.0.127.200 Moscow, Russian Federation, ASN61400 (NETRACK-AS Start2 LLC, RU),
Reverse DNS: lounge.cartfreeshopping.com
Software: nginx /
Resource Hash: 82cb517a8f80c91dfcec543c6d140deb3baaf463ea9e77655475096eba7bc7d9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
Referer: https://sp.ohmy.bid/

Response headers

Content-Encoding: gzip
Connection: keep-alive
Access-Control-Allow-Credentials: true
Content-Length: 58
Bidder: bid-19 1.2414.38dd0d92
Date: Thu, 30 Apr 2026 07:29:51 GMT
Content-Type: image/gif
Server: nginx

Redirect headers

cache-control: private, no-cache, no-store, must-revalidate, max-age=0
location: https://sp.ohmy.bid/cm?dsp_id=5&uid=0300007FEC04F369783AB0A402DBCC50
expires: Wed, 19 Apr 2000 11:43:00 GMT
content-length: 154
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
date: Thu, 30 Apr 2026 07:29:51 GMT
content-type: text/html
server: openresty

GET
H/1.1

200
OK

cm
match.ohmy.bid/ Frame D07E
Redirect Chain

https://ev.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=11644644&bn=11644644
https://ev.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=11644644&bn=11644644&tuid=-4580093146
https://match.ohmy.bid/cm?dsp_id=113&uid=Aw0WOXbw8gzUWBmYY2nig5Q

44 B
294 B

401ms
122ms

Image
image/gif

37.0.127.200
NETRACK-AS Start2...

General

Check archive.org

Download Go to Show image

Full URL: https://match.ohmy.bid/cm?dsp_id=113&uid=Aw0WOXbw8gzUWBmYY2nig5Q
Requested by: Host: sp.ohmy.bid
URL: https://sp.ohmy.bid/cmft
Protocol: HTTP/1.1
Server: 37.0.127.200 Moscow, Russian Federation, ASN61400 (NETRACK-AS Start2 LLC, RU),
Reverse DNS: lounge.cartfreeshopping.com
Software: nginx /
Resource Hash: 82cb517a8f80c91dfcec543c6d140deb3baaf463ea9e77655475096eba7bc7d9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
Referer: https://sp.ohmy.bid/

Response headers

Content-Encoding: gzip
Connection: keep-alive
Access-Control-Allow-Credentials: true
Content-Length: 58
Bidder: bid-12 1.2414.38dd0d92
Date: Thu, 30 Apr 2026 07:29:50 GMT
Content-Type: image/gif
Server: nginx

Redirect headers

Transfer-Encoding: chunked
Cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Location: https://match.ohmy.bid/cm?dsp_id=113&uid=Aw0WOXbw8gzUWBmYY2nig5Q
Pragma: no-cache
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Date: Thu, 30 Apr 2026 07:29:49 GMT
Content-Type: text/html

GET
H3 200 match.gif
mediatoday.ru/core/ Frame D07E 43 B
598 B 249ms
120ms Image
image/gif 194.186.91.197
SOVAM-AS PJSC "Vi...

General

Check archive.org

Download Go to Show image

Full URL: https://mediatoday.ru/core/match.gif?s=34&id={visitor_id}
Requested by: Host: sp.ohmy.bid
URL: https://sp.ohmy.bid/cmft
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 194.186.91.197 , Russian Federation, ASN3216 (SOVAM-AS PJSC "Vimpelcom", RU),
Reverse DNS: serv32.mt.viaprog.eu
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://sp.ohmy.bid/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-control: no-cache, max-age=0, must-revalidate, no-store
pragma: no-cache
expires: Tue, 11 Sep 2001 12:46:00 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 43
date: Thu, 30 Apr 2026 07:29:49 GMT
content-type: image/gif
server: nginx

GET
H/1.1

200
OK

cm
sp.ohmy.bid/ Frame D07E
Redirect Chain

https://sync.dmp.otm-r.com/match/ohmybids?id=be2d7da3-8185-4f0d-8fb1-10a0aa50e3c9
https://sync.dmp.otm-r.com/match/ohmybids?id=be2d7da3-8185-4f0d-8fb1-10a0aa50e3c9&otcm_check=1777534189
https://sp.ohmy.bid/cm?dsp_id=48&uid=NjlmMzA0ZWMyZDI2MmU3ZQ%3D%3D

44 B
294 B

128ms
127ms

Image
image/gif

37.0.127.200
NETRACK-AS Start2...

General

Check archive.org

Download Go to Show image

Full URL: https://sp.ohmy.bid/cm?dsp_id=48&uid=NjlmMzA0ZWMyZDI2MmU3ZQ%3D%3D
Requested by: Host: sp.ohmy.bid
URL: https://sp.ohmy.bid/cmft
Protocol: HTTP/1.1
Server: 37.0.127.200 Moscow, Russian Federation, ASN61400 (NETRACK-AS Start2 LLC, RU),
Reverse DNS: lounge.cartfreeshopping.com
Software: nginx /
Resource Hash: 82cb517a8f80c91dfcec543c6d140deb3baaf463ea9e77655475096eba7bc7d9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
Referer: https://sp.ohmy.bid/

Response headers

Content-Encoding: gzip
Connection: keep-alive
Access-Control-Allow-Credentials: true
Content-Length: 58
Bidder: bid-11 1.2414.38dd0d92
Date: Thu, 30 Apr 2026 07:29:49 GMT
Content-Type: image/gif
Server: nginx

Redirect headers

access-control-allow-origin: *
location: https://sp.ohmy.bid/cm?dsp_id=48&uid=NjlmMzA0ZWMyZDI2MmU3ZQ%3D%3D
content-length: 0
date: Thu, 30 Apr 2026 07:29:49 GMT

GET
H/1.1

200
OK

cm
match.ohmy.bid/ Frame D07E
Redirect Chain

https://otclick-adv.ru/core/match.gif?s=34&reference=https%3A%2F%2Fmatch.ohmy.bid%2Fcm%3Fdsp_id%3D87%26uid%3D%23%7BUID%7D
https://match.ohmy.bid/cm?dsp_id=87&uid=VUpJhS5iOqC1MR9

44 B
294 B

453ms
119ms

Image
image/gif

37.0.127.200
NETRACK-AS Start2...

General

Check archive.org

Download Go to Show image

Full URL: https://match.ohmy.bid/cm?dsp_id=87&uid=VUpJhS5iOqC1MR9
Requested by: Host: sp.ohmy.bid
URL: https://sp.ohmy.bid/cmft
Protocol: HTTP/1.1
Server: 37.0.127.200 Moscow, Russian Federation, ASN61400 (NETRACK-AS Start2 LLC, RU),
Reverse DNS: lounge.cartfreeshopping.com
Software: nginx /
Resource Hash: 82cb517a8f80c91dfcec543c6d140deb3baaf463ea9e77655475096eba7bc7d9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
Referer: https://sp.ohmy.bid/

Response headers

Content-Encoding: gzip
Connection: keep-alive
Access-Control-Allow-Credentials: true
Content-Length: 58
Bidder: bid-15 1.2414.38dd0d92
Date: Thu, 30 Apr 2026 07:29:50 GMT
Content-Type: image/gif
Server: nginx

Redirect headers

Cache-Control: no-cache, max-age=0, must-revalidate, no-store
Location: https://match.ohmy.bid/cm?dsp_id=87&uid=VUpJhS5iOqC1MR9
Pragma: no-cache
Connection: keep-alive
Expires: Thursday, 01-Jan-1970 00:00:00 GMT
Content-Length: 124
Keep-Alive: timeout=60
Date: Thu, 30 Apr 2026 07:29:49 GMT
P3P: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
Server: nginx

GET
H2 204 ohmybid
bid.sspnet.tech/sync/ Frame D07E 0
46 B 411ms
147ms Image
text/plain 212.41.25.244
SELECTEL-MSK JSC ...

General

Check archive.org

Download Go to Show image

Full URL: https://bid.sspnet.tech/sync/ohmybid?redirect=https%3A%2F%2Fmatch.ohmy.bid%2Fcm%3Fdsp_id%3D128%26uid%3D%24%7BUSER_ID%7D&user_id=be2d7da3-8185-4f0d-8fb1-10a0aa50e3c9
Requested by: Host: sp.ohmy.bid
URL: https://sp.ohmy.bid/cmft
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.41.25.244 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK JSC Selectel, RU),
Reverse DNS
Software: nginx/1.28.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://sp.ohmy.bid/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

date: Thu, 30 Apr 2026 07:29:49 GMT
server: nginx/1.28.2

GET
H/1.1

200
OK

cm
match.ohmy.bid/ Frame D07E
Redirect Chain

https://sp.linkssp.ru/cm?key=edc11c69abfc708136ed44d548263e69&location=https%3A%2F%2Fmatch.ohmy.bid%2Fcm%3Fdsp_id%3D127%26uid%3D%7Buid%7D
https://match.ohmy.bid/cm?dsp_id=127&uid=2f872315-ed07-4117-9e0f-2d99231ea720

44 B
294 B

337ms
118ms

Image
image/gif

37.0.127.200
NETRACK-AS Start2...

General

Check archive.org

Download Go to Show image

Full URL: https://match.ohmy.bid/cm?dsp_id=127&uid=2f872315-ed07-4117-9e0f-2d99231ea720
Requested by: Host: sp.ohmy.bid
URL: https://sp.ohmy.bid/cmft
Protocol: HTTP/1.1
Server: 37.0.127.200 Moscow, Russian Federation, ASN61400 (NETRACK-AS Start2 LLC, RU),
Reverse DNS: lounge.cartfreeshopping.com
Software: nginx /
Resource Hash: 82cb517a8f80c91dfcec543c6d140deb3baaf463ea9e77655475096eba7bc7d9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
Referer: https://sp.ohmy.bid/

Response headers

Content-Encoding: gzip
Connection: keep-alive
Access-Control-Allow-Credentials: true
Content-Length: 58
Bidder: bid-08 1.2414.38dd0d92
Date: Thu, 30 Apr 2026 07:29:49 GMT
Content-Type: image/gif
Server: nginx

Redirect headers

Location: https://match.ohmy.bid/cm?dsp_id=127&uid=2f872315-ed07-4117-9e0f-2d99231ea720
Content-Length: 0
Bidder: bid-03 1.396.e0e2df4
Date: Thu, 30 Apr 2026 07:29:49 GMT
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

GET
H/1.1

200
OK

cm
sp.ohmy.bid/ Frame D07E
Redirect Chain

https://sm.rtb.mts.ru/p?ssp=ohmybid&id=be2d7da3-8185-4f0d-8fb1-10a0aa50e3c9
https://vma.mts.ru/match/second?ssp=62&exu=be2d7da3-8185-4f0d-8fb1-10a0aa50e3c9
https://cm.a.mts.ru/cm/tech?flowId=c128a652-29c1-46c5-aece-22212bde700f&measurement_id=MTS_DSP_web&dsp_uid=935f105f-2947-4c4f-bf3b-0cb98014348a&redirect_return_url=https%3A%2F%2Fdmg.digitaltarget.r...
https://9320455701777534190223.cm.a.mts.ru/cm/match?flowId=c128a652-29c1-46c5-aece-22212bde700f&measurement_id=MTS_DSP_web&dsp_uid=935f105f-2947-4c4f-bf3b-0cb98014348a&redirect_return_url=https://d...
https://dmg.digitaltarget.ru/1/7673/i/i?a=3680&e=935f105f-2947-4c4f-bf3b-0cb98014348a&i=6031&redirect=https%3A%2F%2Fvma.mts.ru%2Fem%3Fnext%3D62%26em%3D6%26ssp%3Damberdata
https://dmg.digitaltarget.ru/awg/custom/7673/i/i?call_source=awg&ts=1777534190797&a=3680&e=935f105f-2947-4c4f-bf3b-0cb98014348a&i=6031&redirect=https%3A%2F%2Fvma.mts.ru%2Fem%3Fnext%3D62%26em%3D6%26...
https://vma.mts.ru/em?next=62&em=6&ssp=amberdata
https://sp.ohmy.bid/cm?dsp_id=6&uid=935f105f-2947-4c4f-bf3b-0cb98014348a

44 B
294 B

129ms
129ms

Image
image/gif

37.0.127.200
NETRACK-AS Start2...

General

Check archive.org

Download Go to Show image

Full URL: https://sp.ohmy.bid/cm?dsp_id=6&uid=935f105f-2947-4c4f-bf3b-0cb98014348a
Requested by: Host: sp.ohmy.bid
URL: https://sp.ohmy.bid/cmft
Protocol: HTTP/1.1
Server: 37.0.127.200 Moscow, Russian Federation, ASN61400 (NETRACK-AS Start2 LLC, RU),
Reverse DNS: lounge.cartfreeshopping.com
Software: nginx /
Resource Hash: 82cb517a8f80c91dfcec543c6d140deb3baaf463ea9e77655475096eba7bc7d9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
Referer: https://sp.ohmy.bid/

Response headers

Content-Encoding: gzip
Connection: keep-alive
Access-Control-Allow-Credentials: true
Content-Length: 58
Bidder: bid-01 1.2414.38dd0d92
Date: Thu, 30 Apr 2026 07:29:51 GMT
Content-Type: image/gif
Server: nginx

Redirect headers

Cache-Control: no-store, no-cache, must-revalidate
Location: https://sp.ohmy.bid/cm?dsp_id=6&uid=935f105f-2947-4c4f-bf3b-0cb98014348a
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Access-Control-Allow-Origin: *
Content-Length: 0
Date: Thu, 30 Apr 2026 07:29:51 GMT
Vary: Origin
Server: Angie
Access-Control-Allow-Headers: Origin

GET
H/1.1

200
OK

cm
sp.ohmy.bid/ Frame D07E
Redirect Chain

https://exchange.buzzoola.com/cookiesync/redirect?redirect_url=https%3A%2F%2Fsp.ohmy.bid%2Fcm%3Fdsp_id%3D8%26uid%3D${UUID}
https://sp.ohmy.bid/cm?dsp_id=8&uid=246dc19e-77d7-4a20-4c97-45f6c9922419

44 B
294 B

128ms
128ms

Image
image/gif

37.0.127.200
NETRACK-AS Start2...

General

Check archive.org

Download Go to Show image

Full URL: https://sp.ohmy.bid/cm?dsp_id=8&uid=246dc19e-77d7-4a20-4c97-45f6c9922419
Requested by: Host: sp.ohmy.bid
URL: https://sp.ohmy.bid/cmft
Protocol: HTTP/1.1
Server: 37.0.127.200 Moscow, Russian Federation, ASN61400 (NETRACK-AS Start2 LLC, RU),
Reverse DNS: lounge.cartfreeshopping.com
Software: nginx /
Resource Hash: 82cb517a8f80c91dfcec543c6d140deb3baaf463ea9e77655475096eba7bc7d9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
Referer: https://sp.ohmy.bid/

Response headers

Content-Encoding: gzip
Connection: keep-alive
Access-Control-Allow-Credentials: true
Content-Length: 58
Bidder: bid-07 1.2414.38dd0d92
Date: Thu, 30 Apr 2026 07:29:49 GMT
Content-Type: image/gif
Server: nginx

Redirect headers

location: https://sp.ohmy.bid/cm?dsp_id=8&uid=246dc19e-77d7-4a20-4c97-45f6c9922419
content-length: 99
date: Thu, 30 Apr 2026 07:29:49 GMT
content-type: text/html; charset=utf-8
server: nginx
serverid: TODO

GET
H2

200

cs
rtb.moe.video/ Frame D07E
Redirect Chain

https://sync.programmatica.com/match/ohmybid?id=be2d7da3-8185-4f0d-8fb1-10a0aa50e3c9
https://rtb.moe.video/cs?d=17&b=M2M5ZGViYWU2OThiNjlhZA

0
177 B

359ms
114ms

Image
text/plain

87.228.65.203
SELECTEL JSC Sele...

General

Check archive.org

Download Go to Show image

Full URL

https://rtb.moe.video/cs?d=17&b=M2M5ZGViYWU2OThiNjlhZA

Requested by

Host: sp.ohmy.bid
URL: https://sp.ohmy.bid/cmft

Protocol

Server

87.228.65.203 , Russian Federation, ASN49505 (SELECTEL JSC Selectel, RU),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
Referer: https://sp.ohmy.bid/

Response headers

date: Thu, 30 Apr 2026 07:29:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 0

Redirect headers

access-control-allow-methods: PUT,GET,POST,OPTIONS
location: https://rtb.moe.video/cs?d=17&b=M2M5ZGViYWU2OThiNjlhZA
content-length: 0
date: Thu, 30 Apr 2026 07:29:50 GMT
server: nginx
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

GET
H/1.1 204
No Content sync
a.bringads.ru/ Frame D07E 0
566 B 432ms
172ms Image
text/plain 213.171.19.157
SmartApe LLC Smar...

General

Check archive.org

Download Go to Show image

Full URL: https://a.bringads.ru/sync?ssp=22
Requested by: Host: sp.ohmy.bid
URL: https://sp.ohmy.bid/cmft
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.171.19.157 Moscow, Russian Federation, ASN56694 (SmartApe LLC Smart Ape, RU),
Reverse DNS
Software: nginx/1.24.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://sp.ohmy.bid/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

Access-Control-Expose-Headers: Content-Length,Content-Range
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Length: 0
Date: Thu, 30 Apr 2026 07:29:50 GMT
Content-Type: text/plain
Vary: Origin
Server: nginx/1.24.0
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

GET
H/1.1

200
OK

cm
sp.ohmy.bid/ Frame D07E
Redirect Chain

https://sync.bumlam.com/?src=ohd1&uid=be2d7da3-8185-4f0d-8fb1-10a0aa50e3c9
https://sync.bumlam.com/?src=ohd1&s_data=CAIQARjuiczPBmIkYmUyZDdkYTMtODE4NS00ZjBkLThmYjEtMTBhMGFhNTBlM2M5ogEQX2-d5kRmEfGojgAlkMgkNg**
https://sp.ohmy.bid/cm?dsp_id=45&uid=5f6f9de6-4466-11f1-a88e-002590c82436

44 B
294 B

128ms
128ms

Image
image/gif

37.0.127.200
NETRACK-AS Start2...

General

Check archive.org

Download Go to Show image

Full URL: https://sp.ohmy.bid/cm?dsp_id=45&uid=5f6f9de6-4466-11f1-a88e-002590c82436
Requested by: Host: sp.ohmy.bid
URL: https://sp.ohmy.bid/cmft
Protocol: HTTP/1.1
Server: 37.0.127.200 Moscow, Russian Federation, ASN61400 (NETRACK-AS Start2 LLC, RU),
Reverse DNS: lounge.cartfreeshopping.com
Software: nginx /
Resource Hash: 82cb517a8f80c91dfcec543c6d140deb3baaf463ea9e77655475096eba7bc7d9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
Referer: https://sp.ohmy.bid/

Response headers

Content-Encoding: gzip
Connection: keep-alive
Access-Control-Allow-Credentials: true
Content-Length: 58
Bidder: bid-17 1.2414.38dd0d92
Date: Thu, 30 Apr 2026 07:29:50 GMT
Content-Type: image/gif
Server: nginx

Redirect headers

Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Location: https://sp.ohmy.bid/cm?dsp_id=45&uid=5f6f9de6-4466-11f1-a88e-002590c82436
Connection: keep-alive
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Date: Thu, 30 Apr 2026 07:29:50 GMT
Content-Type: text/html; charset=utf-8
Server: nginx

GET
H/1.1

200
OK

cm
cmr.bidderstack.com/solta/ Frame D07E
Redirect Chain

https://kimberlite.io/rtb/sync/ohmybid
https://exchange.buzzoola.com/cookiesync/redirect?redirect_url=https%3A%2F%2Fkimberlite.io%2Frtb%2Fsync%2Fbuzzoola%3Fu%3D%24%7BUUID%7D%26f%3Dhttps%253A%252F%252Fmatch.ohmy.bid%252Fcm%253Fdsp_id%253...
https://kimberlite.io/rtb/sync/buzzoola?u=246dc19e-77d7-4a20-4c97-45f6c9922419&f=https%3A%2F%2Fmatch.ohmy.bid%2Fcm%3Fdsp_id%3D83%26uid%3DafME7EBkXOU&n=1
https://cmr.bidderstack.com/solta/cm?user_id=afME7EBkXOU

44 B
271 B

597ms
113ms

Image
image/gif

185.149.242.236
SELECTEL JSC Sele...

General

Check archive.org

Download Go to Show image

Full URL: https://cmr.bidderstack.com/solta/cm?user_id=afME7EBkXOU
Requested by: Host: sp.ohmy.bid
URL: https://sp.ohmy.bid/cmft
Protocol: HTTP/1.1
Server: 185.149.242.236 St Petersburg, Russian Federation, ASN49505 (SELECTEL JSC Selectel, RU),
Reverse DNS
Software: Angie /
Resource Hash: 82cb517a8f80c91dfcec543c6d140deb3baaf463ea9e77655475096eba7bc7d9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
Referer

Response headers

x-from: nrr-1
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Content-Length: 44
Date: Thu, 30 Apr 2026 07:29:51 GMT
Content-Type: image/gif
Server: Angie

Redirect headers

cache-control: no-store
location: https://cmr.bidderstack.com/solta/cm?user_id=afME7EBkXOU
Connection: keep-alive
access-control-allow-credentials: true
referrer-policy: no-referrer
access-control-allow-origin: *
server-timing: app;srv=s23;dur=0.0016
Content-Length: 0
Date: Thu, 30 Apr 2026 07:29:50 GMT
Server: nginx

GET
H3

200

csync
code.moviead55.ru/go/ Frame 4C4D
Redirect Chain

https://code.moviead55.ru/go/cinit?cn=otmbid&rnd=1777534188
https://sync.dmp.otm-r.com/match/skyadvert
https://code.moviead55.ru/go/csync?cn=otmbid&bid=NjlmMzA0ZWMyZDI2MmU3ZQ%3D%3D

0
169 B

122ms
122ms

Image
image/jpeg

87.242.110.166
SELECTEL-MSK JSC ...

General

Check archive.org

Download Go to Show image

Full URL: https://code.moviead55.ru/go/csync?cn=otmbid&bid=NjlmMzA0ZWMyZDI2MmU3ZQ%3D%3D
Requested by: Host: s1.turoktvcom.lol
URL: https://s1.turoktvcom.lol/
Protocol: H3
Server: 87.242.110.166 , Russian Federation, ASN50340 (SELECTEL-MSK JSC Selectel, RU),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
Referer: https://s1.turoktvcom.lol/

Response headers

alt-svc: h3=":443"; ma=86400
content-length: 0
date: Thu, 30 Apr 2026 07:29:49 GMT
content-type: image/jpeg
x-movieads-country: PT
server: nginx

Redirect headers

access-control-allow-origin: *
location: https://code.moviead55.ru/go/csync?cn=otmbid&bid=NjlmMzA0ZWMyZDI2MmU3ZQ%3D%3D
content-length: 0
date: Thu, 30 Apr 2026 07:29:49 GMT

GET
H2

204

match
dm.hybrid.ai/ Frame 4C4D
Redirect Chain

https://code.moviead55.ru/go/cinit?cn=hbrd&rnd=1777534188
https://dm.hybrid.ai/match?id=436&burl=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dhbrd%26bid%3D%24%7BVID%7D

0
284 B

243ms
78ms

Image
text/plain

37.230.131.16
HYBRID-Poland HYB...

General

Check archive.org

Download Go to Show image

Full URL

https://dm.hybrid.ai/match?id=436&burl=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dhbrd%26bid%3D%24%7BVID%7D

Requested by

Host: s1.turoktvcom.lol
URL: https://s1.turoktvcom.lol/

Protocol

Server

37.230.131.16 Amsterdam, Netherlands, ASN200197 (HYBRID-Poland HYBRID ADTECH SP.Z.O.O., PL),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
Referer: https://s1.turoktvcom.lol/

Response headers

cache-control: no-cache, no-store
pragma: no-cache
access-control-allow-credentials: true
expires: -1
access-control-allow-origin: https://s1.turoktvcom.lol
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
x-mode: 5015
date: Thu, 30 Apr 2026 07:26:28 GMT
x-xss-protection: 1; mode=block
server: Hybrid Web Server

Redirect headers

alt-svc: h3=":443"; ma=86400
location: https://dm.hybrid.ai/match?id=436&burl=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dhbrd%26bid%3D%24%7BVID%7D
content-length: 0
date: Thu, 30 Apr 2026 07:29:49 GMT
x-movieads-country: PT
server: nginx

GET
H/1.1 204
No Content ut Show response
kimberlite.io/rtb/ Frame 4C4D 0
377 B 173ms
173ms XHR
text/plain 37.0.127.86
NETRACK-AS Start2...

General

Check archive.org

Download Go to

Full URL: https://kimberlite.io/rtb/ut?v=1&u=%2C%2C1777534188424720601%2C%2C%2C%2C9ac68c4c201151c8d8f10fb3e1b56323%2C
Requested by: Host: kimberlite.io
URL: https://kimberlite.io/rtb/ujs?ymss=skyadvert
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 37.0.127.86 Moscow, Russian Federation, ASN61400 (NETRACK-AS Start2 LLC, RU),
Reverse DNS: s17.kimberlie.io
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://s1.turoktvcom.lol/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-control: no-cache
access-control-allow-origin: https://s1.turoktvcom.lol
server-timing: app;srv=s27a;dur=0.0005
Date: Thu, 30 Apr 2026 07:29:49 GMT
Server: nginx
Connection: keep-alive
access-control-allow-credentials: true

GET
H3

200

csync
code.moviead55.ru/go/ Frame 4C4D
Redirect Chain

https://code.moviead55.ru/go/cinit?cn=btwckrus&rnd=1777534188
https://ads.betweendigital.com/match?bidder_id=46203&callback_url=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dbtwckrus%26bid%3D%24%7BUSER_ID%7D
https://code.moviead55.ru/go/csync?cn=btwckrus&bid=543df9aa-0e0f-5278-af32-b0b2c6c1b45e

0
176 B

123ms
122ms

Image
image/jpeg

87.242.110.166
SELECTEL-MSK JSC ...

General

Check archive.org

Download Go to Show image

Full URL: https://code.moviead55.ru/go/csync?cn=btwckrus&bid=543df9aa-0e0f-5278-af32-b0b2c6c1b45e
Requested by: Host: s1.turoktvcom.lol
URL: https://s1.turoktvcom.lol/
Protocol: H3
Server: 87.242.110.166 , Russian Federation, ASN50340 (SELECTEL-MSK JSC Selectel, RU),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
Referer: https://s1.turoktvcom.lol/

Response headers

alt-svc: h3=":443"; ma=86400
content-length: 0
date: Thu, 30 Apr 2026 07:29:49 GMT
content-type: image/jpeg
x-movieads-country: PT
server: nginx

Redirect headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
location: https://code.moviead55.ru/go/csync?cn=btwckrus&bid=543df9aa-0e0f-5278-af32-b0b2c6c1b45e
content-length: 0

GET
H3 204 logger
logger.moviead55.ru/ Frame 4C4D 0
102 B 123ms
122ms Image
text/plain 87.242.110.166
SELECTEL-MSK JSC ...

General

Check archive.org

Download Go to Show image

Full URL: https://logger.moviead55.ru/logger?v=02aaceb3f3c05eb335337785785d6573&c=6e7f0056-2fa1-b3cd-09e9-5ea76e50bb8d&t=player_loaded&a=&m=%7B%22sub_id%22%3A%22ap%22%2C%22loadTime%22%3A1.01%2C%22version%22%3A%221777464586725%22%2C%22platform_id%22%3A2%2C%22vt%22%3A18%2C%22dv%22%3Atrue%2C%22l%22%3A%22https%3A%2F%2Fs1.turoktvcom.lol%2F%22%2C%22scr%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22c%22%3A24%2C%22iw%22%3A760%2C%22ih%22%3A300%7D%7D&o=%7B%220%22%3A%22https%3A%2F%2Fs1.turoktvcom.lol%22%7D&s2=1
Requested by: Host: s1.turoktvcom.lol
URL: https://s1.turoktvcom.lol/
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 87.242.110.166 , Russian Federation, ASN50340 (SELECTEL-MSK JSC Selectel, RU),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://s1.turoktvcom.lol/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

x-logger-tdb: skyadvert
alt-svc: h3=":443"; ma=86400
date: Thu, 30 Apr 2026 07:29:49 GMT
x-movieads-country: PT
server: nginx

GET
H2 204 vancouver
code.moviead55.ru/ Frame 4C4D 0
0 129ms
128ms Fetch 87.242.110.166
SELECTEL-MSK JSC ...

General

Check archive.org

Download Go to

Full URL: https://code.moviead55.ru/vancouver?rnd=1777534189765
Requested by: Host: kimberlite.io
URL: https://kimberlite.io/rtb/ujs?ymss=skyadvert
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.242.110.166 , Russian Federation, ASN50340 (SELECTEL-MSK JSC Selectel, RU),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://s1.turoktvcom.lol/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
Accept: application/json
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

access-control-allow-origin: https://s1.turoktvcom.lol
timing-allow-origin: https://s1.turoktvcom.lol
alt-svc: h3=":443"; ma=86400
date: Thu, 30 Apr 2026 07:29:49 GMT
vary: Origin
server: nginx
x-movieads-country: PT

GET
H2

200

MovieAds
sync.opendsp.ru/match/ Frame 4C4D
Redirect Chain

https://code.moviead55.ru/go/cinit?cn=dgm2&rnd=1777534188
https://sync.opendsp.ru/match/MovieAds?id=1cbe2ce8-6f38-b9e2-ec3c-9e76a798f738

43 B
158 B

640ms
126ms

Image
image/gif

176.114.85.200
SELECTEL-MSK JSC ...

General

Check archive.org

Download Go to Show image

Full URL

https://sync.opendsp.ru/match/MovieAds?id=1cbe2ce8-6f38-b9e2-ec3c-9e76a798f738

Requested by

Host: s1.turoktvcom.lol
URL: https://s1.turoktvcom.lol/

Protocol

Server

176.114.85.200 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK JSC Selectel, RU),

Reverse DNS

Software

nginx /

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
Referer: https://s1.turoktvcom.lol/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 43
date: Thu, 30 Apr 2026 07:29:50 GMT
content-type: image/gif
server: nginx

Redirect headers

alt-svc: h3=":443"; ma=86400
location: https://sync.opendsp.ru/match/MovieAds?id=1cbe2ce8-6f38-b9e2-ec3c-9e76a798f738
content-length: 0
date: Thu, 30 Apr 2026 07:29:49 GMT
x-movieads-country: PT
server: nginx

POST
H2 200 yhb Show response
yhb.p.otm-r.com/ 11 B
277 B 150ms
148ms XHR
text/plain 94.139.250.243
YACLOUDBMS Yandex...

General

Check archive.org

Download Go to

Full URL: https://yhb.p.otm-r.com/yhb
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 94.139.250.243 Asbest, Russian Federation, ASN210656 (YACLOUDBMS Yandex.Cloud LLC, RU),
Reverse DNS
Software: /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://s1.turoktvcom.lol/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
Content-Type: text/plain
sec-ch-ua-mobile: ?0

Response headers

access-control-allow-origin: https://s1.turoktvcom.lol
content-length: 11
date: Thu, 30 Apr 2026 07:29:49 GMT
content-type: text/plain; charset=utf-8
vary: Origin
access-control-allow-credentials: true

POST
H2 200 adfoxhb Show response
ssp-rtb.sape.ru/ 11 B
204 B 141ms
138ms XHR
application/json 193.3.184.91
QWARTA QWARTA LLC

General

Check archive.org

Download Go to

Full URL: https://ssp-rtb.sape.ru/adfoxhb
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.184.91 , Russian Federation, ASN50214 (QWARTA QWARTA LLC, RU),
Reverse DNS
Software: openresty /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://s1.turoktvcom.lol/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
Content-Type: text/plain
sec-ch-ua-mobile: ?0

Response headers

access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-allow-origin: https://s1.turoktvcom.lol
content-length: 11
accept-encoding: gzip, zstd, identity
date: Thu, 30 Apr 2026 07:29:49 GMT
content-type: application/json
server: openresty

POST
H/1.1 200
OK adfox Show response
kimberlite.io/rtb/bid/hb/ 11 B
374 B 143ms
142ms XHR
text/plain 37.0.127.86
NETRACK-AS Start2...

General

Check archive.org

Download Go to

Full URL: https://kimberlite.io/rtb/bid/hb/adfox
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 37.0.127.86 Moscow, Russian Federation, ASN61400 (NETRACK-AS Start2 LLC, RU),
Reverse DNS: s17.kimberlie.io
Software: nginx /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://s1.turoktvcom.lol/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
Content-Type: text/plain
sec-ch-ua-mobile: ?0

Response headers

access-control-allow-origin: https://s1.turoktvcom.lol
server-timing: app;srv=s4a;dur=0.0026
Content-Length: 11
Date: Thu, 30 Apr 2026 07:29:49 GMT
Server: nginx
Connection: keep-alive
access-control-allow-credentials: true

POST
H/1.1 204
No Content bid.cgi Show response
pb.adriver.ru/cgi-bin/ 0
324 B 128ms
125ms XHR
text/plain 195.209.109.142
ADRIVER LLC AdRiver

General

Check archive.org

Download Go to

Full URL: https://pb.adriver.ru/cgi-bin/bid.cgi
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 195.209.109.142 , Russian Federation, ASN52007 (ADRIVER LLC AdRiver, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://s1.turoktvcom.lol/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
Content-Type: text/plain
sec-ch-ua-mobile: ?0

Response headers

Cache-control: no-cache, max-age=0, must-revalidate, no-store
Pragma: no-cache
Connection: keep-alive
Access-Control-Allow-Credentials: true
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Access-Control-Allow-Origin: https://s1.turoktvcom.lol
Content-Length: 0
Date: Thu, 30 Apr 2026 07:29:49 GMT

POST
H3 204 auction Show response
pbs.alfasense.com/yandex/ 0
580 B 277ms
275ms XHR
text/plain 188.114.97.3
Cloudflare

General

Check archive.org

Download Go to

Full URL: https://pbs.alfasense.com/yandex/auction
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://s1.turoktvcom.lol/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
Content-Type: text/plain
sec-ch-ua-mobile: ?0

Response headers

x-bid: d7pg9r9gv6k2htu2tpb0
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
x-error: empty targeted bids
cf-ray: 9f44d66eee8f344b-MAD
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=xFMjx986%2FT673PnajNDd8P20b21WjJmX%2BY1wO2jk6siQd1kD0x6Tt8FxfASE3Sh%2FOlU5P0ZuBziykbtJBJwPCuwQ%2Fd8ZLmyX5koelDxLbzXy1G0nGvbpLZpiMzAVKrXEfEn2%2Fw%3D%3D"}]}
access-control-allow-origin: https://s1.turoktvcom.lol
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 30 Apr 2026 07:29:50 GMT
server: cloudflare
priority: u=1,i
access-control-allow-headers: Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT

POST
H/1.1 200
OK bids Show response
ssp.al-adtech.com/api/adfox/ 11 B
275 B 130ms
128ms XHR
application/json 45.139.25.121
PROCLOUD KVIKTEL LLC

General

Check archive.org

Download Go to

Full URL: https://ssp.al-adtech.com/api/adfox/bids
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.139.25.121 Moscow, Russian Federation, ASN34959 (PROCLOUD KVIKTEL LLC, RU),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://s1.turoktvcom.lol/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
Content-Type: text/plain
sec-ch-ua-mobile: ?0

Response headers

Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://s1.turoktvcom.lol
Content-Length: 11
Date: Thu, 30 Apr 2026 07:29:49 GMT
Content-Type: application/json
Vary: Origin
Server: nginx/1.20.1

POST
H2 200 adfox Show response
exchange.buzzoola.com/ssp/ 11 B
334 B 132ms
128ms XHR
text/plain 45.138.161.89
SELECTEL-MSK JSC ...

General

Check archive.org

Download Go to

Full URL: https://exchange.buzzoola.com/ssp/adfox
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.138.161.89 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK JSC Selectel, RU),
Reverse DNS
Software: nginx /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://s1.turoktvcom.lol/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
Content-Type: text/plain
sec-ch-ua-mobile: ?0

Response headers

serverid: TODO
access-control-expose-headers: Set-Cookie, Etag
access-control-allow-credentials: true
access-control-allow-origin: https://s1.turoktvcom.lol
content-length: 11
date: Thu, 30 Apr 2026 07:29:49 GMT
content-type: text/plain; charset=utf-8
server: nginx
access-control-allow-headers: Set-Cookie, X-Alt-Referer, X-First-Party-Cookie, X-Aidata-FP, If-None-Match

POST
H/1.1 200
OK / Show response
hb.bumlam.com/yandex/ 11 B
269 B 145ms
142ms XHR
application/json 31.172.81.160
DE-FIRSTCOLO firs...

General

Check archive.org

Download Go to

Full URL: https://hb.bumlam.com/yandex/
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 31.172.81.160 , Germany, ASN44066 (DE-FIRSTCOLO firstcolo GmbH, DE),
Reverse DNS
Software: nginx /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://s1.turoktvcom.lol/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
Content-Type: text/plain
sec-ch-ua-mobile: ?0

Response headers

Access-Control-Allow-Origin: https://s1.turoktvcom.lol
Content-Length: 11
Date: Thu, 30 Apr 2026 07:29:49 GMT
Content-Type: application/json; charset=utf-8
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

POST
H2 200 adjson Show response
ads.betweendigital.com/ 11 B
292 B 98ms
94ms XHR
application/json 188.42.189.231
Servers.com

General

Check archive.org

Download Go to

Full URL: https://ads.betweendigital.com/adjson?t=adfox
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.42.189.231 , Luxembourg, ASN7979 (SERVERS-COM - Servers.com, Inc., US),
Reverse DNS
Software: /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://s1.turoktvcom.lol/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
Content-Type: text/plain
sec-ch-ua-mobile: ?0

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-origin: https://s1.turoktvcom.lol
content-encoding: gzip
content-type: application/json
vary: Accept-Encoding
access-control-allow-credentials: true

GET
H3

200

csync
code.moviead55.ru/go/ Frame 4C4D
Redirect Chain

https://code.moviead55.ru/go/cinit?cn=sapecookie&rnd=1777534188
https://www.acint.net/rmatch?dp=167&euid=1cbe2ce8-6f38-b9e2-ec3c-9e76a798f738&r=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dsapecookie%26bid%3D%24%7BUSER_ID%7D
https://code.moviead55.ru/go/csync?cn=sapecookie&bid=0300007FEC04F369783AB0A402DBCC50

0
175 B

122ms
122ms

Image
image/jpeg

87.242.110.166
SELECTEL-MSK JSC ...

General

Check archive.org

Download Go to Show image

Full URL: https://code.moviead55.ru/go/csync?cn=sapecookie&bid=0300007FEC04F369783AB0A402DBCC50
Requested by: Host: s1.turoktvcom.lol
URL: https://s1.turoktvcom.lol/
Protocol: H3
Server: 87.242.110.166 , Russian Federation, ASN50340 (SELECTEL-MSK JSC Selectel, RU),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
Referer: https://s1.turoktvcom.lol/

Response headers

alt-svc: h3=":443"; ma=86400
content-length: 0
date: Thu, 30 Apr 2026 07:29:50 GMT
content-type: image/jpeg
x-movieads-country: PT
server: nginx

Redirect headers

cache-control: private, no-cache, no-store, must-revalidate, max-age=0
location: https://code.moviead55.ru/go/csync?cn=sapecookie&bid=0300007FEC04F369783AB0A402DBCC50
expires: Wed, 19 Apr 2000 11:43:00 GMT
content-length: 154
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
date: Thu, 30 Apr 2026 07:29:50 GMT
content-type: text/html
server: openresty

GET
H2

204

match
dm.hybrid.ai/ Frame 4C4D
Redirect Chain

https://code.moviead55.ru/go/cinit?cn=solta&rnd=1777534188
https://kimberlite.io/rtb/sync/skyadvert?u=1cbe2ce8-6f38-b9e2-ec3c-9e76a798f738
https://exchange.buzzoola.com/cookiesync/redirect?redirect_url=https%3A%2F%2Fkimberlite.io%2Frtb%2Fsync%2Fbuzzoola%3Fu%3D%24%7BUUID%7D%26f%3Dhttps%253A%252F%252Fcode.moviead55.ru%252Fgo%252Fcsync%2...
https://kimberlite.io/rtb/sync/buzzoola?u=246dc19e-77d7-4a20-4c97-45f6c9922419&f=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dsolta%26bid%3DafME7EBkXOU&n=1
https://dm.hybrid.ai/match?id=414

0
238 B

78ms
78ms

Image
text/plain

37.230.131.16
HYBRID-Poland HYB...

General

Check archive.org

Download Go to Show image

Full URL

https://dm.hybrid.ai/match?id=414

Requested by

Host: s1.turoktvcom.lol
URL: https://s1.turoktvcom.lol/

Protocol

Server

37.230.131.16 Amsterdam, Netherlands, ASN200197 (HYBRID-Poland HYBRID ADTECH SP.Z.O.O., PL),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache, no-store
pragma: no-cache
expires: -1
access-control-allow-origin: *
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
x-mode: 5039
date: Thu, 30 Apr 2026 07:26:28 GMT
x-xss-protection: 1; mode=block
server: Hybrid Web Server

Redirect headers

cache-control: no-store
location: https://dm.hybrid.ai/match?id=414
Connection: keep-alive
access-control-allow-credentials: true
referrer-policy: no-referrer
access-control-allow-origin: *
server-timing: app;srv=s7;dur=0.0009
Content-Length: 0
Date: Thu, 30 Apr 2026 07:29:50 GMT
Server: nginx

GET
H3 200 jmap Show response
code.moviead55.ru/go/ Frame 4C4D 29 KB
4 KB 124ms
124ms Fetch
application/json 87.242.110.166
SELECTEL-MSK JSC ...

General

Check archive.org

Download Go to

Full URL: https://code.moviead55.ru/go/jmap?v=02aaceb3f3c05eb335337785785d6573&sid=ap&cp.referer=https%3A%2F%2Fs1.turoktvcom.lol%2F&it=1&tq=2&cp.cb=02117e86-0602-abb7-a8b5-3d241b3a6c45&session=6e7f0056-2fa1-b3cd-09e9-5ea76e50bb8d&position=pre&vt=18&ostream=true&isp=1&suri=https%3A%2F%2Fs1.turoktvcom.lol%2F&rnd=1777534190066&raw=yes&ma=1cbe2ce8-6f38-b9e2-ec3c-9e76a798f738&tanc=https%3A%2F%2Fs1.turoktvcom.lol&ancs=[%22https://s1.turoktvcom.lol%22]
Requested by: Host: kimberlite.io
URL: https://kimberlite.io/rtb/ujs?ymss=skyadvert
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 87.242.110.166 , Russian Federation, ASN50340 (SELECTEL-MSK JSC Selectel, RU),
Reverse DNS
Software: nginx /
Resource Hash: 8ddc4654252243a3fe2f4b59e09f0452b4e526c14da355ac4af413dfa01bfdc8

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://s1.turoktvcom.lol/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
Accept: application/json
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-encoding: gzip
x-skyadvert-ark: true
x-go2-country: 00
x-skyadvert-udata: cache,parsed,154741
x-skyadvert-cors-qex: Referer
x-skyadvert-plc: 0
x-skyadvert-path: /
date: Thu, 30 Apr 2026 07:29:50 GMT
content-type: application/json;charset=UTF-8
vary: accept-encoding, Origin
x-go-country: PT
x-skyadvert-qmc: PT
x-skyadvert-alc: 5
x-skyadvert-rdb: 0
x-go2-json: {"Iso3Country":"","country":"00","city":"00","country_name":"00","lat":"00","long":"00","isp":"Unknown","asn":"00","country_id":0,"city_id":0,"ut":"Unknown"}
server-timing: range_links;dur=0.0000, validations_430;dur=0.0000, queueSort;dur=0.0000, corsParams;dur=0.0000, keyValidation;dur=0.0000, wmData;dur=0.0000, getQueueBuilder;dur=0.0000, buildTagsQueue;dur=0.0000, validations_429;dur=0.0000, validations_1198;dur=0.0000, jmapParams;dur=0.0000, attachTracking;dur=0.0000, getJson;dur=0.0000, initBuilder;dur=0.0000, getLinks;dur=0.0000, validations_428;dur=0.0000, optProc;dur=0.0000, uData;dur=0.0000, qManager;dur=0.0000
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: https://s1.turoktvcom.lol
x-skyadvert-ctvs: 5
x-movieads-country: PT
server: nginx

GET
H2 200 v2 Show response
yandex.ru/ads/adfox/389280/getBulk/ 170 B
633 B 1030ms
1030ms XHR
application/json 77.88.55.88
YANDEX YANDEX LLC

General

Check archive.org

Download Go to

Full URL

https://yandex.ru/ads/adfox/389280/getBulk/v2?pr=4177928059&pr1=492193391&dl=https%3A%2F%2Fturoktvcom.lol&prr=&extid_loader=MTc3NzUzNDE4ODQyNDcyMDYwMQ%3D%3D&extid_tag_loader=s1.turoktvcom.lol&fa=&date=2026-04-30T07%3A29%3A50.156%2B00%3A00&pd=30&pw=4&pv=7&pdw=1600&pdh=1200&ylv=0.1304851&ybv=0.1304851&ytt=151182848819205&is-turbo=0&skip-token=&ad-session-id=503341777534188569&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22isInIframe%22%3Afalse%2C%22w%22%3A273%2C%22h%22%3A0%2C%22width%22%3A0%2C%22height%22%3A600%2C%22visible%22%3A0%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A1051%2C%22top%22%3A1200%2C%22req_no%22%3A1%2C%22ad_no%22%3A0%7D&pcode-version=1304851&yaru=true&p2=jifh&pp=bwdx&ps=mkqd&ld=https%3A%2F%2Fturoktvcom.lol&slotNumber=2&bids=W3siYmlkZGVyTmFtZSI6Im90bSIsImNhbXBhaWduX2lkIjoxNjk4MDIyLCJyZXNwb25zZV90aW1lIjoxNTMsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiIxNDk2NDQifSx7ImJpZGRlck5hbWUiOiJzYXBlIiwiY2FtcGFpZ25faWQiOjE2OTgwMjUsInJlc3BvbnNlX3RpbWUiOjE0NSwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjEwNjczNDcifSx7ImJpZGRlck5hbWUiOiJzb2x0YSIsImNhbXBhaWduX2lkIjoyNzI0MTM4LCJyZXNwb25zZV90aW1lIjoxNDcsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiI2Ny1HbDJTZCJ9LHsiYmlkZGVyTmFtZSI6ImFkcml2ZXIiLCJjYW1wYWlnbl9pZCI6MTY5ODAyNCwicmVzcG9uc2VfdGltZSI6MTM0LCJlcnJvciI6eyJjb2RlIjo0fSwicGxhY2VtZW50X2lkIjoiOTk6dHVyb2t0dmNvbS5sb2xfMzAweDYwMF9EX1NpZGViYXJfMSJ9LHsiYmlkZGVyTmFtZSI6ImFsZmFzZW5zZSIsImNhbXBhaWduX2lkIjozMTcwNTE0LCJyZXNwb25zZV90aW1lIjoyODAsImVycm9yIjp7ImNvZGUiOjR9LCJwbGFjZW1lbnRfaWQiOiIxMjIzODgifSx7ImJpZGRlck5hbWUiOiJhc3RyYWxhYiIsImNhbXBhaWduX2lkIjoyMjkyOTEwLCJyZXNwb25zZV90aW1lIjoxMzYsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiI2OWQ4ZDg5YmU4ODFjYzE3YWQyMjFiZWIifSx7ImJpZGRlck5hbWUiOiJidXp6b29sYSIsImNhbXBhaWduX2lkIjoxNjk4MDIwLCJyZXNwb25zZV90aW1lIjoxMzYsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiIxMzIwNTc0In0seyJiaWRkZXJOYW1lIjoibWVkaWFzbmlwZXIiLCJjYW1wYWlnbl9pZCI6Mjg4MDU0OSwicmVzcG9uc2VfdGltZSI6MTQ5LCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiNDA2ODEifSx7ImJpZGRlck5hbWUiOiJiZXR3ZWVuZGlnaXRhbCIsImNhbXBhaWduX2lkIjoxNjk4MDE3LCJyZXNwb25zZV90aW1lIjoxMDIsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiI0ODg5ODkzIn1d&utf8=%E2%9C%93&duid=MTc3NzUzNDE4ODQyNDcyMDYwMQ%3D%3D&pcode-test-ids=1387855%2C0%2C35%3B1520060%2C0%2C87%3B1519498%2C0%2C18%3B1539372%2C0%2C76%3B1471934%2C0%2C50%3B1534006%2C0%2C85%3B1538641%2C0%2C18%3B1549206%2C0%2C98%3B1513556%2C0%2C46%3B1543959%2C0%2C49%3B1545953%2C0%2C6%3B1551119%2C0%2C58%3B1503322%2C0%2C28%3B1485712%2C0%2C83%3B1536911%2C0%2C50%3B1534168%2C0%2C89%3B1513551%2C0%2C79%3B1556135%2C0%2C79%3B1550660%2C0%2C81%3B1533445%2C0%2C43%3B912286%2C0%2C36%3B1533436%2C0%2C93&csrf-token=7e69487f088889682567257ba16d1a579390d7b5%3A1777534187&pcode-uid=7151346401777534187&pcode-flags-map=eJyFllGP4yYUhf9LnkcrMGCD34i5dtAQ8AJ2Jq2qq9nd2VbqaFt1p1Wr1fz3leM0rTNS%2FBQlgo%2FLuece8m1z1KlPWW8djBA39Y%2FfNn89Pv%2F5tKk39J0s5DvKlGSbu83L09cX%2B2n6WQiqSrp5%2FeluM%2BqE82YcISYb%2FJLACC1ludjNeMWFvOx2ocMm%2BAw%2BoxmizjZ47CE24POStaQUFSmLE8XYdCrAQMoxHBEeMkSvHTYRdLYjoDY4JIjYuJAAYbxGP%2F39%2BwLOuSoqsXm9W1lSXG4RodGuGZzOgBHeD5Ay7iHvgsE2RDxE3fcQcYju9sGCCC5O1PcRt0439%2Bhsytg4OwlkTVpqQlTBpOKilrKqioKSmhFFyoKUoqZEcF4qIWtGVamqUrCaEU5JwQirlaKcEFHVlBJCaVGRmlFJOSmraRktCJEFrSnhhHOhipoVlBVcXnmBV5QUsxe0MWj3ugPstHMQj2g9ehhimFpjO3%2F76pIqwv8FWd%2Fh9DG5QTvsddR7yBDTSU5jU452O%2BRrv72FlkrJ242clszngj%2F5qI%2BwtQbNYM1NuCBSqblZQwJMU9t9ttqhC9pMpptqTfe2xxzu4XalgjImycVP7XRfnEzjDY7WQMDkQsYc0IT9bRLjlMlLWVnHDjJGaGfpHPZNMLCOqG4gRp3WAeUJ0IGHqB2mHHWG7ogHm3cYet3YfFxAPj8%2BP394%2FPgr%2Fvbl%2BZ8ljlNK1QnX2gc8WG%2FCAX0I%2FQS%2FXQkX1TknHGjThrhPOGpnzTSq%2FS74FSm4qPh89Em3lbTjkpOrrOTqnHZne6UcQe%2FPTT3ANqSCUIkjW7A%2BvjxfK0pIeWmJPwdbzrrZYdppEw4rHZEln%2Bc0pR732jqMw7mK1rq8qqMqzueb1M%2Bu7kOyb0bwTeGUCTFv7HVMMNsPrW8DWp%2FDOSGa4Fvb4cgXsJfHP35%2BerkqhCmh%2FsdLu2j9PU7GSPYHwBSG2Kw19cIII0Snj6h7hId%2B6cev105Qgs2dTAl8c3px7nPosXUhRNTmthDiYuJpwqdn9yw%2F%2BM56mL5ovZI4jBWzmXe6762HlDANcYQj2uaqEb88fvl0lXSiosXiAvuwtQ6wTSveKxWdvdMOzqUmAnhMKeIOtIGI3UpQMk5LufROaNsEy1f48wek5K136H%2FD9%2BYPyjRwgl7JXFI2pfLrd5emhcM%3D&pcode-icookie=2kvauwxAdYLezKvtMPy7K67PHnKhemKM6waj0iKWKJXsKpe6KJo%2FdSf8FRITj6%2BQix1MWvzQRNdrJknuwI9r55tGQqI%3D&disable-base64=1&top-ancestor=https%3A%2F%2Fs1.turoktvcom.lol&top-ancestor-undetermined=0&tga-with-creatives=1&banner-lang=ru&grab-orig-len=4224&grab=eyJncmFiX3ZlcnNpb24iOjJ9ChKkpIzsJu4B1NiBuU3T8_TWHisRGdJkJVV7G4q0J_wpnbR1y5nesG06kjT5-HilrU859IY2NKk2TfucptwAemZAb6BtEVAw5jKXmdvsu2qiuuopmovRIoIFDYpgWU-VUFDS6qlSHTWtPtEmlCltCCmQBvJQEAIdSCuA5DBqSBjyQnFAGgprGNcQe0FiB9IQJyBentFhBGRnLAzgLcN44MsWtHzBSZYjaQ2jUFID-fKVLdCCpZ5fA-IQwrIRDE285Y-znHDDCMh6hl5cT5EmuqrRUaQoGalTBY1Sq0q0ag1jpVFrklSToGQMARKKly3EBRSG_N5vVzwhZGG8gMKlKm4i8qSz-iddyAE-kJUVZUPAMK4zUw35uyrEU_uJF9SONsORBSTDWzbcounyThbNIJydD-C7Oz_cqsFoQFdDvAUjmmXZddpUQwAv1fKFM73C_aIh_i4ur6FoYUhCPvraLHcs0XBGX8-Bv0BGbz7c3V9WVp6ux0sq2dDOCSTHWksv3OEX4m_TF0tEnwvnDRcXBt337dYsQFqaPZR2H4Q7t9zHeWGIa2JkcGMVkhQh8GoltcKDW-zavSOJXUDhThFDWGKkO_K5s666ph3-x-cFcKaOp3uS7vlnHLqdGOItrxmdodMZuZoaYaWh1CkUKBlBUDDS6qm1iAv08E-VtHpdBoJSjVRdNWrglTrV8lOodBpaFIAGLEiARwEoPcNBggIS4A7Hw95MrabQaTWMtCaQQQK5cNQz6E545tjEmpEnmjqAICjMy2wYh0TT3ql8PcOXZci7km8yUGq9O-poEi3idFkD7KOJn-bEJ5Zh-J0PbQjZnSpTM_a8Bd0jLtAMQyK3zVbQrklVahU5pU5p1iYphfnRvuo0Wgq_eyGMV9vsK9yNJu2EebAhpsGCI-kEr6OIKTRBfUXFoWDqUvxklTCFcOiLt9hdQI8tuBPkJktEzOjtqz3afBQ-0TZQ4k8O1Fz2QwBTyII0ZHWSyCaxmEB8F4VooeB2ys-kvK0DEqYQC9RgQN2CET5uwpmAyxTCgV3chbD4TvKQuGX4cLlEdQOZMax75rqkjHu61xe89PjMSNZ_a7DbQoLHZtHDnASsdxTYpUlu3nwaZwKPCTUDzLZ4XQD-XPlZYIKEHfFsoJoUhZY65S6dlx9Y63uXTMIlHM5c3HnaUQDLuYOXqUaHuPd5SOLVX8aoP3Jh6PvUmVzYwbP5b62236Kno_P4OI_DhcHJy4DaaMkLoLYnd-NYYYfGivS-dvt7Fwv3oRcOVgTDHK_6JyconOisOBGdU1SiRx7Jkgs07unbgNpc0KC24vI4wv-DWnfh99fJ4f6DAesY2D5HfOwldeIgYFIFELSA0PqjW_YL1FSjBVWr1CGh0GVOFrgp7w3qDPE_JfZxBXTLVoGGOEVBrkSS-4vOkgrCvzb-QsF_8Qqb_MLQyH4D0JAhS5O8g-UKu7waCT0qVMbMz6o8Cd2WeeFiMLDFV5tIbpdQkNdXzt_-RWqD0X1m3DngZqFMadQUFKmG-mH4wZiRs8Ipzlnh-dnxP4r8tu8ayd6wCw5UQD7utmEdbdEJx3C-Bc06Wjk6TXCrDecZG91qL0ZpR0qyiSYLJ7btjYOimdpMmSZJqpxnwrG8_wXGyp3zoCNPqNTnNZu37T2ZtX97g5vId44eRtS6ZBPPiMpEbzQZ0FqRnqSIkqpdY3QXRjZj8SYi9scX77WbO7yufcyDaZy75Gs3KCCZprdFAvcmyJoskKbdY1beIezhi-8T4uUhmwf7zAJqYAcIahsao60PgGuipXtQNyIF8PrHPexMyXmt1_aS9p6mxDf2_ox5GC7xXZijB-iMpm0AePeAwNO9qPTDYxo9usyF3f62orx4y5iLzfFYSkXlfmNGNvfj57Adz02GPZ-wAzi39RGEEiBa9AkYn_1-LJ89lj99-fhjS7FNUiiLKVHW1pcU5dC-2-Dew2FIVPzKMBPkyKdIlGoN0vafDa5wKWZvn4gSzSxfKzJEZnpXaEaqVJOrQFSkSm2q8NxTv6XQSticLky9LK5tSUAdJe03g-t9Wx77wEGPhnzDI2qD3_WpS89CD27gtBHhvUurxMF_Uzp0YGdRGMcHYdaJ4mXnjoXt0BjB0nown6sTJIG7ovQ-DQsboqUHSxtaphIWsIfdguxsfWdWpDRJWXDG9uT0eOnODjwsqrPouOosh56RnT6PxWIJ1fvP6D3hA1dTVQozpVaDhNGO9XVnCwFIch1lUUpf7Xp9XeQgisrgZcOJlVADWNfTi_PIV66QDq16BiqDA_sx6wqQr7GH0KYB0KNzwvi7EN1-E7ZmdYs0xvjLEOSnVD2qfYzfFcnN6MmZCMN3ZuP4XKSizRIXdH2yfMsxxfz0RiP9f9-6fRKM3xDCova-_iBr3TDDKtBvdw4iowTjrwTlKKWDrlVKJb5znoPVKbYuSILRk0z-sB2PkY8J3NzV-3OQZbWE70aPm7CNC6RakJelv7yvAIw_qx1iJGZYBVqx2nEekyUlwGFsT1CQ31ivhVydJOo9DrqBraxapBq1MjUrUso9Hoy-XfSl8ebR7BEu6AfCUUC76KLV06SaZNB1XCooHa2hmNXoCgRdgUBbINAUCNALBOoCgapA0BsP3mNz7zYgpoh2N5PJ5CWXvrfNe7PWxLsU8tst-iw4bSFs7UUtOHLaAjHIW5LOKlZm-pKuVxU0cV-Euxa1vOjU4I2Y9cDzyr0v7fwf9cX-ls6OuPpBx-pOe5iVVLL4gt0Li1d24ZCQN1WWXW4tfwsxOySC-QVOkQdvPSp_XF4gRT_D9xS3JxcmcaONDMo57ugG_1tPLkmeIozRtzYPfkGgJD0ErLFMrjNd67aljiUzsNeDxqfmot_Yn741cfEOB2WIdWL40kVWN-8sBZUzCuyln0dGeheDdYUXcT2ajxdd-CLbfBdqa4HZkskelNuWYXXLFNvpJC4-3Y4R57GcdNgFsJcsOGGE3lp8eGjw1z-x_IcYvNa2ip4NB71thtnqo6WQl3UlOJnOlhA-afLbiUM1r9HxJpjbKxa7uCEc26e0pz3HHohXdb7CPfkPq_Uml7MuornmgW6KRSNjvFDEE2m_xNCVi_eSsxm3roM5XfdWBTNKtpjf6ehuSPhalbdA6MQevE7T3l1inUvDrBsdbUbvKi-mofF6OEmpfWkt-ibRf2v8QB2VOZ4yvOcc_jQe-yY7N1kkNi3jSq-Kj5Awag_pJNLCfmFMTPeIqMYtUIk3jz0XTJzRhLIAaWujLiApfyIR5xbZLzr4en3D1qudgGeWDR-i5H_PcaPcd7LGGUWdV9qUs-qECN6VpeUVxxHPL7GdGzORUHoKxQULX67Y7_Uj6yOxRcsvG3jCRe0MG8mdY5qsyXDhudjZQ7_ghItbxN6emSqnjrRVxv4qbuk823K0iLSsNJvrxlTz20ffbCFGWf-6vAKNx3Cnv0Zw1GSSweE-4qr58aJHeBI_S9pqx_vijz6-PFtZg1uBHOKHbhTi-hTntZNdDo--k49Db2eVL5vXhW-XAOOoFvsBvhvcNwsm6Y4xj-SyVq-6w2ovhT8-rcvfE2cnF4o563BON70n1mB3hk3Llwyitk2H3hmYnwWvApIssZYrXpK9_iSyKEff2BV_Wzhr5mjyAmK3qNlrrQ_9ICeWx-h45d7PL-T4_Dy7LGCbJqZ6gVqeO8C1hysosPkzlyidRb3ehJYBjsr3n_RkVSXOgrZJkiN2eVPkdIvLo-ZqSvpCx2WnDIwX3woyZW7-W_yz3Onj7N9LkQgA-36jgxvQ4599lcnc3jMV3bQuPjiuX_Lo24ddamketXTW79vKe2EMfvgPc1jdbeUvK8jDxbXFZSckbUIWpDoWB8-LC_-r70Z2LzNmdMc6_Sm3-hIm_HzKiwTP9HAe8SdteRqcPqq9oeS_VOgjiQ1Aq2vXqFveY_e5oVs4t643nNc9biNuyVtaxNajB7DvEfjO-5QHjT8L__6_5PHGrR8Q7PGVQwh7d2-qN9u9RdMwOhrZOVVWqNgsrH7nvh6Xbn9fy3XiTfU90vvriYv1b4W9F8Dgvqh-93dS8bWvnegk-UrVDiZtgrYCtZ2jwwZEplbfuvOgYR6umUatQqjUIqVKaiNZguKDMBgNaOrYOwQvUXF_o4IVEm5uedBBM8HgL6YMRuwRjNgjGLFHzCf2CEb20VZ1OQBiegBo9wBgTwD-

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

77.88.55.88 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

Software

Resource Hash

8ec3fe10f21e5c2fc0237f37c94f3f73923359e3e9a32419bb557341253a4063

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://s1.turoktvcom.lol/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
Content-Type: application/x-www-form-urlencoded
sec-ch-ua-mobile: ?0

Response headers

x-yandex-req-id: 1777534190226512-6013676870864028333-balancer-l7leveler-kubr-yp-sas-67-BAL
content-encoding: gzip
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
x-ads-queuetime: 0.185000
x-content-type-options: nosniff
expires: Mon, 04 Dec 1999 21:29:02 GMT
p3p: policyref=/w3c/w3c.p3p, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
x-ads-loadaverageonarrival: 0.250000
content-type: application/json
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Sec-CH-Viewport-Width, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT, Width, Sec-Ch-Viewport-Height
pragma: no-cache
access-control-allow-credentials: true
x-yt-request-id: e6913749-d5564296-9d5b3d2d-63c6aec8
x-ads-degradation: 0.000000
x-adfox-request-id: 15831719663999764066
x-ads-loadaverage: 0.062500
access-control-allow-origin: https://s1.turoktvcom.lol
x-yt-trace-id: 0-1-0-0
x-xss-protection: 1; mode=block

GET
H3 204 logger
logger.moviead55.ru/ Frame 4C4D 0
102 B 123ms
123ms Image
text/plain 87.242.110.166
SELECTEL-MSK JSC ...

General

Check archive.org

Download Go to Show image

Full URL: https://logger.moviead55.ru/logger?v=02aaceb3f3c05eb335337785785d6573&c=6e7f0056-2fa1-b3cd-09e9-5ea76e50bb8d&t=player_init&a=&m=%7B%22vis%22%3A18%2C%22dv%22%3Atrue%2C%22jmap%22%3A4%2C%22blen%22%3A2%2C%22bounds%22%3A%7B%22x%22%3A0%2C%22y%22%3A0%2C%22width%22%3A4000%2C%22height%22%3A300%2C%22top%22%3A0%2C%22right%22%3A4000%2C%22bottom%22%3A300%2C%22left%22%3A0%7D%7D&o=%7B%220%22%3A%22https%3A%2F%2Fs1.turoktvcom.lol%22%7D&s2=2
Requested by: Host: s1.turoktvcom.lol
URL: https://s1.turoktvcom.lol/
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 87.242.110.166 , Russian Federation, ASN50340 (SELECTEL-MSK JSC Selectel, RU),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://s1.turoktvcom.lol/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

x-logger-tdb: skyadvert
alt-svc: h3=":443"; ma=86400
date: Thu, 30 Apr 2026 07:29:50 GMT
x-movieads-country: PT
server: nginx

GET
H3 204 logger
logger.moviead55.ru/ Frame 4C4D 0
102 B 123ms
123ms Image
text/plain 87.242.110.166
SELECTEL-MSK JSC ...

General

Check archive.org

Download Go to Show image

Full URL: https://logger.moviead55.ru/logger?v=02aaceb3f3c05eb335337785785d6573&c=6e7f0056-2fa1-b3cd-09e9-5ea76e50bb8d&t=stage&a=min_vt_skip&m=%7B%22tag%22%3A%22https%3A%2F%2Fcode.moviead55.ru%2Fvast2%3Fkey%3D02aaceb3f3c05eb335337785785d6573%26sid%3Dautoplay%26cp.adsource%3Dydxn.rus2%26cp.adtype%3Dpre%26vt%3D18%26fp%3D%5Bfp%5D%26w%3D4000%26h%3D300%26vid%3D%26fpro%3D%26rdd1%3Dtrue%26ma%3D1cbe2ce8-6f38-b9e2-ec3c-9e76a798f738%26tanc%3Dhttps%253A%252F%252Fs1.turoktvcom.lol%26suri%3Dhttps%253A%252F%252Fs1.turoktvcom.lol%252F%26cp.session%3D6e7f0056-2fa1-b3cd-09e9-5ea76e50bb8d%26cp.referer%3Dhttps%253A%252F%252Fs1.turoktvcom.lol%252F%26cp.cb%3D02117e86-0602-abb7-a8b5-3d241b3a6c45%22%2C%22mvt%22%3A50%2C%22id%22%3A429%2C%22cvt%22%3A18%2C%22vst%22%3A%22visible%22%7D&o=%7B%220%22%3A%22https%3A%2F%2Fs1.turoktvcom.lol%22%7D&s2=3
Requested by: Host: s1.turoktvcom.lol
URL: https://s1.turoktvcom.lol/
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 87.242.110.166 , Russian Federation, ASN50340 (SELECTEL-MSK JSC Selectel, RU),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://s1.turoktvcom.lol/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

x-logger-tdb: skyadvert
alt-svc: h3=":443"; ma=86400
date: Thu, 30 Apr 2026 07:29:50 GMT
x-movieads-country: PT
server: nginx

GET
H3 204 logger
logger.moviead55.ru/ Frame 4C4D 0
102 B 124ms
124ms Image
text/plain 87.242.110.166
SELECTEL-MSK JSC ...

General

Check archive.org

Download Go to Show image

Full URL: https://logger.moviead55.ru/logger?v=02aaceb3f3c05eb335337785785d6573&c=6e7f0056-2fa1-b3cd-09e9-5ea76e50bb8d&t=stage&a=min_vt_skip&m=%7B%22tag%22%3A%22https%3A%2F%2Fcode.moviead55.ru%2Fvast2%3Fkey%3D02aaceb3f3c05eb335337785785d6573%26sid%3Dautoplay%26cp.adsource%3Dydxn.rus%26cp.adtype%3Dpre%26vt%3D18%26fp%3D%5Bfp%5D%26w%3D4000%26h%3D300%26vid%3D%26fpro%3D%26rdd1%3Dtrue%26ma%3D1cbe2ce8-6f38-b9e2-ec3c-9e76a798f738%26tanc%3Dhttps%253A%252F%252Fs1.turoktvcom.lol%26suri%3Dhttps%253A%252F%252Fs1.turoktvcom.lol%252F%26cp.session%3D6e7f0056-2fa1-b3cd-09e9-5ea76e50bb8d%26cp.referer%3Dhttps%253A%252F%252Fs1.turoktvcom.lol%252F%26cp.cb%3D02117e86-0602-abb7-a8b5-3d241b3a6c45%22%2C%22mvt%22%3A50%2C%22id%22%3A428%2C%22cvt%22%3A18%2C%22vst%22%3A%22visible%22%7D&o=%7B%220%22%3A%22https%3A%2F%2Fs1.turoktvcom.lol%22%7D&s2=4
Requested by: Host: s1.turoktvcom.lol
URL: https://s1.turoktvcom.lol/
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 87.242.110.166 , Russian Federation, ASN50340 (SELECTEL-MSK JSC Selectel, RU),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://s1.turoktvcom.lol/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

x-logger-tdb: skyadvert
alt-svc: h3=":443"; ma=86400
date: Thu, 30 Apr 2026 07:29:50 GMT
x-movieads-country: PT
server: nginx

GET
H3 204 logger
logger.moviead55.ru/ Frame 4C4D 0
102 B 124ms
123ms Image
text/plain 87.242.110.166
SELECTEL-MSK JSC ...

General

Check archive.org

Download Go to Show image

Full URL: https://logger.moviead55.ru/logger?v=02aaceb3f3c05eb335337785785d6573&c=6e7f0056-2fa1-b3cd-09e9-5ea76e50bb8d&t=stage&a=min_vt_skip&m=%7B%22tag%22%3A%22https%3A%2F%2Fcode.moviead55.ru%2Fvast2%3Fkey%3D02aaceb3f3c05eb335337785785d6573%26sid%3Dautoplay%26cp.adsource%3Dydxn.rus3%26cp.adtype%3Dpre%26vt%3D18%26fp%3D%5Bfp%5D%26w%3D4000%26h%3D300%26vid%3D%26fpro%3D%26rdd1%3Dtrue%26ma%3D1cbe2ce8-6f38-b9e2-ec3c-9e76a798f738%26tanc%3Dhttps%253A%252F%252Fs1.turoktvcom.lol%26suri%3Dhttps%253A%252F%252Fs1.turoktvcom.lol%252F%26cp.session%3D6e7f0056-2fa1-b3cd-09e9-5ea76e50bb8d%26cp.referer%3Dhttps%253A%252F%252Fs1.turoktvcom.lol%252F%26cp.cb%3D02117e86-0602-abb7-a8b5-3d241b3a6c45%22%2C%22mvt%22%3A50%2C%22id%22%3A430%2C%22cvt%22%3A18%2C%22vst%22%3A%22visible%22%7D&o=%7B%220%22%3A%22https%3A%2F%2Fs1.turoktvcom.lol%22%7D&s2=5
Requested by: Host: s1.turoktvcom.lol
URL: https://s1.turoktvcom.lol/
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 87.242.110.166 , Russian Federation, ASN50340 (SELECTEL-MSK JSC Selectel, RU),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://s1.turoktvcom.lol/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

x-logger-tdb: skyadvert
alt-svc: h3=":443"; ma=86400
date: Thu, 30 Apr 2026 07:29:50 GMT
x-movieads-country: PT
server: nginx

GET
H3 200 vast2 Show response
code.moviead55.ru/ Frame 4C4D 25 B
541 B 164ms
164ms XHR
text/xml 87.242.110.166
SELECTEL-MSK JSC ...

General

Check archive.org

Download Go to

Full URL: https://code.moviead55.ru/vast2?key=02aaceb3f3c05eb335337785785d6573&sid=autoplay&cp.adsource=mndot1&cp.adtype=pre&vt=18&fp=[fp]&w=4000&h=300&vid=&fpro=&rdd1=true&ma=1cbe2ce8-6f38-b9e2-ec3c-9e76a798f738&tanc=https%3A%2F%2Fs1.turoktvcom.lol&suri=https%3A%2F%2Fs1.turoktvcom.lol%2F&cp.session=6e7f0056-2fa1-b3cd-09e9-5ea76e50bb8d&cp.referer=https%3A%2F%2Fs1.turoktvcom.lol%2F&cp.cb=02117e86-0602-abb7-a8b5-3d241b3a6c45
Requested by: Host: user91471.clients-cdnnow.ru
URL: https://user91471.clients-cdnnow.ru/mp_dist/mstream2.js?ver=1777464586725
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 87.242.110.166 , Russian Federation, ASN50340 (SELECTEL-MSK JSC Selectel, RU),
Reverse DNS
Software: nginx /
Resource Hash: 6b47d02459afa1a14571100b85ed5d0e9d86095ef8a4f7a1dbbc2007c9222583

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://s1.turoktvcom.lol/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-encoding: gzip
x-skyadvert-referrer: https://s1.turoktvcom.lol/
alt-svc: h3=":443"; ma=86400
x-skyadvert-cors-qex: Referer
x-skyadvert-path: /
date: Thu, 30 Apr 2026 07:29:50 GMT
content-type: text/xml;charset=UTF-8
vary: accept-encoding, Origin
x-skyadvert-udata: cache,parsed,154597
x-skyadvert-mrc: no
x-skyadvert-ref: {"Scheme":"https","Opaque":"","User":null,"Host":"s1.turoktvcom.lol","Path":"/","RawPath":"","OmitHost":false,"ForceQuery":false,"RawQuery":"","Fragment":"","RawFragment":""}
access-control-allow-credentials: true
x-cache-source: Rist
access-control-allow-origin: https://s1.turoktvcom.lol
x-movieads-country: PT
server: nginx

POST
H/1.1 200
OK /
privacy-cs.mail.ru/fp/ Frame 4C4D 0
0 1401ms
131ms Fetch
application/octet-stream 90.156.232.15
VK-AS LLC VK

General

Check archive.org

Download Go to

Full URL: https://privacy-cs.mail.ru/fp/?id=RZJrkVAEhRv7Y6x82T6DC
Requested by: Host: kimberlite.io
URL: https://kimberlite.io/rtb/ujs?ymss=skyadvert
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 90.156.232.15 , Russian Federation, ASN47764 (VK-AS LLC VK, RU),
Reverse DNS
Software: envoy-lb7-prod /
Resource Hash

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://s1.turoktvcom.lol/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
Content-Type: application/json
sec-ch-ua-mobile: ?0

Response headers

transfer-encoding: chunked
cache-control: max-age=7200
timing-allow-origin: *
x-envoy-upstream-service-time: 8
access-control-allow-credentials: true
expires: Thu, 30 Apr 2026 09:29:52 GMT
access-control-allow-origin: https://s1.turoktvcom.lol
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSAo PSDo OUR BUS UNI NAV STA INT"
date: Thu, 30 Apr 2026 07:29:52 GMT
content-type: application/octet-stream
server: envoy-lb7-prod

OPTIONS
H/1.1 200
OK /
privacy-cs.mail.ru/fp/ Frame 0
0 558ms
126ms Preflight
application/octet-stream 90.156.232.15
VK-AS LLC VK

General

Check archive.org

Download Go to

Full URL: https://privacy-cs.mail.ru/fp/?id=RZJrkVAEhRv7Y6x82T6DC
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 90.156.232.15 , Russian Federation, ASN47764 (VK-AS LLC VK, RU),
Reverse DNS
Software: envoy-lb7-prod /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://s1.turoktvcom.lol
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-method: POST
access-control-allow-origin: https://s1.turoktvcom.lol
access-control-max-age: 1728000
cache-control: max-age=7200
content-length: 0
content-type: application/octet-stream
date: Thu, 30 Apr 2026 07:29:50 GMT
expires: Thu, 30 Apr 2026 09:29:50 GMT
server: envoy-lb7-prod
x-envoy-upstream-service-time: 0

GET
H3

200

csync
code.moviead55.ru/go/ Frame 4C4D
Redirect Chain

https://code.moviead55.ru/go/cinit?cn=astlb&rnd=1777534188
https://ssp.al-adtech.com/api/sync/skyadvert
https://code.moviead55.ru/go/csync?cn=astlb&bid=3bc22dd3-a57a-427f-8eb6-16af594d602b

0
174 B

123ms
122ms

Image
image/jpeg

87.242.110.166
SELECTEL-MSK JSC ...

General

Check archive.org

Download Go to Show image

Full URL: https://code.moviead55.ru/go/csync?cn=astlb&bid=3bc22dd3-a57a-427f-8eb6-16af594d602b
Requested by: Host: s1.turoktvcom.lol
URL: https://s1.turoktvcom.lol/
Protocol: H3
Server: 87.242.110.166 , Russian Federation, ASN50340 (SELECTEL-MSK JSC Selectel, RU),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
Referer: https://s1.turoktvcom.lol/

Response headers

alt-svc: h3=":443"; ma=86400
content-length: 0
date: Thu, 30 Apr 2026 07:29:50 GMT
content-type: image/jpeg
x-movieads-country: PT
server: nginx

Redirect headers

Location: https://code.moviead55.ru/go/csync?cn=astlb&bid=3bc22dd3-a57a-427f-8eb6-16af594d602b
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin
Content-Length: 0
Date: Thu, 30 Apr 2026 07:29:50 GMT
Vary: Origin
Server: nginx/1.20.1

GET
H3

200

csync
code.moviead55.ru/go/ Frame 4C4D
Redirect Chain

https://code.moviead55.ru/go/cinit?cn=bzcookie&rnd=1777534188
https://exchange.buzzoola.com/cookiesync/redirect/skyadvert?redirect_url=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dbzcookie%26bid%3D%24%7BUUID%7D
https://code.moviead55.ru/go/csync?cn=bzcookie&bid=246dc19e-77d7-4a20-4c97-45f6c9922419

0
176 B

122ms
122ms

Image
image/jpeg

87.242.110.166
SELECTEL-MSK JSC ...

General

Check archive.org

Download Go to Show image

Full URL: https://code.moviead55.ru/go/csync?cn=bzcookie&bid=246dc19e-77d7-4a20-4c97-45f6c9922419
Requested by: Host: s1.turoktvcom.lol
URL: https://s1.turoktvcom.lol/
Protocol: H3
Server: 87.242.110.166 , Russian Federation, ASN50340 (SELECTEL-MSK JSC Selectel, RU),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
Referer: https://s1.turoktvcom.lol/

Response headers

alt-svc: h3=":443"; ma=86400
content-length: 0
date: Thu, 30 Apr 2026 07:29:50 GMT
content-type: image/jpeg
x-movieads-country: PT
server: nginx

Redirect headers

location: https://code.moviead55.ru/go/csync?cn=bzcookie&bid=246dc19e-77d7-4a20-4c97-45f6c9922419
content-length: 114
date: Thu, 30 Apr 2026 07:29:50 GMT
content-type: text/html; charset=utf-8
server: nginx
serverid: TODO

GET
H3

200

csync
code.moviead55.ru/go/ Frame 4C4D
Redirect Chain

https://code.moviead55.ru/go/cinit?cn=otclkbid&rnd=1777534188
https://otclick-adv.ru/core/match.gif?ssp=30&tag=skyadvert&reference=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dotclkbid%26bid%3D%7Bvisitor_id%7D
https://code.moviead55.ru/go/csync?cn=otclkbid&bid=VUpJhS5iOqC1MR9

0
163 B

123ms
122ms

Image
image/jpeg

87.242.110.166
SELECTEL-MSK JSC ...

General

Check archive.org

Download Go to Show image

Full URL: https://code.moviead55.ru/go/csync?cn=otclkbid&bid=VUpJhS5iOqC1MR9
Requested by: Host: s1.turoktvcom.lol
URL: https://s1.turoktvcom.lol/
Protocol: H3
Server: 87.242.110.166 , Russian Federation, ASN50340 (SELECTEL-MSK JSC Selectel, RU),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
Referer: https://s1.turoktvcom.lol/

Response headers

alt-svc: h3=":443"; ma=86400
content-length: 0
date: Thu, 30 Apr 2026 07:29:51 GMT
content-type: image/jpeg
x-movieads-country: PT
server: nginx

Redirect headers

Cache-Control: no-cache, max-age=0, must-revalidate, no-store
Location: https://code.moviead55.ru/go/csync?cn=otclkbid&bid=VUpJhS5iOqC1MR9
Pragma: no-cache
Connection: keep-alive
Expires: Thursday, 01-Jan-1970 00:00:00 GMT
Content-Length: 124
Keep-Alive: timeout=60
Date: Thu, 30 Apr 2026 07:29:51 GMT
P3P: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
Server: nginx

GET
H2

204

match
dm-eu.hybrid.ai/ Frame 4C4D
Redirect Chain

https://code.moviead55.ru/go/cinit?cn=hbrdcookie2&rnd=1777534188
https://dm-eu.hybrid.ai/match?id=185&burl=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dhbrdcookie2%26bid%3D%24%7BVID%7D

0
283 B

86ms
79ms

Image
text/plain

37.230.131.16
HYBRID-Poland HYB...

General

Check archive.org

Download Go to Show image

Full URL

https://dm-eu.hybrid.ai/match?id=185&burl=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dhbrdcookie2%26bid%3D%24%7BVID%7D

Requested by

Host: s1.turoktvcom.lol
URL: https://s1.turoktvcom.lol/

Protocol

Server

37.230.131.16 Amsterdam, Netherlands, ASN200197 (HYBRID-Poland HYBRID ADTECH SP.Z.O.O., PL),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
Referer: https://s1.turoktvcom.lol/

Response headers

cache-control: no-cache, no-store
pragma: no-cache
access-control-allow-credentials: true
expires: -1
access-control-allow-origin: https://s1.turoktvcom.lol
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
x-mode: 5051
date: Thu, 30 Apr 2026 07:26:29 GMT
x-xss-protection: 1; mode=block
server: Hybrid Web Server

Redirect headers

alt-svc: h3=":443"; ma=86400
location: https://dm-eu.hybrid.ai/match?id=185&burl=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dhbrdcookie2%26bid%3D%24%7BVID%7D
content-length: 0
date: Thu, 30 Apr 2026 07:29:50 GMT
x-movieads-country: PT
server: nginx

GET
H/1.1

200
OK

cm
cmr.bidderstack.com/skyadvert/ Frame 4C4D
Redirect Chain

https://code.moviead55.ru/go/cinit?cn=hpr&rnd=1777534188
https://cmr.bidderstack.com/skyadvert/cm?user_id=1cbe2ce8-6f38-b9e2-ec3c-9e76a798f738

44 B
271 B

1361ms
115ms

Image
image/gif

185.149.242.236
SELECTEL JSC Sele...

General

Check archive.org

Download Go to Show image

Full URL: https://cmr.bidderstack.com/skyadvert/cm?user_id=1cbe2ce8-6f38-b9e2-ec3c-9e76a798f738
Requested by: Host: s1.turoktvcom.lol
URL: https://s1.turoktvcom.lol/
Protocol: HTTP/1.1
Server: 185.149.242.236 St Petersburg, Russian Federation, ASN49505 (SELECTEL JSC Selectel, RU),
Reverse DNS
Software: Angie /
Resource Hash: 82cb517a8f80c91dfcec543c6d140deb3baaf463ea9e77655475096eba7bc7d9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
Referer: https://s1.turoktvcom.lol/

Response headers

x-from: nrr-2
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Content-Length: 44
Date: Thu, 30 Apr 2026 07:29:52 GMT
Content-Type: image/gif
Server: Angie

Redirect headers

alt-svc: h3=":443"; ma=86400
location: https://cmr.bidderstack.com/skyadvert/cm?user_id=1cbe2ce8-6f38-b9e2-ec3c-9e76a798f738
content-length: 0
date: Thu, 30 Apr 2026 07:29:50 GMT
x-movieads-country: PT
server: nginx

GET
H3

200

csync
code.moviead55.ru/go/ Frame 4C4D
Redirect Chain

https://code.moviead55.ru/go/cinit?cn=gtnt&rnd=1777534188
https://px.adhigh.net/p/cm/skyadvert?u=1cbe2ce8-6f38-b9e2-ec3c-9e76a798f738
https://px.adhigh.net/p/cm/skyadvert?u=1cbe2ce8-6f38-b9e2-ec3c-9e76a798f738&bounced=1
https://code.moviead55.ru/go/csync?cn=gtnt&bid=8s5tc5d4642.AikABlGd3UtIYw

0
167 B

123ms
123ms

Image
image/jpeg

87.242.110.166
SELECTEL-MSK JSC ...

General

Check archive.org

Download Go to Show image

Full URL: https://code.moviead55.ru/go/csync?cn=gtnt&bid=8s5tc5d4642.AikABlGd3UtIYw
Requested by: Host: s1.turoktvcom.lol
URL: https://s1.turoktvcom.lol/
Protocol: H3
Server: 87.242.110.166 , Russian Federation, ASN50340 (SELECTEL-MSK JSC Selectel, RU),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
Referer: https://s1.turoktvcom.lol/

Response headers

alt-svc: h3=":443"; ma=86400
content-length: 0
date: Thu, 30 Apr 2026 07:29:52 GMT
content-type: image/jpeg
x-movieads-country: PT
server: nginx

Redirect headers

x-backend-id: f12-ru
cache-control: no-cache, no-store
location: https://code.moviead55.ru/go/csync?cn=gtnt&bid=8s5tc5d4642.AikABlGd3UtIYw
pragma: no-cache
access-control-allow-credentials: true
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: *
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
date: Thu, 30 Apr 2026 07:29:51 GMT
server: nginx

GET
H2 200 logo1.svg
s1.turoktvcom.lol/templates/turkrucom/images/ 1 KB
0 0ms
0ms Other
image/svg+xml 193.124.129.109
VDSINA-AS Hosting...

General

Check archive.org

Download Go to

Full URL: https://s1.turoktvcom.lol/templates/turkrucom/images/logo1.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 193.124.129.109 Moscow, Russian Federation, ASN48282 (VDSINA-AS Hosting technology LTD, RU),
Reverse DNS: v3096303.hosted-by-vdsina.ru
Software: nginx /
Resource Hash: 9ac1c281454f8f5c3f33cfaf76da54688d4318fd3a4c06d3990101ef984da509

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://s1.turoktvcom.lol/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-control: max-age=315360000
content-encoding: gzip
etag: W/"68391f02-4ac"
expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Thu, 30 Apr 2026 07:29:47 GMT
content-type: image/svg+xml
last-modified: Fri, 30 May 2025 02:59:14 GMT
server: nginx
vary: Accept-Encoding

POST
H2 200 yhb Show response
yhb.p.otm-r.com/ 11 B
277 B 276ms
273ms XHR
text/plain 94.139.250.243
YACLOUDBMS Yandex...

General

Check archive.org

Download Go to

Full URL: https://yhb.p.otm-r.com/yhb
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 94.139.250.243 Asbest, Russian Federation, ASN210656 (YACLOUDBMS Yandex.Cloud LLC, RU),
Reverse DNS
Software: /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://s1.turoktvcom.lol/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
Content-Type: text/plain
sec-ch-ua-mobile: ?0

Response headers

access-control-allow-origin: https://s1.turoktvcom.lol
content-length: 11
date: Thu, 30 Apr 2026 07:29:52 GMT
content-type: text/plain; charset=utf-8
vary: Origin
access-control-allow-credentials: true

POST
H2 200 adfoxhb Show response
ssp-rtb.sape.ru/ 11 B
204 B 139ms
134ms XHR
application/json 193.3.184.91
QWARTA QWARTA LLC

General

Check archive.org

Download Go to

Full URL: https://ssp-rtb.sape.ru/adfoxhb
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.184.91 , Russian Federation, ASN50214 (QWARTA QWARTA LLC, RU),
Reverse DNS
Software: openresty /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://s1.turoktvcom.lol/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
Content-Type: text/plain
sec-ch-ua-mobile: ?0

Response headers

access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-allow-origin: https://s1.turoktvcom.lol
content-length: 11
accept-encoding: gzip, zstd, identity
date: Thu, 30 Apr 2026 07:29:53 GMT
content-type: application/json
server: openresty

POST
H/1.1 200
OK adfox Show response
kimberlite.io/rtb/bid/hb/ 11 B
374 B 127ms
124ms XHR
text/plain 37.0.127.86
NETRACK-AS Start2...

General

Check archive.org

Download Go to

Full URL: https://kimberlite.io/rtb/bid/hb/adfox
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 37.0.127.86 Moscow, Russian Federation, ASN61400 (NETRACK-AS Start2 LLC, RU),
Reverse DNS: s17.kimberlie.io
Software: nginx /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://s1.turoktvcom.lol/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
Content-Type: text/plain
sec-ch-ua-mobile: ?0

Response headers

access-control-allow-origin: https://s1.turoktvcom.lol
server-timing: app;srv=s15;dur=0.0031
Content-Length: 11
Date: Thu, 30 Apr 2026 07:29:53 GMT
Server: nginx
Connection: keep-alive
access-control-allow-credentials: true

POST
H/1.1 204
No Content bid.cgi Show response
pb.adriver.ru/cgi-bin/ 0
324 B 128ms
125ms XHR
text/plain 195.209.109.142
ADRIVER LLC AdRiver

General

Check archive.org

Download Go to

Full URL: https://pb.adriver.ru/cgi-bin/bid.cgi
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 195.209.109.142 , Russian Federation, ASN52007 (ADRIVER LLC AdRiver, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://s1.turoktvcom.lol/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
Content-Type: text/plain
sec-ch-ua-mobile: ?0

Response headers

Cache-control: no-cache, max-age=0, must-revalidate, no-store
Pragma: no-cache
Connection: keep-alive
Access-Control-Allow-Credentials: true
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Access-Control-Allow-Origin: https://s1.turoktvcom.lol
Content-Length: 0
Date: Thu, 30 Apr 2026 07:29:53 GMT

POST
H3 204 auction Show response
pbs.alfasense.com/yandex/ 0
578 B 121ms
118ms XHR
text/plain 188.114.97.3
Cloudflare

General

Check archive.org

Download Go to

Full URL: https://pbs.alfasense.com/yandex/auction
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://s1.turoktvcom.lol/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
Content-Type: text/plain
sec-ch-ua-mobile: ?0

Response headers

x-bid: d7pg9s9gv6k2htu39fb0
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
x-error: empty targeted bids
cf-ray: 9f44d6839817344b-MAD
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=BD6YT9zBTTLwv2vIN7PDTcR5V73I5J06GsLGZCNqV1qE5Ryb8uBR%2BJSCAW3lQT%2FYo5loHccatu6Tc4uRXZ5vsVd4MAZQqNEebkADZKzLbpwZKGNCbOF5s7oiqjyXEczDKPWONA%3D%3D"}]}
access-control-allow-origin: https://s1.turoktvcom.lol
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 30 Apr 2026 07:29:53 GMT
server: cloudflare
priority: u=1,i
access-control-allow-headers: Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT

POST
H/1.1 200
OK bids Show response
ssp.al-adtech.com/api/adfox/ 11 B
275 B 129ms
126ms XHR
application/json 45.139.25.121
PROCLOUD KVIKTEL LLC

General

Check archive.org

Download Go to

Full URL: https://ssp.al-adtech.com/api/adfox/bids
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.139.25.121 Moscow, Russian Federation, ASN34959 (PROCLOUD KVIKTEL LLC, RU),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://s1.turoktvcom.lol/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
Content-Type: text/plain
sec-ch-ua-mobile: ?0

Response headers

Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://s1.turoktvcom.lol
Content-Length: 11
Date: Thu, 30 Apr 2026 07:29:53 GMT
Content-Type: application/json
Vary: Origin
Server: nginx/1.20.1

POST
H2 200 adfox Show response
exchange.buzzoola.com/ssp/ 11 B
334 B 135ms
131ms XHR
text/plain 45.138.161.89
SELECTEL-MSK JSC ...

General

Check archive.org

Download Go to

Full URL: https://exchange.buzzoola.com/ssp/adfox
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.138.161.89 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK JSC Selectel, RU),
Reverse DNS
Software: nginx /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://s1.turoktvcom.lol/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
Content-Type: text/plain
sec-ch-ua-mobile: ?0

Response headers

serverid: TODO
access-control-expose-headers: Set-Cookie, Etag
access-control-allow-credentials: true
access-control-allow-origin: https://s1.turoktvcom.lol
content-length: 11
date: Thu, 30 Apr 2026 07:29:53 GMT
content-type: text/plain; charset=utf-8
server: nginx
access-control-allow-headers: Set-Cookie, X-Alt-Referer, X-First-Party-Cookie, X-Aidata-FP, If-None-Match

POST
H/1.1 200
OK / Show response
hb.bumlam.com/yandex/ 11 B
269 B 191ms
188ms XHR
application/json 31.172.81.160
DE-FIRSTCOLO firs...

General

Check archive.org

Download Go to

Full URL: https://hb.bumlam.com/yandex/
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 31.172.81.160 , Germany, ASN44066 (DE-FIRSTCOLO firstcolo GmbH, DE),
Reverse DNS
Software: nginx /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://s1.turoktvcom.lol/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
Content-Type: text/plain
sec-ch-ua-mobile: ?0

Response headers

Access-Control-Allow-Origin: https://s1.turoktvcom.lol
Content-Length: 11
Date: Thu, 30 Apr 2026 07:29:53 GMT
Content-Type: application/json; charset=utf-8
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

POST
H2 200 adjson Show response
ads.betweendigital.com/ 11 B
292 B 97ms
93ms XHR
application/json 188.42.189.231
Servers.com

General

Check archive.org

Download Go to

Full URL: https://ads.betweendigital.com/adjson?t=adfox
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.42.189.231 , Luxembourg, ASN7979 (SERVERS-COM - Servers.com, Inc., US),
Reverse DNS
Software: /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://s1.turoktvcom.lol/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
Content-Type: text/plain
sec-ch-ua-mobile: ?0

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-origin: https://s1.turoktvcom.lol
content-encoding: gzip
content-type: application/json
vary: Accept-Encoding
access-control-allow-credentials: true

GET v2
yandex.ru/ads/adfox/389280/getBulk/ 0
0

GET
H2 200 v2 Show response
yandex.ru/ads/adfox/389280/getBulk/ 171 B
331 B 268ms
267ms XHR
application/json 77.88.55.88
YANDEX YANDEX LLC

General

Check archive.org

Download Go to

Full URL

https://yandex.ru/ads/adfox/389280/getBulk/v2?pr=4177928059&pr1=3619566110&dl=https%3A%2F%2Fturoktvcom.lol&prr=&extid_loader=MTc3NzUzNDE4ODQyNDcyMDYwMQ%3D%3D&extid_tag_loader=s1.turoktvcom.lol&fa=&date=2026-04-30T07%3A29%3A53.469%2B00%3A00&pd=30&pw=4&pv=7&pdw=1600&pdh=1200&ylv=0.1304851&ybv=0.1304851&ytt=151182848819205&is-turbo=0&skip-token=&ad-session-id=503341777534188569&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22isInIframe%22%3Afalse%2C%22w%22%3A273%2C%22h%22%3A0%2C%22width%22%3A0%2C%22height%22%3A600%2C%22visible%22%3A0%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A1051%2C%22top%22%3A1200%2C%22req_no%22%3A2%2C%22ad_no%22%3A0%7D&pcode-version=1304851&yaru=true&p2=jifh&pp=bwdx&ps=mkqd&ld=https%3A%2F%2Fturoktvcom.lol&slotNumber=3&bids=W3siYmlkZGVyTmFtZSI6Im90bSIsImNhbXBhaWduX2lkIjoxNjk4MDIyLCJyZXNwb25zZV90aW1lIjoyNzgsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiIxNDk2NDQifSx7ImJpZGRlck5hbWUiOiJzYXBlIiwiY2FtcGFpZ25faWQiOjE2OTgwMjUsInJlc3BvbnNlX3RpbWUiOjE0MiwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjEwNjczNDcifSx7ImJpZGRlck5hbWUiOiJzb2x0YSIsImNhbXBhaWduX2lkIjoyNzI0MTM4LCJyZXNwb25zZV90aW1lIjoxMzAsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiI2Ny1HbDJTZCJ9LHsiYmlkZGVyTmFtZSI6ImFkcml2ZXIiLCJjYW1wYWlnbl9pZCI6MTY5ODAyNCwicmVzcG9uc2VfdGltZSI6MTMxLCJlcnJvciI6eyJjb2RlIjo0fSwicGxhY2VtZW50X2lkIjoiOTk6dHVyb2t0dmNvbS5sb2xfMzAweDYwMF9EX1NpZGViYXJfMSJ9LHsiYmlkZGVyTmFtZSI6ImFsZmFzZW5zZSIsImNhbXBhaWduX2lkIjozMTcwNTE0LCJyZXNwb25zZV90aW1lIjoxMjQsImVycm9yIjp7ImNvZGUiOjR9LCJwbGFjZW1lbnRfaWQiOiIxMjIzODgifSx7ImJpZGRlck5hbWUiOiJhc3RyYWxhYiIsImNhbXBhaWduX2lkIjoyMjkyOTEwLCJyZXNwb25zZV90aW1lIjoxMzIsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiI2OWQ4ZDg5YmU4ODFjYzE3YWQyMjFiZWIifSx7ImJpZGRlck5hbWUiOiJidXp6b29sYSIsImNhbXBhaWduX2lkIjoxNjk4MDIwLCJyZXNwb25zZV90aW1lIjoxNDAsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiIxMzIwNTc0In0seyJiaWRkZXJOYW1lIjoibWVkaWFzbmlwZXIiLCJjYW1wYWlnbl9pZCI6Mjg4MDU0OSwicmVzcG9uc2VfdGltZSI6MTk0LCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiNDA2ODEifSx7ImJpZGRlck5hbWUiOiJiZXR3ZWVuZGlnaXRhbCIsImNhbXBhaWduX2lkIjoxNjk4MDE3LCJyZXNwb25zZV90aW1lIjoxMDEsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiI0ODg5ODkzIn1d&utf8=%E2%9C%93&duid=MTc3NzUzNDE4ODQyNDcyMDYwMQ%3D%3D&pcode-test-ids=1387855%2C0%2C35%3B1520060%2C0%2C87%3B1519498%2C0%2C18%3B1539372%2C0%2C76%3B1471934%2C0%2C50%3B1534006%2C0%2C85%3B1538641%2C0%2C18%3B1549206%2C0%2C98%3B1513556%2C0%2C46%3B1543959%2C0%2C49%3B1545953%2C0%2C6%3B1551119%2C0%2C58%3B1503322%2C0%2C28%3B1485712%2C0%2C83%3B1536911%2C0%2C50%3B1534168%2C0%2C89%3B1513551%2C0%2C79%3B1556135%2C0%2C79%3B1550660%2C0%2C81%3B1533445%2C0%2C43%3B912286%2C0%2C36%3B1533436%2C0%2C93&csrf-token=7e69487f088889682567257ba16d1a579390d7b5%3A1777534187&pcode-uid=7151346401777534187&pcode-flags-map=eJyFllGP4yYUhf9LnkcrMGCD34i5dtAQ8AJ2Jq2qq9nd2VbqaFt1p1Wr1fz3leM0rTNS%2FBQlgo%2FLuece8m1z1KlPWW8djBA39Y%2FfNn89Pv%2F5tKk39J0s5DvKlGSbu83L09cX%2B2n6WQiqSrp5%2FeluM%2BqE82YcISYb%2FJLACC1ludjNeMWFvOx2ocMm%2BAw%2BoxmizjZ47CE24POStaQUFSmLE8XYdCrAQMoxHBEeMkSvHTYRdLYjoDY4JIjYuJAAYbxGP%2F39%2BwLOuSoqsXm9W1lSXG4RodGuGZzOgBHeD5Ay7iHvgsE2RDxE3fcQcYju9sGCCC5O1PcRt0439%2Bhsytg4OwlkTVpqQlTBpOKilrKqioKSmhFFyoKUoqZEcF4qIWtGVamqUrCaEU5JwQirlaKcEFHVlBJCaVGRmlFJOSmraRktCJEFrSnhhHOhipoVlBVcXnmBV5QUsxe0MWj3ugPstHMQj2g9ehhimFpjO3%2F76pIqwv8FWd%2Fh9DG5QTvsddR7yBDTSU5jU452O%2BRrv72FlkrJ242clszngj%2F5qI%2BwtQbNYM1NuCBSqblZQwJMU9t9ttqhC9pMpptqTfe2xxzu4XalgjImycVP7XRfnEzjDY7WQMDkQsYc0IT9bRLjlMlLWVnHDjJGaGfpHPZNMLCOqG4gRp3WAeUJ0IGHqB2mHHWG7ogHm3cYet3YfFxAPj8%2BP394%2FPgr%2Fvbl%2BZ8ljlNK1QnX2gc8WG%2FCAX0I%2FQS%2FXQkX1TknHGjThrhPOGpnzTSq%2FS74FSm4qPh89Em3lbTjkpOrrOTqnHZne6UcQe%2FPTT3ANqSCUIkjW7A%2BvjxfK0pIeWmJPwdbzrrZYdppEw4rHZEln%2Bc0pR732jqMw7mK1rq8qqMqzueb1M%2Bu7kOyb0bwTeGUCTFv7HVMMNsPrW8DWp%2FDOSGa4Fvb4cgXsJfHP35%2BerkqhCmh%2FsdLu2j9PU7GSPYHwBSG2Kw19cIII0Snj6h7hId%2B6cev105Qgs2dTAl8c3px7nPosXUhRNTmthDiYuJpwqdn9yw%2F%2BM56mL5ovZI4jBWzmXe6762HlDANcYQj2uaqEb88fvl0lXSiosXiAvuwtQ6wTSveKxWdvdMOzqUmAnhMKeIOtIGI3UpQMk5LufROaNsEy1f48wek5K136H%2FD9%2BYPyjRwgl7JXFI2pfLrd5emhcM%3D&pcode-icookie=2kvauwxAdYLezKvtMPy7K67PHnKhemKM6waj0iKWKJXsKpe6KJo%2FdSf8FRITj6%2BQix1MWvzQRNdrJknuwI9r55tGQqI%3D&disable-base64=1&top-ancestor=https%3A%2F%2Fs1.turoktvcom.lol&top-ancestor-undetermined=0&tga-with-creatives=1&banner-lang=ru&grab-orig-len=4224&grab=eyJncmFiX3ZlcnNpb24iOjJ9ChKkpIzsJu4B1NiBuU3T8_TWHisRGdJkJVV7G4q0J_wpnbR1y5nesG06kjT5-HilrU859IY2NKk2TfucptwAemZAb6BtEVAw5jKXmdvsu2qiuuopmovRIoIFDYpgWU-VUFDS6qlSHTWtPtEmlCltCCmQBvJQEAIdSCuA5DBqSBjyQnFAGgprGNcQe0FiB9IQJyBentFhBGRnLAzgLcN44MsWtHzBSZYjaQ2jUFID-fKVLdCCpZ5fA-IQwrIRDE285Y-znHDDCMh6hl5cT5EmuqrRUaQoGalTBY1Sq0q0ag1jpVFrklSToGQMARKKly3EBRSG_N5vVzwhZGG8gMKlKm4i8qSz-iddyAE-kJUVZUPAMK4zUw35uyrEU_uJF9SONsORBSTDWzbcounyThbNIJydD-C7Oz_cqsFoQFdDvAUjmmXZddpUQwAv1fKFM73C_aIh_i4ur6FoYUhCPvraLHcs0XBGX8-Bv0BGbz7c3V9WVp6ux0sq2dDOCSTHWksv3OEX4m_TF0tEnwvnDRcXBt337dYsQFqaPZR2H4Q7t9zHeWGIa2JkcGMVkhQh8GoltcKDW-zavSOJXUDhThFDWGKkO_K5s666ph3-x-cFcKaOp3uS7vlnHLqdGOItrxmdodMZuZoaYaWh1CkUKBlBUDDS6qm1iAv08E-VtHpdBoJSjVRdNWrglTrV8lOodBpaFIAGLEiARwEoPcNBggIS4A7Hw95MrabQaTWMtCaQQQK5cNQz6E545tjEmpEnmjqAICjMy2wYh0TT3ql8PcOXZci7km8yUGq9O-poEi3idFkD7KOJn-bEJ5Zh-J0PbQjZnSpTM_a8Bd0jLtAMQyK3zVbQrklVahU5pU5p1iYphfnRvuo0Wgq_eyGMV9vsK9yNJu2EebAhpsGCI-kEr6OIKTRBfUXFoWDqUvxklTCFcOiLt9hdQI8tuBPkJktEzOjtqz3afBQ-0TZQ4k8O1Fz2QwBTyII0ZHWSyCaxmEB8F4VooeB2ys-kvK0DEqYQC9RgQN2CET5uwpmAyxTCgV3chbD4TvKQuGX4cLlEdQOZMax75rqkjHu61xe89PjMSNZ_a7DbQoLHZtHDnASsdxTYpUlu3nwaZwKPCTUDzLZ4XQD-XPlZYIKEHfFsoJoUhZY65S6dlx9Y63uXTMIlHM5c3HnaUQDLuYOXqUaHuPd5SOLVX8aoP3Jh6PvUmVzYwbP5b62236Kno_P4OI_DhcHJy4DaaMkLoLYnd-NYYYfGivS-dvt7Fwv3oRcOVgTDHK_6JyconOisOBGdU1SiRx7Jkgs07unbgNpc0KC24vI4wv-DWnfh99fJ4f6DAesY2D5HfOwldeIgYFIFELSA0PqjW_YL1FSjBVWr1CGh0GVOFrgp7w3qDPE_JfZxBXTLVoGGOEVBrkSS-4vOkgrCvzb-QsF_8Qqb_MLQyH4D0JAhS5O8g-UKu7waCT0qVMbMz6o8Cd2WeeFiMLDFV5tIbpdQkNdXzt_-RWqD0X1m3DngZqFMadQUFKmG-mH4wZiRs8Ipzlnh-dnxP4r8tu8ayd6wCw5UQD7utmEdbdEJx3C-Bc06Wjk6TXCrDecZG91qL0ZpR0qyiSYLJ7btjYOimdpMmSZJqpxnwrG8_wXGyp3zoCNPqNTnNZu37T2ZtX97g5vId44eRtS6ZBPPiMpEbzQZ0FqRnqSIkqpdY3QXRjZj8SYi9scX77WbO7yufcyDaZy75Gs3KCCZprdFAvcmyJoskKbdY1beIezhi-8T4uUhmwf7zAJqYAcIahsao60PgGuipXtQNyIF8PrHPexMyXmt1_aS9p6mxDf2_ox5GC7xXZijB-iMpm0AePeAwNO9qPTDYxo9usyF3f62orx4y5iLzfFYSkXlfmNGNvfj57Adz02GPZ-wAzi39RGEEiBa9AkYn_1-LJ89lj99-fhjS7FNUiiLKVHW1pcU5dC-2-Dew2FIVPzKMBPkyKdIlGoN0vafDa5wKWZvn4gSzSxfKzJEZnpXaEaqVJOrQFSkSm2q8NxTv6XQSticLky9LK5tSUAdJe03g-t9Wx77wEGPhnzDI2qD3_WpS89CD27gtBHhvUurxMF_Uzp0YGdRGMcHYdaJ4mXnjoXt0BjB0nown6sTJIG7ovQ-DQsboqUHSxtaphIWsIfdguxsfWdWpDRJWXDG9uT0eOnODjwsqrPouOosh56RnT6PxWIJ1fvP6D3hA1dTVQozpVaDhNGO9XVnCwFIch1lUUpf7Xp9XeQgisrgZcOJlVADWNfTi_PIV66QDq16BiqDA_sx6wqQr7GH0KYB0KNzwvi7EN1-E7ZmdYs0xvjLEOSnVD2qfYzfFcnN6MmZCMN3ZuP4XKSizRIXdH2yfMsxxfz0RiP9f9-6fRKM3xDCova-_iBr3TDDKtBvdw4iowTjrwTlKKWDrlVKJb5znoPVKbYuSILRk0z-sB2PkY8J3NzV-3OQZbWE70aPm7CNC6RakJelv7yvAIw_qx1iJGZYBVqx2nEekyUlwGFsT1CQ31ivhVydJOo9DrqBraxapBq1MjUrUso9Hoy-XfSl8ebR7BEu6AfCUUC76KLV06SaZNB1XCooHa2hmNXoCgRdgUBbINAUCNALBOoCgapA0BsP3mNz7zYgpoh2N5PJ5CWXvrfNe7PWxLsU8tst-iw4bSFs7UUtOHLaAjHIW5LOKlZm-pKuVxU0cV-Euxa1vOjU4I2Y9cDzyr0v7fwf9cX-ls6OuPpBx-pOe5iVVLL4gt0Li1d24ZCQN1WWXW4tfwsxOySC-QVOkQdvPSp_XF4gRT_D9xS3JxcmcaONDMo57ugG_1tPLkmeIozRtzYPfkGgJD0ErLFMrjNd67aljiUzsNeDxqfmot_Yn741cfEOB2WIdWL40kVWN-8sBZUzCuyln0dGeheDdYUXcT2ajxdd-CLbfBdqa4HZkskelNuWYXXLFNvpJC4-3Y4R57GcdNgFsJcsOGGE3lp8eGjw1z-x_IcYvNa2ip4NB71thtnqo6WQl3UlOJnOlhA-afLbiUM1r9HxJpjbKxa7uCEc26e0pz3HHohXdb7CPfkPq_Uml7MuornmgW6KRSNjvFDEE2m_xNCVi_eSsxm3roM5XfdWBTNKtpjf6ehuSPhalbdA6MQevE7T3l1inUvDrBsdbUbvKi-mofF6OEmpfWkt-ibRf2v8QB2VOZ4yvOcc_jQe-yY7N1kkNi3jSq-Kj5Awag_pJNLCfmFMTPeIqMYtUIk3jz0XTJzRhLIAaWujLiApfyIR5xbZLzr4en3D1qudgGeWDR-i5H_PcaPcd7LGGUWdV9qUs-qECN6VpeUVxxHPL7GdGzORUHoKxQULX67Y7_Uj6yOxRcsvG3jCRe0MG8mdY5qsyXDhudjZQ7_ghItbxN6emSqnjrRVxv4qbuk823K0iLSsNJvrxlTz20ffbCFGWf-6vAKNx3Cnv0Zw1GSSweE-4qr58aJHeBI_S9pqx_vijz6-PFtZg1uBHOKHbhTi-hTntZNdDo--k49Db2eVL5vXhW-XAOOoFvsBvhvcNwsm6Y4xj-SyVq-6w2ovhT8-rcvfE2cnF4o563BON70n1mB3hk3Llwyitk2H3hmYnwWvApIssZYrXpK9_iSyKEff2BV_Wzhr5mjyAmK3qNlrrQ_9ICeWx-h45d7PL-T4_Dy7LGCbJqZ6gVqeO8C1hysosPkzlyidRb3ehJYBjsr3n_RkVSXOgrZJkiN2eVPkdIvLo-ZqSvpCx2WnDIwX3woyZW7-W_yz3Onj7N9LkQgA-36jgxvQ4599lcnc3jMV3bQuPjiuX_Lo24ddamketXTW79vKe2EMfvgPc1jdbeUvK8jDxbXFZSckbUIWpDoWB8-LC_-r70Z2LzNmdMc6_Sm3-hIm_HzKiwTP9HAe8SdteRqcPqq9oeS_VOgjiQ1Aq2vXqFveY_e5oVs4t643nNc9biNuyVtaxNajB7DvEfjO-5QHjT8L__6_5PHGrR8Q7PGVQwh7d2-qN9u9RdMwOhrZOVVWqNgsrH7nvh6Xbn9fy3XiTfU90vvriYv1b4W9F8Dgvqh-93dS8bWvnegk-UrVDiZtgrYCtZ2jwwZEplbfuvOgYR6umUatQqjUIqVKaiNZguKDMBgNaOrYOwQvUXF_o4IVEm5uedBBM8HgL6YMRuwRjNgjGLFHzCf2CEb20VZ1OQBiegBo9wBgTwD-

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

77.88.55.88 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS