turtella.ru Open in urlscan Pro
34.120.78.78 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://turtella.ru/
Effective URL:
https://turtella.ru/main
Submission: On August 16 via manual (August 16th 2023, 10:27:46 am UTC) from GB — Scanned from GB

Summary HTTP 171 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 26 IPs in 4 countries across 15 domains to perform 171 HTTP transactions. The main IP is 34.120.78.78, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is turtella.ru.
TLS certificate: Issued by GTS CA 1D4 on July 15th 2023. Valid for: 3 months.

This is the only time turtella.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 3	34.120.78.78 34.120.78.78	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
7	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
22	2a02:6ea0:c70... 2a02:6ea0:c700::11	60068 (CDN77 ^_^) (CDN77 ^_^)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
2 4	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
14	2a02:6ea0:c70... 2a02:6ea0:c700::17	60068 (CDN77 ^_^) (CDN77 ^_^)
18	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1 2	88.212.202.52 88.212.202.52	39134 (UNITEDNET) (UNITEDNET)
1	95.182.108.142 95.182.108.142	213220 (DATA-CHEA...) (DATA-CHEAP-AS)
5 10	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
7	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
6 19	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
37	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
12	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
2	172.217.18.99 172.217.18.99	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
4	2800:3f0:4004... 2800:3f0:4004:806::2003	15169 (GOOGLE) (GOOGLE)
1	142.250.13.156 142.250.13.156	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:11::6	15169 (GOOGLE) (GOOGLE)
171	26

3 34.120.78.78 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 78.78.120.34.bc.googleusercontent.com

turtella.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a02:6ea0:c700::11 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

core.turtella.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a02:6ea0:c700::17 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

st.turtella.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.202.52 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host152.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.182.108.142 (Moscow, Russian Federation)

ASN213220 (DATA-CHEAP-AS, RU)

click.topturizm.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:6b8::1:119 (Moscow, Russian Federation) 5 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany) 6 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

mts0.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.186.66 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.99 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f99.1e100.net

p4-es4rj2otgqypk-v5ho6umckxtcya5d-if-v6exp3-v4.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2800:3f0:4004:806::2003 (Argentina)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.13.156 (United States)

ASN15169 (GOOGLE, US)
PTR: we-in-f156.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:11::6 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r1---sn-4g5lznez.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
55	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 125 tpc.googlesyndication.com — Cisco Umbrella Rank: 163	754 KB
39	turtella.ru 2 redirects turtella.ru core.turtella.ru st.turtella.ru	267 KB
21	gstatic.com www.gstatic.com fonts.gstatic.com p4-es4rj2otgqypk-v5ho6umckxtcya5d-if-v6exp3-v4.metric.gstatic.com csi.gstatic.com	470 KB
20	doubleclick.net 6 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 55 bid.g.doubleclick.net — Cisco Umbrella Rank: 1014	299 KB
13	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1244 www.googleadservices.com — Cisco Umbrella Rank: 157	601 B
10	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 73 ajax.googleapis.com — Cisco Umbrella Rank: 424 imasdk.googleapis.com — Cisco Umbrella Rank: 600	232 KB
7	yandex.com 3 redirects mc.yandex.com — Cisco Umbrella Rank: 10691	3 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 225	339 KB
6	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 3 mts0.google.com — Cisco Umbrella Rank: 4390	189 KB
3	2mdn.net 1 redirects gcdn.2mdn.net — Cisco Umbrella Rank: 1319 r1---sn-4g5lznez.c.2mdn.net	2 MB
3	yandex.ru 2 redirects mc.yandex.ru — Cisco Umbrella Rank: 3768	60 KB
2	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 10788	2 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2102	242 B
1	topturizm.ru click.topturizm.ru	1022 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 76	81 KB
171	15

	Domain	Requested by
37	tpc.googlesyndication.com	googleads.g.doubleclick.net imasdk.googleapis.com tpc.googlesyndication.com pagead2.googlesyndication.com
22	core.turtella.ru	turtella.ru core.turtella.ru
19	googleads.g.doubleclick.net	6 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
18	pagead2.googlesyndication.com	turtella.ru pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
14	st.turtella.ru	turtella.ru
12	www.googleadservices.com	turtella.ru googleads.g.doubleclick.net
8	www.gstatic.com	www.google.com googleads.g.doubleclick.net
7	mc.yandex.com	3 redirects turtella.ru
7	fonts.gstatic.com	fonts.googleapis.com
7	fonts.googleapis.com	turtella.ru googleads.g.doubleclick.net
6	www.googletagservices.com	googleads.g.doubleclick.net
4	csi.gstatic.com	imasdk.googleapis.com
4	www.google.com	2 redirects turtella.ru tpc.googlesyndication.com
3	mc.yandex.ru	2 redirects turtella.ru
3	turtella.ru	2 redirects
2	r1---sn-4g5lznez.c.2mdn.net
2	imasdk.googleapis.com	googleads.g.doubleclick.net
2	p4-es4rj2otgqypk-v5ho6umckxtcya5d-if-v6exp3-v4.metric.gstatic.com	googleads.g.doubleclick.net p4-es4rj2otgqypk-v5ho6umckxtcya5d-if-v6exp3-v4.metric.gstatic.com
2	mts0.google.com	googleads.g.doubleclick.net
2	counter.yadro.ru	1 redirects turtella.ru
1	gcdn.2mdn.net	1 redirects
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	region1.google-analytics.com	www.googletagmanager.com
1	click.topturizm.ru	turtella.ru
1	www.googletagmanager.com	turtella.ru
1	ajax.googleapis.com	turtella.ru
171	27

This site contains links to these domains. Also see Links.

Domain
pogoda.turtella.ru
ex.turtella.ru
worldseatemp.com
planeta.turtella.ru
gid.turtella.ru
skystats.ru
www.liveinternet.ru
topturizm.ru

Subject Issuer	Validity	Valid
turtella.ru GTS CA 1D4	`2023-07-15` - `2023-10-13`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
1504702193.rsc.cdn77.org R3	`2023-06-10` - `2023-09-08`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
1541028189.rsc.cdn77.org R3	`2023-06-17` - `2023-09-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
click.topturizm.ru R3	`2023-06-14` - `2023-09-12`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-08-14` - `2024-01-24`	5 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2023-08-08` - `2023-10-17`	2 months	crt.sh

This page contains 23 frames:

Primary Page: https://turtella.ru/main
Frame ID: 66F6AB8838096F0EAD4EF8A55F585245
Requests: 59 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230810/r20190131/zrt_lookup.html
Frame ID: E9CD1452CF2C806BADD30E6210348FED
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2527231214147379&output=html&adk=264356386&adf=4279258763&lmt=1692178062&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fturtella.ru%2Fmain&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692181662081&bpp=3&bdt=816&idt=239&shv=r20230810&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8467847889206&frm=20&pv=2&ga_vid=432699938.1692181662&ga_sid=1692181662&ga_hid=99077064&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077148&oid=2&pvsid=2996708598079933&tmod=821911690&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=261
Frame ID: 578B1149C3CD151F86F20A09CF1A9AF6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2527231214147379&output=html&h=280&slotname=3497672943&adk=286206994&adf=3413030609&pi=t.ma~as.3497672943&w=748&fwrn=4&fwrnh=100&lmt=1692178062&rafmt=1&format=748x280&url=https%3A%2F%2Fturtella.ru%2Fmain&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692181662084&bpp=2&bdt=820&idt=263&shv=r20230810&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8467847889206&frm=20&pv=1&ga_vid=432699938.1692181662&ga_sid=1692181662&ga_hid=99077064&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=371&ady=1688&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077148&oid=2&pvsid=2996708598079933&tmod=821911690&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=GYs1I5CK7K&p=https%3A//turtella.ru&dtd=267
Frame ID: F827DE35514D9DBEE5BA2625BE71D047
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2527231214147379&output=html&h=280&slotname=2184591276&adk=1776695755&adf=4290593704&pi=t.ma~as.2184591276&w=748&fwrn=4&fwrnh=100&lmt=1692178062&rafmt=1&format=748x280&url=https%3A%2F%2Fturtella.ru%2Fmain&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692181662086&bpp=1&bdt=821&idt=272&shv=r20230810&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C748x280&nras=1&correlator=8467847889206&frm=20&pv=1&ga_vid=432699938.1692181662&ga_sid=1692181662&ga_hid=99077064&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=371&ady=3035&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077148&oid=2&pvsid=2996708598079933&tmod=821911690&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=KL6Y46oDG8&p=https%3A//turtella.ru&dtd=276
Frame ID: EF984EE2401D848ECF3E9BA58CC696AE
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2527231214147379&output=html&h=600&slotname=4810754619&adk=413430865&adf=162054646&pi=t.ma~as.4810754619&w=300&fwrn=4&fwrnh=100&lmt=1692178062&rafmt=1&format=300x600&url=https%3A%2F%2Fturtella.ru%2Fmain&fwr=0&fwrattr=true&rw=300&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692181662087&bpp=1&bdt=823&idt=279&shv=r20230810&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C748x280%2C748x280&nras=1&correlator=8467847889206&frm=20&pv=1&ga_vid=432699938.1692181662&ga_sid=1692181662&ga_hid=99077064&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1135&ady=158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077148&oid=2&pvsid=2996708598079933&tmod=821911690&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=hU6tgqwqkb&p=https%3A//turtella.ru&dtd=282
Frame ID: D57D98951A2B8BE513853B870D2B31C6
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2527231214147379&output=html&h=600&slotname=6289888493&adk=1066094053&adf=3154994636&pi=t.ma~as.6289888493&w=300&lmt=1692178062&format=300x600&url=https%3A%2F%2Fturtella.ru%2Fmain&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692181662087&bpp=1&bdt=823&idt=288&shv=r20230810&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C748x280%2C748x280%2C300x600&nras=1&correlator=8467847889206&frm=20&pv=1&ga_vid=432699938.1692181662&ga_sid=1692181662&ga_hid=99077064&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1135&ady=1187&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077148&oid=2&pvsid=2996708598079933&tmod=821911690&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=HL58TzO9FB&p=https%3A//turtella.ru&dtd=291
Frame ID: 9E05F440CB176A98F8294ED37EDBEEE2
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2527231214147379&output=html&h=600&slotname=3170369883&adk=4089991135&adf=464485730&pi=t.ma~as.3170369883&w=300&fwrn=4&fwrnh=100&lmt=1692178062&rafmt=1&format=300x600&url=https%3A%2F%2Fturtella.ru%2Fmain&fwr=0&fwrattr=true&rw=300&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692181662087&bpp=1&bdt=823&idt=294&shv=r20230810&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C748x280%2C748x280%2C300x600%2C300x600&nras=1&correlator=8467847889206&frm=20&pv=1&ga_vid=432699938.1692181662&ga_sid=1692181662&ga_hid=99077064&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1135&ady=1807&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077148&oid=2&pvsid=2996708598079933&tmod=821911690&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=aoDaJTy5pA&p=https%3A//turtella.ru&dtd=296
Frame ID: CDBA0AC5647CDBAF938B5C2B1ED98076
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 245D38895B905D69DEFD1D2056EC1E3B
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/CSOfw_hsnqCQOuvd9EdsMHEKKK7Q7ue9EljC2uloiwY.js
Frame ID: A92D7735E789F4399DEBF54B95AC2504
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/CSOfw_hsnqCQOuvd9EdsMHEKKK7Q7ue9EljC2uloiwY.js
Frame ID: 2A3060008D9EFCD406BDAF38F681C69F
Requests: 1 HTTP requests in this frame

Frame: https://p4-es4rj2otgqypk-v5ho6umckxtcya5d-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: CD7C5A285F438FE8FE0441FEAFEEBE4A
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230810/r20110914/zrt_lookup.html?fsb=1
Frame ID: 8DFB4EB18E76D06722EB7DE3FF353455
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230810/r20110914/zrt_lookup.html?fsb=1
Frame ID: 41A128599B6905705BC28C67E857FB9B
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 46A8B212E13D5F617EF13F3837868B07
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20230810/r20110914/abg_lite_fy2021.js
Frame ID: 052A058F35A4536B231B31DDB20A620C
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/CSOfw_hsnqCQOuvd9EdsMHEKKK7Q7ue9EljC2uloiwY.js
Frame ID: CFE19E10E03E31712DCBC7997E3FE896
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/CSOfw_hsnqCQOuvd9EdsMHEKKK7Q7ue9EljC2uloiwY.js
Frame ID: A0BD64BD98A22FD48D57D403E4425B32
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/CSOfw_hsnqCQOuvd9EdsMHEKKK7Q7ue9EljC2uloiwY.js
Frame ID: DB27666550347D57D71F67C485B886B1
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/CSOfw_hsnqCQOuvd9EdsMHEKKK7Q7ue9EljC2uloiwY.js
Frame ID: A428F65348D55EDEB196DBEEB95322D8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 4BB0EFC77EDAEBC816A68441E5E869DD
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5E4B9FBB0CC2D9D111F6CB247184F8C3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4BFAE13E6F523252581A659A83AE6C26
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Отзывы об отелях и рассказы туристов

Page URL History Show full URLs

http://turtella.ru/ HTTP 301
https://turtella.ru/ HTTP 302
https://turtella.ru/main Page URL

Detected technologies

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

171
Requests

94 %
HTTPS

77 %
IPv6

15
Domains

27
Subdomains

26
IPs

4
Countries

4866 kB
Transfer

8238 kB
Size

20
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://pogoda.turtella.ru/
Title: погода на курортах

Search URL Search Domain Scan URL

URL: https://ex.turtella.ru/
Title: Экскурсии

Search URL Search Domain Scan URL

URL: http://worldseatemp.com/ru/
Title: температура воды в море

Search URL Search Domain Scan URL

URL: https://planeta.turtella.ru/
Title: достопримечательности

Search URL Search Domain Scan URL

URL: https://gid.turtella.ru/
Title: путеводители

Search URL Search Domain Scan URL

URL: https://skystats.ru/
Title: авиарейсы

Search URL Search Domain Scan URL

URL: http://www.liveinternet.ru/click

Search URL Search Domain Scan URL

URL: http://topturizm.ru/?13538

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://turtella.ru/ HTTP 301
https://turtella.ru/ HTTP 302
https://turtella.ru/main Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35

https://counter.yadro.ru/hit?t57.6;r;s1600*1200*24;uhttps%3A//turtella.ru/main;0.8653468604884322 HTTP 302
https://counter.yadro.ru/hit?q;t57.6;r;s1600*1200*24;uhttps%3A//turtella.ru/main;0.8653468604884322

Request Chain 50

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10097.d2mzlWA_F1dOP73twM-KTjBQfrLVAO-kROYF_kg1HPvJRfF6P1yTyRbYow2z1G9r.gtUCgwpL-GGXNwup9UuXiRpXT4o%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10097.miQqXWU_X9y5-ncWFu363O6LS9IGVax3YCcVPNKP8FBk9UH53TL5rb_YeYUNRNvC3wCmJlMYrfjLSDfzCBBcGkinJrpb34AtnYIYEnCc2H8%2C.2490lNcDu-9JTLMgPyzMzHpacqI%2C

Request Chain 59

https://mc.yandex.com/watch/81638?wmode=7&page-url=https%3A%2F%2Fturtella.ru%2Fmain&charset=utf-8&cnt-class=1&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Afle5kqy8ltv55tkdn444gpr%3Afp%3A1013%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1093%3Acn%3A1%3Adp%3A0%3Als%3A1651536629776%3Ahid%3A149605753%3Az%3A60%3Ai%3A20230816112742%3Aet%3A1692181662%3Ac%3A1%3Arn%3A759970487%3Arqn%3A1%3Au%3A1692181662736448193%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C0%2C221%2C9%2C310%2C0%2C%2C462%2C4%2C%2C%2C%2C1003%3Aco%3A0%3Acpf%3A1%3Ans%3A1692181660729%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1692181663%3At%3A%D0%9E%D1%82%D0%B7%D1%8B%D0%B2%D1%8B%20%D0%BE%D0%B1%20%D0%BE%D1%82%D0%B5%D0%BB%D1%8F%D1%85%20%D0%B8%20%D1%80%D0%B0%D1%81%D1%81%D0%BA%D0%B0%D0%B7%D1%8B%20%D1%82%D1%83%D1%80%D0%B8%D1%81%D1%82%D0%BE%D0%B2&t=clc(0-0-0)rqnt(1)aw(1)ti(1) HTTP 302
https://mc.yandex.com/watch/81638/1?wmode=7&page-url=https%3A%2F%2Fturtella.ru%2Fmain&charset=utf-8&cnt-class=1&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Afle5kqy8ltv55tkdn444gpr%3Afp%3A1013%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1093%3Acn%3A1%3Adp%3A0%3Als%3A1651536629776%3Ahid%3A149605753%3Az%3A60%3Ai%3A20230816112742%3Aet%3A1692181662%3Ac%3A1%3Arn%3A759970487%3Arqn%3A1%3Au%3A1692181662736448193%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C0%2C221%2C9%2C310%2C0%2C%2C462%2C4%2C%2C%2C%2C1003%3Aco%3A0%3Acpf%3A1%3Ans%3A1692181660729%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1692181663%3At%3A%D0%9E%D1%82%D0%B7%D1%8B%D0%B2%D1%8B%20%D0%BE%D0%B1%20%D0%BE%D1%82%D0%B5%D0%BB%D1%8F%D1%85%20%D0%B8%20%D1%80%D0%B0%D1%81%D1%81%D0%BA%D0%B0%D0%B7%D1%8B%20%D1%82%D1%83%D1%80%D0%B8%D1%81%D1%82%D0%BE%D0%B2&t=clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29&redirnss=1

Request Chain 60

https://mc.yandex.com/sync_cookie_image_check_secondary HTTP 302
https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=10097.vAR1aIDWohEx4OpXDCbeKTKESpjw02QyqMc6WnWyWYQTgQQAXRcemjgYxMdV5xGb.Y8_CsrZsT1dlduhYa13bpVGGZOM%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10097.wfsrXEsSKOn6hYMaSyX0zsIn_ugBpUrttUW4_elq0uKknXSA7lTThxx-e-9IOT3VOH-ZxwczjtUST8t4EmoPdlf4UFvxk4ObrWFvD-33F2k%2C.H1Ne2ZCfhJ43Ss8QXDEfu5gORH8%2C

Request Chain 70

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 107

https://googleads.g.doubleclick.net/pagead/adview?ai=C4UEmnqTcZK_0Gar2mLAPyfmT4APE7_urcvOj4Yj0EfuEycjoBRABIMSFqhtgu76ug9AKoAGoqpLHA8gBA6kCr3MxWeNMtT6oAwHIA8kEqgTGAU_QAKd1x8WYnyohMW7XEtUVNKF1tHyun_N1MqSx6tqx18gWaoQuB9O-DCSixHKHW0MQvAQeVz7uGkFiiC2DT5po-i3u-mwAJdd813n5OncjVYmBOqhAOXFHrzmi1z_9hg3RNLN5tCRuDFyLsadwRRPI0DqL9zT7XXuxAz1BPcGPuhIlXNKoN-48rXh4M6rL1c2AaCEuXOA2DFb0fISY-NBQOYs_1U-d7SzFC7eIp-4JTYttnibllZ1S3ezZHWBjnUFcJtD1ccAEuOmG0M0EkgUECAQYAZIFBAgFGASgBgOAB8DV7TioB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBD81gbSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6mgkgaHR0cHM6Ly93d3cuYmwudWsvZXZlbnRzL2FuaW1hbHOACgHICwHYEwzQFQGYFgGAFwGyFxwKGggAEhRwdWItMjUyNzIzMTIxNDE0NzM3ORgA&sigh=Hf5QqNKSGk8&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJWTjtECYBKR-IdBhaVe4Sb5DUUWcn7dhgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223236974928637288041%22,%22debug_reporting%22:true,%22destination%22:%22https://bl.uk%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22954504488%22],%224%22:[%2208-16%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210918649680503983329%22}&andc=true

Request Chain 115

https://googleads.g.doubleclick.net/pagead/adview?ai=CeI6-nqTcZOH0GIGz1wbIzIjwDMH03YJxtNa0kcwQ5-Le7fcKEAEgxIWqG2C7vq6D0AqgAbPpge8CyAEJqQIL3hSwklCyPqgDAcgDywSqBMgBT9BZEpPnLPaTTuDvVXYj9G0mvk0-M2qTT0dlwXFLbCcXij1OBduHVeIFV_OIvDg5ZEWcFWCN_1XabAx0Hg6EQ0Yf-aS1yf-NHxfNX8syatLyauBiHwlcVGPYKKpmIAaQg654oSrxddhREkhuD_HeYpVvYxn5ntk4wCH7mdpuLvSNJVh7MmToayy8zNkLc1MQja7h21uHdmblyHUR2X7Smojlcxk90UgA3D0JWjtE6fu8eUh0q8OyBEKR6CGHDcSLe_KBZUZs4ivABNS4xOGHBJIFBAgEGAGSBQQIBRgEoAYugAe1lv6QAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEMiwD9IIFgiA4YAQEAEYHzICqgI6AoBASL39wTqaCR5odHRwczovL3d3dy5yZXdhcmRjYXRlcmluZy5pZS-ACgHICwHYEwrQFQGYFgGAFwGyFxwKGggAEhRwdWItMjUyNzIzMTIxNDE0NzM3ORgA&sigh=XU2UoKpsHEo&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJW_H-AdrDl137lmvm-NstKMQwF6ecBjRgB&template_id=5000&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211117478486223357211%22,%22debug_reporting%22:true,%22destination%22:%22https://rewardcatering.ie%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22769684659%22],%224%22:[%2208-16%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213224021392632377393%22}&andc=true

Request Chain 124

https://googleads.g.doubleclick.net/pagead/adview?ai=C84FvnqTcZPKSGp7gmLAPq764sAnSkvb_cOzE2umiEKjrwpGVORABIMSFqhtgu76ug9AKoAHJkKzYAsgBAakCzZ7FXaVTsj6oAwHIA8sEqgTVAU_QMP5yD6PIEQQVE9-G5-cW3SsfZRLu_WYnxZV5C9OGDyw-fL28eQNjuXwfLMDOb1My59tGgYfhFN-XbYiUBygokSaSKqC3COC8ph3PShueD-V70FNd7ShMb1zEf9f0nlokEkwE5eEqsVpngLaTQqlfcZzxQ3yhpyj75uLI7xS3PMBr9x1cnra2zf4K5fqIgeSjfb1uruEo1x0CV4E1vy6xx_9XAJfEL59aMMp-cj4E6HgZThOW-YV3lsV73e1ZXFtUAP3Tpozd7hbVvFceX7QxiTeQl8AElq_E7v0DkgUECAQYAZIFBAgFGASgBgKAB5_v06cBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQqZYL0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOpoJFGh0dHBzOi8vb3JkaXQuY28udWsvgAoByAsB2BMOiBQC0BUBmBYBgBcBshccChoIABIUcHViLTI1MjcyMzEyMTQxNDczNzkYAA&sigh=mDrPOpfMqVw&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJWn4Wyrm8G8m3MXpTqJBprVCUYEa5MJxgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211961798651616528139%22,%22debug_reporting%22:true,%22destination%22:%22https://ordit.co.uk%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22722143305%22],%224%22:[%2208-16%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217731209883952144385%22}&andc=true

Request Chain 153

https://googleads.g.doubleclick.net/pagead/adview?ai=C_OHgnqTcZJyXGKebmLAPx-KZ8A2r-M2_cKvly9_pEYCOoZXlGhABIMSFqhtgu76ug9AKoAHziIWcKMgBCakCRaVr-aRftT6oAwHIA8sEqgTVAU_QkwufWfi1ypId4sw9FFuZZInBCgOd9ZVAl2O7vEkSG_hbciMgEeFimsXdLugBCxos_RAU3wIr478OylqS8FF6Z03fN2cQ2kmoqnoYUz3WlbTcGSjKRRLm1DXJP9IV6WioyZ60PuE2hkbrB78AYSwhyMgXzst8RJpfkeFYzdLeZFEz4SOuud55yRbQ9tUigyjACZpoyHlH1-h8EH1t8mRiSXolOlj3lt32dnGNQunUmikwKgSe5wM9C58NRZIv51fQkEcU7fUREC3j-AEB-9hUJmrracAEiaTJkbgEkgUECAQYAZIFBAgFGASgBi6AB_PA1fsCqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQnNQR0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOpoJNWh0dHBzOi8vZjQ1dHJhaW5pbmcuY28udWsvdG93ZXJicmlkZ2UvaG9tZT9sYW5nPWVuLWdigAoByAsBuBOIBNgTCtAVAYAXAbIXHAoaCAASFHB1Yi0yNTI3MjMxMjE0MTQ3Mzc5GAA&sigh=5htwiYf0Z34&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJWEAc_aHf4prwkV4oWOaDeUuX2yr_tcxgB&template_id=520&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225129725221918730124%22,%22debug_reporting%22:true,%22destination%22:%22https://f45training.co.uk%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210796221555%22],%224%22:[%2208-16%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227472588008838301985%22}&andc=true

Request Chain 154

https://googleads.g.doubleclick.net/pagead/adview?ai=C4Y6RnqTcZNbTGYXxmLAPy7qF0Ayr-M2_cKvly9_pEYCOoZXlGhABIMSFqhtgu76ug9AKoAHziIWcKMgBCakCRaVr-aRftT6oAwHIA8sEqgTVAU_QKDuvchnrkehgTJ7j1DTd2XSd_xiWzM6wzdCv3JVmyJP1dHh6Es0sEHyy1IGo-AmTchG3nD1CwolU-PgSIutbOdk__wtrdanxEtF3vyDmczgcKPMtDU8KlIrDCKxImxAd62FOxzlIQLcDravg5P1M0l7Rdja5HA1M4OU7KecPAfoSetLkrcSJ1mekkzPj34h3hMeEiDCSHtoYMIXZd5R4_JcuPf6kyn2hnlVrYgijGGIWbiVD4QrBDhrAA0WTqbm9u4dslqynQJZupX2sd4vOjpLBWcAEiaTJkbgEkgUECAQYAZIFBAgFGASgBi6AB_PA1fsCqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQiYEj0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOpoJNWh0dHBzOi8vZjQ1dHJhaW5pbmcuY28udWsvdG93ZXJicmlkZ2UvaG9tZT9sYW5nPWVuLWdigAoByAsBuBOIBNgTCtAVAYAXAbIXHAoaCAASFHB1Yi0yNTI3MjMxMjE0MTQ3Mzc5GAA&sigh=FDR8XX41KnM&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJWetw9AOJMuTprcaIJRtCzuyALAliCNxgB&template_id=520&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225927021111611191034%22,%22debug_reporting%22:true,%22destination%22:%22https://f45training.co.uk%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210796221555%22],%224%22:[%2208-16%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227347501260230542897%22}&andc=true

Request Chain 156

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 161

https://googleads.g.doubleclick.net/pagead/adview?ai=C9onunqTcZNaYHIegi9YPhcuXyAyDwcDHccrjxeO4CPK8goHABRABIMSFqhtgu76ug9AKoAH6gP_5A8gBAakCZcwVCkBWtT6oAwHIA8sEqgTIAU_QGO1xsM-Q1v8ZejJho8HrofbGGDYm6MxubaWZBI8SzQADkrUaWYhBSuRWh86xVcR1ZPBjOLI7Wk7FWpztWghqsNftoEEemzFJNmd9U-0eroMRBQZCAM4kHsfjvKA1X1AKQUq9zMzigZH_DOYKmnhXQzHBretAoYjmmG4HYNftlnMQZ8tNLVWlnHS6W9ci_vtOoPzAAbS352PXX6h07pTEqmrhoikJi4LT2A6GM639EGwaMWfYwYPIgMvO3wsCbB-_4draZlJNwASz6LiljgKSBQQIBBgBkgUECAUYBIAH7v6ABqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEM75DtIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqaCTtodHRwczovL3d3dy5pY2VsYW5kcHJvY3J1aXNlcy5jby51ay9wYWdlcy9jcnVpc2VzLTIwMjMuaHRtbIAKAcgLAdgTDYgUBtAVAZgWAYAXAbIXHAoaCAASFHB1Yi0yNTI3MjMxMjE0MTQ3Mzc5GAA&sigh=CAtOxeNXRl4&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJWK0uY9i2Xq2FM15UAoW9Dq-8ylXfFTRgB&template_id=5001&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225426141839050149748%22,%22debug_reporting%22:true,%22destination%22:%22https://icelandprocruises.co.uk%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221061142650%22],%224%22:[%2208-16%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214658181432565768385%22}&andc=true

Request Chain 171

https://gcdn.2mdn.net/videoplayback/id/fd2213d47f45cec6/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1723717664/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/28BE57C3326434357F5C19E4EB65026AE17E1F9A.53F8605BB93E80653D3D3A6FC66CBA5CD3F5A3F5/key/ck2/file/file.mp4 HTTP 302
https://r1---sn-4g5lznez.c.2mdn.net/videoplayback/id/fd2213d47f45cec6/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1723717664/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/363CC3E99BA079308FDE4D731629F4E6E632F565.786C8C44FF1E187D6CFC26B31D75C47D802102E7/key/cms1/cms_redirect/yes/mh/Nc/mip/2a01:4a0:2c::3/mm/42/mn/sn-4g5lznez/ms/onc/mt/1692181301/mv/u/mvi/1/pl/48/file/file.mp4

171 HTTP transactions
16 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request main Show response
turtella.ru/
Redirect Chain

http://turtella.ru/
https://turtella.ru/
https://turtella.ru/main

39 KB
10 KB

221ms
220ms

Document
text/html

34.120.78.78
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://turtella.ru/main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.78.78 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 78.78.120.34.bc.googleusercontent.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: df4997605d5a23101bb83f31410df0d671df9427ff2a34a7ce394e724cf2be7c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-store, no-cache, must-revalidate,post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Wed, 16 Aug 2023 10:27:41 GMT
expires: Sat, 6 May 1995 12:00:00 GMT
pragma: no-cache
server: Apache/2.4.10 (Debian)
vary: Accept-Encoding
via: 1.1 google

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 285
content-type: text/html; charset=iso-8859-1
date: Wed, 16 Aug 2023 10:27:41 GMT
location: https://turtella.ru/main
server: Apache/2.4.10 (Debian)
via: 1.1 google

GET
H2 200 css
fonts.googleapis.com/ 8 KB
1 KB 177ms
62ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600,700&subset=latin,cyrillic

Requested by

Host: turtella.ru
URL: https://turtella.ru/main

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6a573ed2d823eaa7761f76f04d52b8c3eb0d1e73d76a2d71c5b5a8479c4e1796

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://turtella.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 16 Aug 2023 10:27:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 16 Aug 2023 09:41:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 16 Aug 2023 10:27:41 GMT

GET
H2 200 main.css
core.turtella.ru/ 38 KB
8 KB 363ms
53ms Stylesheet
text/css 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://core.turtella.ru/main.css?version=5.17.1
Requested by: Host: turtella.ru
URL: https://turtella.ru/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 66f1675b6efb26674cac8eee607be514b08589684826d14d75048a5971a7419d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://turtella.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 16 Aug 2023 10:27:41 GMT
content-encoding: gzip
x-amz-request-id: 7N8PK61G0BYY1VDX
x-cache: HIT
x-77-cache: HIT
x-age: 4504539
x-accel-date: 1687677122
x-amz-id-2: c4pzb4e7XqKgRMliLDezSpDasWRD1RWpJFjicB+eny5/izkqBbuvMk1mvkOWRS9Vj2RnkUCiR7Y=
x-77-nzt: AcO1rydq29L/27tEAA
x-accel-expires: @1719234722
last-modified: Sat, 25 Jun 2022 00:39:21 GMT
server: CDN77-Turbo
etag: W/"dddc1d43bb0cc23cdd106125cb37b1be"
x-77-nzt-ray: 25b02131b2fdf7bd9da4dc64dda3f423
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31557600

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.7/ 93 KB
93 KB 167ms
53ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.7/jquery.min.js

Requested by

Host: turtella.ru
URL: https://turtella.ru/main

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://turtella.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 21:36:20 GMT
x-content-type-options: nosniff
age: 305481
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94840
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 11 Aug 2024 21:36:20 GMT

GET
H2 200 blockUI.js Show response
core.turtella.ru/js/ 15 KB
6 KB 380ms
70ms Script
application/javascript 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://core.turtella.ru/js/blockUI.js
Requested by: Host: turtella.ru
URL: https://turtella.ru/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 75eaf9775a697a655efb57549fb1cb14a1b9752e266bc177e89b5e612a1a2f4d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://turtella.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 16 Aug 2023 10:27:41 GMT
content-encoding: gzip
x-amz-request-id: V7C3GWTQM3CHFJ50
x-cache: HIT
x-77-cache: HIT
x-age: 1019978
x-accel-date: 1691161683
x-amz-id-2: KHCZKkLgpML3xmifDFaSYlUBoXO9vdT99oAHEVqeVQbEQtNx7LV+/QEjbbcuSHnjlJDY89+tKks=
x-77-nzt: AcO1rydynuD/SpAPAA
x-accel-expires: @1692198483
last-modified: Sun, 08 Jan 2017 06:01:38 GMT
server: CDN77-Turbo
etag: W/"7aba13653387274769b199aa3ca3f8d3"
x-77-nzt-ray: 25b02131b2fdf7bd9da4dc64d8230c24
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 jquery.bpopup.min.js Show response
core.turtella.ru/js/ 5 KB
2 KB 411ms
102ms Script
application/javascript 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://core.turtella.ru/js/jquery.bpopup.min.js
Requested by: Host: turtella.ru
URL: https://turtella.ru/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 528885843a33c978d355be55c1d57337f34858ffb8fb6eecb7455d6c9d891113

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://turtella.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 16 Aug 2023 10:27:41 GMT
content-encoding: gzip
x-amz-request-id: V7CA0B0FN7M3PZE7
x-cache: HIT
x-77-cache: HIT
x-age: 1019978
x-accel-date: 1691161683
x-amz-id-2: mFI9XbLXciDarldsN+/oxtBJ2zAyPDrGrf6yts1P5NIvExWc+sQArFgjZGF1v3UylUhySMGaIA8=
x-77-nzt: AcO1ryfYzHj/SpAPAA
x-accel-expires: @1692198483
last-modified: Sun, 08 Jan 2017 06:01:38 GMT
server: CDN77-Turbo
etag: W/"490cdea7b5ee7ffe6a7577a7e6a4076c"
x-77-nzt-ray: 25b02131b2fdf7bd9da4dc642b771724
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 functions.js Show response
core.turtella.ru/js/ 55 KB
13 KB 427ms
118ms Script
application/x-javascript 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://core.turtella.ru/js/functions.js?version=5.17.1
Requested by: Host: turtella.ru
URL: https://turtella.ru/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: b99644c38763a03badb9641e2aa275d58fb0e9e686b93e8a11afd26196b744e3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://turtella.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 16 Aug 2023 10:27:41 GMT
content-encoding: gzip
x-amz-meta-jets3t-original-file-date-iso8601: 2018-02-19T04:14:06.474Z
x-amz-request-id: 7N8HYQG4K7ATKND2
x-cache: HIT
x-77-cache: HIT
x-amz-meta-md5-hash: ca2156b56b09b4298174f2b8e57b5929
x-age: 795581
x-accel-date: 1691386080
x-amz-id-2: afqwRNDrO9N69xMYlt2AebaIescKyXmbwzSlRFlENW0H0nnG+l2jl4SncvaPm9374KRrR7WhYL4=
x-77-nzt: AcO1rydQ3KT/vSMMAA
x-accel-expires: @1692422880
last-modified: Mon, 19 Feb 2018 04:14:24 GMT
server: CDN77-Turbo
etag: W/"ca2156b56b09b4298174f2b8e57b5929"
x-77-nzt-ray: 25b02131b2fdf7bd9da4dc64df611e24
vary: Accept-Encoding
content-type: application/x-javascript

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
875 B 220ms
102ms Script
text/javascript 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?hl=ru

Requested by

Host: turtella.ru
URL: https://turtella.ru/main

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fcae7eaed7f9674501a9b35fa826141d1a5075fd107af2a5a9830a9c6fd877a7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://turtella.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 10:27:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 555
x-xss-protection: 1; mode=block
expires: Wed, 16 Aug 2023 10:27:41 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 233 KB
81 KB 181ms
69ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-S4KFHKCKS8

Requested by

Host: turtella.ru
URL: https://turtella.ru/main

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cbc50bb55ec251fad1a7c080d283608ece8685cee12527e2469c29eea733c4ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://turtella.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 10:27:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82732
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 16 Aug 2023 10:27:41 GMT

GET
H2 200 logo.gif
core.turtella.ru/i/ 4 KB
4 KB 54ms
54ms Image
image/gif 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://core.turtella.ru/i/logo.gif
Requested by: Host: turtella.ru
URL: https://turtella.ru/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 01bb42da92b50ab72f164ecd06dfdd2dbcae13a71cab5b2686775e74684f57ea

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://turtella.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 16 Aug 2023 10:27:41 GMT
x-amz-request-id: 9JDQR59H43695CCF
x-cache: HIT
x-77-cache: HIT
x-age: 1019978
x-accel-date: 1691161683
content-length: 4103
x-amz-id-2: +9mYAgqHg7GJy5EaEXArO69fq1pcCPstyBgb1eGoX8ZT2a02qltijQXqW93nLq2YQDOH0WzTs2M=
x-77-nzt: AcO1rydxrYn/SpAPAA
x-accel-expires: @1692198483
last-modified: Sun, 08 Jan 2017 06:00:54 GMT
server: CDN77-Turbo
etag: "8d5c87534331685ed54c40ca5db2690d"
x-77-nzt-ray: 25b02131b2fdf7bd9da4dc6489cf312b
content-type: image/gif
accept-ranges: bytes

GET
H2 200 srch-icon.gif
core.turtella.ru/i/ 2 KB
2 KB 112ms
109ms Image
image/gif 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://core.turtella.ru/i/srch-icon.gif
Requested by: Host: turtella.ru
URL: https://turtella.ru/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 676318e1e48715cf21def311c8dc349ee2252ff47a7752bbd9287ef7ce7df416

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://turtella.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 16 Aug 2023 10:27:41 GMT
x-amz-request-id: ASHHWHCW0KKVVCR7
x-cache: HIT
x-77-cache: HIT
x-age: 73705
x-accel-date: 1692107956
content-length: 1641
x-amz-id-2: l3jJ1U6MZiFc3FNHW70CLqwnrkfJiMaFgu80/B46x+fIm56+bJZLdHbJm6DnuKIoLbUYitbdyrQ=
x-77-nzt: AcO1ryc+on3/6R8BAA
x-accel-expires: @1693144756
last-modified: Sun, 08 Jan 2017 06:00:54 GMT
server: CDN77-Turbo
etag: "8a87351052cab6b668ea85dc3001de11"
x-77-nzt-ray: 25b02131b2fdf7bd9da4dc641ba4072f
content-type: image/gif
accept-ranges: bytes

GET
H2 200 icon-vk.gif
core.turtella.ru/i/ 2 KB
2 KB 113ms
109ms Image
image/gif 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://core.turtella.ru/i/icon-vk.gif
Requested by: Host: turtella.ru
URL: https://turtella.ru/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 3b6815257ca6d70623322a49c33b5da9fad28eb223ad5a13ae9a8cc6cedb2616

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://turtella.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 16 Aug 2023 10:27:41 GMT
x-amz-request-id: ABCY5NC4VRZ5080H
x-cache: HIT
x-77-cache: HIT
x-age: 683604
x-accel-date: 1691498057
content-length: 1794
x-amz-id-2: dOfXyPrIvZV1GPEP2fSFkSw4nuPKxWS3wBEi0a5Myp4s9gE/BalFfGauENpvnc2cViQXUSOmLHw=
x-77-nzt: AcO1rydvUMn/VG4KAA
x-accel-expires: @1692534857
last-modified: Sun, 08 Jan 2017 06:00:54 GMT
server: CDN77-Turbo
etag: "313a43d7ed29fd676b17a583ab7c577a"
x-77-nzt-ray: 25b02131b2fdf7bd9da4dc6408670d2f
content-type: image/gif
accept-ranges: bytes

GET
H2 200 icon-ok.gif
core.turtella.ru/i/ 2 KB
2 KB 115ms
111ms Image
image/gif 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://core.turtella.ru/i/icon-ok.gif
Requested by: Host: turtella.ru
URL: https://turtella.ru/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: c4ff1b46d7ada0cbbb80e9bee8633c61b380bb2f46c9979fcc8b19df78ae33d5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://turtella.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 16 Aug 2023 10:27:41 GMT
x-amz-request-id: C926DDZANPE5VWFX
x-cache: HIT
x-77-cache: HIT
x-age: 1019978
x-accel-date: 1691161683
content-length: 1804
x-amz-id-2: rzZBEGU1YYa2cjntCqPSg9LNV2IMP0cwHofW/OlVC3sAnNRlmLf2aj2zs95A0iQEUastt2arOeA=
x-77-nzt: AcO1ryeYy33/SpAPAA
x-accel-expires: @1692198483
last-modified: Sun, 08 Jan 2017 06:00:54 GMT
server: CDN77-Turbo
etag: "6ffcef4bc4409b2e88b7aa1c5b12e6ce"
x-77-nzt-ray: 25b02131b2fdf7bd9da4dc648b56112f
content-type: image/gif
accept-ranges: bytes

GET
H2 200 icon-mm.gif
core.turtella.ru/i/ 2 KB
2 KB 116ms
113ms Image
image/gif 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://core.turtella.ru/i/icon-mm.gif
Requested by: Host: turtella.ru
URL: https://turtella.ru/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 8d9e06db9e393c1eaf5c4c45ba1cf40bc1d99529cbc0fffed00e36dab91aaa49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://turtella.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 16 Aug 2023 10:27:41 GMT
x-amz-request-id: 7DXX353ZHH28P21V
x-cache: HIT
x-77-cache: HIT
x-age: 1019978
x-accel-date: 1691161683
content-length: 1968
x-amz-id-2: En8o3SJHGzWH5YG05aOHQbWAm+KF2VjiBqp1iQ8L34Z6CO3I/9UpmpUeuqx1lWZMRBI8coWsaCI=
x-77-nzt: AcO1rycWRMn/SpAPAA
x-accel-expires: @1692198483
last-modified: Sun, 08 Jan 2017 06:00:54 GMT
server: CDN77-Turbo
etag: "8504fcafc9b08a76e669b3f9ab8d43b6"
x-77-nzt-ray: 25b02131b2fdf7bd9da4dc64d747162f
content-type: image/gif
accept-ranges: bytes

GET
H2 200 icon-fb.gif
core.turtella.ru/i/ 2 KB
2 KB 118ms
115ms Image
image/gif 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://core.turtella.ru/i/icon-fb.gif
Requested by: Host: turtella.ru
URL: https://turtella.ru/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: bfd9a264b48c9eb3119aebbf4b472151e8e109bc50ab2645adaac765177a0ada

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://turtella.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 16 Aug 2023 10:27:41 GMT
x-amz-request-id: 7DXWB8D46BWPAMNR
x-cache: HIT
x-77-cache: HIT
x-age: 1019978
x-accel-date: 1691161683
content-length: 1752
x-amz-id-2: v+985Ki23SzwMivSYnH/njyx5KCdjdU1ceAWpUyhAJ/goU9b8GsMMJOayNC5q8Q+uyIO4glXhKo=
x-77-nzt: AcO1ryerZOX/SpAPAA
x-accel-expires: @1692198483
last-modified: Sun, 08 Jan 2017 06:00:54 GMT
server: CDN77-Turbo
etag: "33f722dbf071e6d271077a98da8f1674"
x-77-nzt-ray: 25b02131b2fdf7bd9da4dc6499e01b2f
content-type: image/gif
accept-ranges: bytes

GET
H2 200 star.png
core.turtella.ru/img/ 563 B
979 B 120ms
117ms Image
image/png 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://core.turtella.ru/img/star.png
Requested by: Host: turtella.ru
URL: https://turtella.ru/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: a7ea96fa00a214a9b931bc7c6d21f1ffd82002485b74712198a62c23f4833dfe

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://turtella.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 16 Aug 2023 10:27:41 GMT
x-amz-request-id: 68WB3488955Z32GE
x-cache: HIT
x-77-cache: HIT
x-age: 508329
x-accel-date: 1691673332
content-length: 563
x-amz-id-2: 7Dt0NZxrOji2miL4+V3XetzUl+KopzHh6NL8cXaQbVdpBoR8aoK1kgMu4iXrr4xmKOpGYgDzzLk=
x-77-nzt: AcO1ryfAZdL/qcEHAA
x-accel-expires: @1692710132
last-modified: Sun, 08 Jan 2017 06:01:05 GMT
server: CDN77-Turbo
etag: "d8eb06f0db8b1a5176365dbc6233bc58"
x-77-nzt-ray: 25b02131b2fdf7bd9da4dc642442202f
content-type: image/png
accept-ranges: bytes

GET
H2 200 star2.png
core.turtella.ru/img/ 632 B
1 KB 120ms
117ms Image
image/png 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://core.turtella.ru/img/star2.png
Requested by: Host: turtella.ru
URL: https://turtella.ru/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 22deba5695aed3c3cf5cbe9d704037399d26cdbebc35ef9398be378e93d67ac1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://turtella.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 16 Aug 2023 10:27:41 GMT
x-amz-request-id: X056YQ4PFD2K7B27
x-cache: HIT
x-77-cache: HIT
x-age: 795953
x-accel-date: 1691385708
content-length: 632
x-amz-id-2: mgUcU1uLhLgKSbFJKBiovv7KUJ+z2/xxe8fCzmoNVRPSDvNJuBCProuXju7TYMdlgDSMX7gYBa4=
x-77-nzt: AcO1rydCHwH/MSUMAA
x-accel-expires: @1692422508
last-modified: Sun, 08 Jan 2017 06:01:05 GMT
server: CDN77-Turbo
etag: "96d250b0055c866f56844d16cd8ea424"
x-77-nzt-ray: 25b02131b2fdf7bd9da4dc642778242f
content-type: image/png
accept-ranges: bytes

GET
H2 200 star3.png
core.turtella.ru/img/ 714 B
1 KB 122ms
119ms Image
image/png 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://core.turtella.ru/img/star3.png
Requested by: Host: turtella.ru
URL: https://turtella.ru/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: c627bfabf9b6d0e559a01747c1f95e5ce420d3fed0ece1589cff320e364589c9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://turtella.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 16 Aug 2023 10:27:41 GMT
x-amz-request-id: B2C6R1CR4GN66A1D
x-cache: HIT
x-77-cache: HIT
x-age: 777617
x-accel-date: 1691404044
content-length: 714
x-amz-id-2: bPBHG2vrlXXPsMi4kcW4x/x9/8nFcXyKlCaweMOySTLNhWDZObbT3Jxjb1aNO6ufqtM/QDQRSfY=
x-77-nzt: AcO1ryfVjTP/kd0LAA
x-accel-expires: @1692440844
last-modified: Sun, 08 Jan 2017 06:01:05 GMT
server: CDN77-Turbo
etag: "933347b2f73c8a0bc6d0b7f744b2dfe7"
x-77-nzt-ray: 25b02131b2fdf7bd9da4dc641fab282f
content-type: image/png
accept-ranges: bytes

GET
H2 200 s152362.jpg
st.turtella.ru/photos/761/ 3 KB
4 KB 275ms
127ms Image
image/jpeg 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st.turtella.ru/photos/761/s152362.jpg
Requested by: Host: turtella.ru
URL: https://turtella.ru/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: fecd47dfc64dc422f69ce70511078c0735bad30736ef25bc6dc1bb1c3f5029bd

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://turtella.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 16 Aug 2023 10:27:41 GMT
x-amz-request-id: 2ENQS9Q2QZMB2HE5
x-cache: HIT
x-77-cache: HIT
x-age: 412747
x-accel-date: 1691768914
content-length: 3461
x-amz-id-2: UlEF7V9Pc63M9/C7FqJGDTNLSFJ6dS8a/WHwe44mqaBGZvbTFd77Ic9Bx7l5FzY4fvbwNGTPKfc=
x-77-nzt: AZySIYiFCs//S0wGAA
x-accel-expires: @1692805714
last-modified: Sun, 11 Dec 2022 00:42:03 GMT
server: CDN77-Turbo
etag: "7dc30a2318689e0260360493a1f12486"
x-77-nzt-ray: f6587a1d31fa1f9b9da4dc643e9f7834
content-type: image/jpeg
accept-ranges: bytes

GET
H2 200 s152354.jpg
st.turtella.ru/photos/761/ 5 KB
5 KB 311ms
164ms Image
image/jpeg 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st.turtella.ru/photos/761/s152354.jpg
Requested by: Host: turtella.ru
URL: https://turtella.ru/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 10bb30e8ef3123dd33350652f4863a093fda2b702485a8df6bab4ff1342c42fc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://turtella.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 16 Aug 2023 10:27:41 GMT
x-amz-request-id: 23XFXW3KYSDS86JF
x-cache: HIT
x-77-cache: HIT
x-age: 270634
x-accel-date: 1691911027
content-length: 4652
x-amz-id-2: d8tCruJjkMCmY2CfRSQpauNs8D5Cxy4g0AFnXJ0MIkETBZQmNthlKRrD/lAoU23TsiOZq4gLhns=
x-77-nzt: AZySIYhMSMb/KiEEAA
x-accel-expires: @1692947827
last-modified: Tue, 15 Nov 2022 19:18:06 GMT
server: CDN77-Turbo
etag: "9a8cc0577ee0cf674e57a29b99c129e1"
x-77-nzt-ray: f6587a1d31fa1f9b9da4dc648ed03037
content-type: image/jpeg
accept-ranges: bytes

GET
H2 200 s152241.jpg
st.turtella.ru/photos/761/ 5 KB
5 KB 312ms
164ms Image
image/jpeg 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st.turtella.ru/photos/761/s152241.jpg
Requested by: Host: turtella.ru
URL: https://turtella.ru/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: be60d08e8109d66ecce232e07b378bad8ee4fe22b83e03a4d2d062ead7886dc1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://turtella.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 16 Aug 2023 10:27:41 GMT
x-amz-request-id: PT390GJ88YE8E4N7
x-cache: HIT
x-77-cache: HIT
x-age: 702800
x-accel-date: 1691478861
content-length: 5122
x-amz-id-2: e1pfAaGKDy/Z6Fx/TC0Kpcq9lYh5gZCfiw0WbsWIAVryecZYP/Q7dz6QZoPeyYqv69ug7bcuzBQ=
x-77-nzt: AZySIYjz/m//ULkKAA
x-accel-expires: @1692515661
last-modified: Thu, 02 Sep 2021 15:58:14 GMT
server: CDN77-Turbo
etag: "42d0300ee7bc0998827de203152bd433"
x-77-nzt-ray: f6587a1d31fa1f9b9da4dc641f533837
content-type: image/jpeg
accept-ranges: bytes

GET
H2 200 s152126.jpg
st.turtella.ru/photos/760/ 54 KB
54 KB 299ms
152ms Image
image/jpeg 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st.turtella.ru/photos/760/s152126.jpg
Requested by: Host: turtella.ru
URL: https://turtella.ru/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: f0db486317b3e43f2bf794b1fa79d3ea3eeab6bfd84ec09a24d3aa6023119898

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://turtella.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 16 Aug 2023 10:27:41 GMT
x-amz-request-id: JY7W895Y85W88NC8
x-cache: HIT
x-77-cache: HIT
x-age: 397284
x-accel-date: 1691784377
content-length: 54824
x-amz-id-2: MCezduGDLIJBsKTdwrspaY2xIsWs50i8J/eWgf3omPOFK4X43jNOlWG62V+UQ/WN4FUa9gauoO0=
x-77-nzt: AZySIYjkkoz/5A8GAA
x-accel-expires: @1692821177
last-modified: Sun, 18 Oct 2020 17:30:41 GMT
server: CDN77-Turbo
etag: "08f677d0a04726c54990b799a9d158e9"
x-77-nzt-ray: f6587a1d31fa1f9b9da4dc647f048234
content-type: image/jpeg
accept-ranges: bytes

GET
H2 200 s152119.jpg
st.turtella.ru/photos/760/ 5 KB
6 KB 312ms
165ms Image
image/jpeg 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st.turtella.ru/photos/760/s152119.jpg
Requested by: Host: turtella.ru
URL: https://turtella.ru/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: c1199b7078cf98e8ba10c17f6c5bb80bfea88238220deb9610dfa30515020c57

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://turtella.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 16 Aug 2023 10:27:41 GMT
x-amz-request-id: TB1RKKB20NWB6CZW
x-cache: HIT
x-77-cache: HIT
x-age: 772761
x-accel-date: 1691408900
content-length: 5455
x-amz-id-2: HnWA42rErj7k7EjX3ZO7Nuy09QcTEAqgkCHZjZjNi5gIq/GLqIuxTuWDBsV1sNWSe9GKVraVDEc=
x-77-nzt: AZySIYgVKjf/mcoLAA
x-accel-expires: @1692445700
last-modified: Thu, 03 Sep 2020 14:00:42 GMT
server: CDN77-Turbo
etag: "91141056383df57eecd4675b0bef6e86"
x-77-nzt-ray: f6587a1d31fa1f9b9da4dc64103c3f37
content-type: image/jpeg
accept-ranges: bytes

GET
H2 200 s152048.jpg
st.turtella.ru/photos/760/ 26 KB
27 KB 312ms
165ms Image
image/jpeg 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st.turtella.ru/photos/760/s152048.jpg
Requested by: Host: turtella.ru
URL: https://turtella.ru/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 2dba53c45f5fb78811bd27bc86846a6646758adf3ab6d15f20bb746768640a13

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://turtella.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 16 Aug 2023 10:27:41 GMT
x-amz-request-id: T1P47MRES2FBVPRN
x-cache: HIT
x-77-cache: HIT
x-age: 370840
x-accel-date: 1691810821
content-length: 27066
x-amz-id-2: HOT8fwfOMZo4GimREtGtrY/h+xfUBpSCHiYwGP0wdL5NGrB5Rk2oaZ0FNjWhquYJjb3pEYBKfBQ=
x-77-nzt: AZySIYhnG/3/mKgFAA
x-accel-expires: @1692847621
last-modified: Tue, 24 Dec 2019 12:09:21 GMT
server: CDN77-Turbo
etag: "da2380c9ecd9b19f22d9e5986727b7aa"
x-77-nzt-ray: f6587a1d31fa1f9b9da4dc643c8e4637
content-type: image/jpeg
accept-ranges: bytes

GET
H2 200 s152037.jpg
st.turtella.ru/photos/760/ 31 KB
31 KB 99ms
98ms Image
image/jpeg 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st.turtella.ru/photos/760/s152037.jpg
Requested by: Host: turtella.ru
URL: https://turtella.ru/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 30cd056ec0e2ce2af45b0bdd96f4898ac439cfbdadedc7131132509042ab4195

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://turtella.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 16 Aug 2023 10:27:41 GMT
x-amz-request-id: Q24EZFF1T8VCW956
x-cache: HIT
x-77-cache: HIT
x-age: 433728
x-accel-date: 1691747933
content-length: 31326
x-amz-id-2: aJthZQCHZ77e5uyFu3G0WterRGRFisLw705eUDp502VHw8p37/s7KnrjflC60nwOqhuevOfcCVY=
x-77-nzt: AZySIYhBbDT/QJ4GAA
x-accel-expires: @1692784733
last-modified: Tue, 17 Dec 2019 11:37:01 GMT
server: CDN77-Turbo
etag: "3bd175186b71cb1f8bfaf03246f26823"
x-77-nzt-ray: f6587a1d31fa1f9b9da4dc64b3963e38
content-type: image/jpeg
accept-ranges: bytes

GET
H2 200 s152000.jpg
st.turtella.ru/photos/760/ 14 KB
15 KB 99ms
99ms Image
image/jpeg 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st.turtella.ru/photos/760/s152000.jpg
Requested by: Host: turtella.ru
URL: https://turtella.ru/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 11df8f44207ab94b1a63905e12997b4c34deff2f0f2649729dc878def420ff7b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://turtella.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 16 Aug 2023 10:27:41 GMT
x-amz-request-id: TB1TFSXQVMM0P59E
x-cache: HIT
x-77-cache: HIT
x-age: 772761
x-accel-date: 1691408900
content-length: 14481
x-amz-id-2: rKs5HAlhT69DQzzliBoE3YHY7o3Hsx0mKcawq6q4BYhw2EvUZUAZ1IoXpgasGt+zSx8Y3y7iKyY=
x-77-nzt: AZySIYhbj3LvmcoLAA
x-accel-expires: @1692445700
last-modified: Fri, 30 Aug 2019 02:43:02 GMT
server: CDN77-Turbo
etag: "a90fdc3e329629581e25ed6ea00cea3c"
x-77-nzt-ray: f6587a1d31fa1f9b9da4dc6434065038
content-type: image/jpeg
accept-ranges: bytes

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 148 KB
50 KB 277ms
149ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: turtella.ru
URL: https://turtella.ru/main

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4e10decd94169d7d1f15e05bf8dacf4bdbf25589429a518923db6ece46285db4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://turtella.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 10:27:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50984
x-xss-protection: 0
server: cafe
etag: 13342563292366995977
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 16 Aug 2023 10:27:41 GMT

GET
H2 200 s100018.jpg
st.turtella.ru/photos/500/ 5 KB
5 KB 244ms
124ms Image
image/jpeg 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st.turtella.ru/photos/500/s100018.jpg
Requested by: Host: turtella.ru
URL: https://turtella.ru/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: f81a1fccf1bc9809048bb8bfdff0983cfbea477925fa72f8089e3499adf3451b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://turtella.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 16 Aug 2023 10:27:41 GMT
x-amz-request-id: HR469XDRJ13KSPD0
x-cache: HIT
x-77-cache: HIT
x-age: 15349
x-accel-date: 1692166312
content-length: 4861
x-amz-id-2: rZx3B0CfSpx81RULIQNqkGRvECM9W50YtwdaXhSd9K6zQDcPA8FCyfzH4tcGnfu9DkWagbSJ5jc=
x-77-nzt: AZySIYh9bD3/9TsAAA
x-accel-expires: @1693203112
last-modified: Sun, 01 Jan 2017 02:14:39 GMT
server: CDN77-Turbo
etag: "5a5631f0b0a22c6b98d85de9a9299efa"
x-77-nzt-ray: f6587a1d31fa1f9b9da4dc64406f7134
content-type: image/jpeg
accept-ranges: bytes

GET
H2 200 s132980.jpg
st.turtella.ru/photos/664/ 21 KB
21 KB 230ms
110ms Image
image/jpeg 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st.turtella.ru/photos/664/s132980.jpg
Requested by: Host: turtella.ru
URL: https://turtella.ru/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 2cf3ec10a36afbac4d9c01d8842db1dfea3cfcede2d1741a923c58f21ca9c383

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://turtella.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 16 Aug 2023 10:27:41 GMT
x-amz-request-id: KEFHEK6Z3P0B22MQ
x-cache: HIT
x-77-cache: HIT
x-age: 10819
x-accel-date: 1692170842
content-length: 21151
x-amz-id-2: W2PMPvxSx2szUkLz8eGgqJ+noGvd8jh1zXV0xHiy0nvJ1eNzR8d6X2MyPHY7uwLiCS5+OzeWCg0=
x-77-nzt: AZySIYh+hvz/QyoAAA
x-accel-expires: @1693207642
last-modified: Sun, 01 Jan 2017 03:00:07 GMT
server: CDN77-Turbo
etag: "a0e83847ae09d71a614696c5ffdd2086"
x-77-nzt-ray: f6587a1d31fa1f9b9da4dc64ebe75334
content-type: image/jpeg
accept-ranges: bytes

GET
H2 200 s110472.jpg
st.turtella.ru/photos/552/ 7 KB
7 KB 477ms
357ms Image
image/jpeg 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st.turtella.ru/photos/552/s110472.jpg
Requested by: Host: turtella.ru
URL: https://turtella.ru/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: f7d2f97b0ef2b5fca5c32fcf993ca078a0ef31e62ac495b4442256cc211aa388

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://turtella.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-77-nzt: AZySIYhiOemh
x-77-pop: frankfurtDE
date: Wed, 16 Aug 2023 10:27:42 GMT
last-modified: Sun, 01 Jan 2017 02:30:39 GMT
server: CDN77-Turbo
x-amz-request-id: 6ZYPD7KBN64G8YK1
etag: "c755a5f378305ded06f0cdbc63bd6586"
x-77-nzt-ray: f6587a1d31fa1f9b9da4dc644b216434
x-cache: MISS
content-type: image/jpeg
x-77-cache: MISS
accept-ranges: bytes
content-length: 6690
x-amz-id-2: zGxIzVCObxX/sWRGxj4Fqrtsc9WV9z0WXsmgGxeqreVKR+4OYotM7KlagarumQOqNsdE1efDK+I=

GET
H2 200 s84660.jpg
st.turtella.ru/photos/423/ 7 KB
8 KB 186ms
66ms Image
image/jpeg 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st.turtella.ru/photos/423/s84660.jpg
Requested by: Host: turtella.ru
URL: https://turtella.ru/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: f5ea6a27e2579110bc0b18f12828c5a0824e746a8e612948d644492be06d177c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://turtella.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 16 Aug 2023 10:27:41 GMT
x-amz-request-id: AW06AC8P83A7HTNT
x-cache: HIT
x-77-cache: HIT
x-age: 16698
x-accel-date: 1692164963
content-length: 7421
x-amz-id-2: 5/r7wNqbs/MbZ7oTaXGqvUi343aNbyqNF3Hz2B+4GHtPgODXDZl6gmY3URlfmsyRccgM74RrXm8=
x-77-nzt: AZySIYg4YQH/OkEAAA
x-accel-expires: @1693201763
last-modified: Sun, 01 Jan 2017 01:52:33 GMT
server: CDN77-Turbo
etag: "4fa4d4311588be261da2efb89beab919"
x-77-nzt-ray: f6587a1d31fa1f9b9da4dc64e5eb4434
content-type: image/jpeg
accept-ranges: bytes

GET
H2 200 s5537.jpg
st.turtella.ru/photos/27/ 5 KB
5 KB 530ms
410ms Image
image/jpeg 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st.turtella.ru/photos/27/s5537.jpg
Requested by: Host: turtella.ru
URL: https://turtella.ru/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 6cc3ebfb30c7f44ea17d0b8ff3aca5cb2e6710e62d0da7c5ecb35a65f6ae4802

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://turtella.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-77-nzt: AZySIYhaFxeh
x-77-pop: frankfurtDE
date: Wed, 16 Aug 2023 10:27:42 GMT
last-modified: Sun, 01 Jan 2017 01:15:26 GMT
server: CDN77-Turbo
x-amz-request-id: 6ZYK7GYGWG2V6E30
etag: "f05a8b1191ab40468d86bfe26286351b"
x-77-nzt-ray: f6587a1d31fa1f9b9da4dc641afc6d34
x-cache: MISS
content-type: image/jpeg
x-77-cache: MISS
accept-ranges: bytes
content-length: 5207
x-amz-id-2: VteI4Hsn3SHeJRw9Zx472+sts4dAlhbw7iahwdt+wcUQq3UbP2Xp9/imUz5NUUT3IR7fq61kYdk=

GET
H2 200 s129282.jpg
st.turtella.ru/photos/646/ 6 KB
7 KB 433ms
313ms Image
image/jpeg 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st.turtella.ru/photos/646/s129282.jpg
Requested by: Host: turtella.ru
URL: https://turtella.ru/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 1c78bd552942864082516a0c2d16b7a0e4d7b0d924a35673702eea3175907f44

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://turtella.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-77-nzt: AZySIYhja2ih
x-77-pop: frankfurtDE
date: Wed, 16 Aug 2023 10:27:42 GMT
last-modified: Sun, 01 Jan 2017 02:56:20 GMT
server: CDN77-Turbo
x-amz-request-id: 6ZYP1D1SH5ECF6XV
etag: "0ece3ef6d0fe1c204391d8e7b0da2727"
x-77-nzt-ray: f6587a1d31fa1f9b9da4dc6498886b34
x-cache: MISS
content-type: image/jpeg
x-77-cache: MISS
accept-ranges: bytes
content-length: 6305
x-amz-id-2: 2YOdLuIqVlMJVP0/82zHyrn0RYgP8zHY6TQPaR/SJcUvT23TU6YCIXyo3iw69tuL8vWSZFTTm0E=

GET
H2 200 i.gif
core.turtella.ru/img/ 43 B
456 B 121ms
120ms Image
image/gif 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://core.turtella.ru/img/i.gif
Requested by: Host: turtella.ru
URL: https://turtella.ru/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://turtella.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 16 Aug 2023 10:27:41 GMT
x-amz-request-id: 8YDREZGK0HE0ZEQQ
x-cache: HIT
x-77-cache: HIT
x-age: 1019978
x-accel-date: 1691161683
content-length: 43
x-amz-id-2: ZJshpDUksevAscOsIJEvT+BpMQ81AEGo98Oq1baGaGErZedMOw3tBpw4ce3VZ81Qx8pMgQRjokA=
x-77-nzt: AcO1rydfE/7/SpAPAA
x-accel-expires: @1692198483
last-modified: Sun, 08 Jan 2017 06:01:03 GMT
server: CDN77-Turbo
etag: "325472601571f31e1bf00674c368d335"
x-77-nzt-ray: 25b02131b2fdf7bd9da4dc64c80c2c2f
content-type: image/gif
accept-ranges: bytes

GET
H2 200 closeBtn.gif
core.turtella.ru/img/ 111 B
527 B 122ms
120ms Image
image/gif 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://core.turtella.ru/img/closeBtn.gif
Requested by: Host: turtella.ru
URL: https://turtella.ru/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 09c703fc6b74daf9ee9922485961462286899d0560f5528fea71c6467a3e47c2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://turtella.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 16 Aug 2023 10:27:41 GMT
x-amz-request-id: 7DXY37EDD2P12MNP
x-cache: HIT
x-77-cache: HIT
x-age: 1017678
x-accel-date: 1691163983
content-length: 111
x-amz-id-2: jBgV/ssYEKOXFT4Q4/5vhuewTJRkcRF+SunpO4N6hqBM1UaPqI27tYjfVHPtISBIX6CrHOPoFq4=
x-77-nzt: AcO1rydyqqz/TocPAA
x-accel-expires: @1692200783
last-modified: Sun, 08 Jan 2017 06:01:02 GMT
server: CDN77-Turbo
etag: "55455893d7a850f94a7126ef67069111"
x-77-nzt-ray: 25b02131b2fdf7bd9da4dc6410672f2f
content-type: image/gif
accept-ranges: bytes

GET
H2 200 recaptcha__ru.js Show response
www.gstatic.com/recaptcha/releases/3kTz7WGoZLQTivI-amNftGZO/ 472 KB
180 KB 166ms
52ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/3kTz7WGoZLQTivI-amNftGZO/recaptcha__ru.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=ru

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6dd719bc66e94884a02c878a4ba4c963e313d6c2bcdfdc4e56ddc5fc51a49269

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://turtella.ru/
Origin: https://turtella.ru
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 16:15:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65529
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 184166
x-xss-protection: 0
last-modified: Sun, 06 Aug 2023 12:02:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 14 Aug 2024 16:15:32 GMT

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?t57.6;r;s1600*1200*24;uhttps%3A//turtella.ru/main;0.8653468604884322
https://counter.yadro.ru/hit?q;t57.6;r;s1600*1200*24;uhttps%3A//turtella.ru/main;0.8653468604884322

911 B
1 KB

91ms
91ms

Image
image/gif

88.212.202.52
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;t57.6;r;s1600*1200*24;uhttps%3A//turtella.ru/main;0.8653468604884322

Requested by

Host: turtella.ru
URL: https://turtella.ru/main

Protocol

HTTP/1.1

Server

88.212.202.52 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host152.rax.ru

Software

nginx/1.17.9 /

Resource Hash

07af4360c2212cdb2437994bbb1cb31c63d0811357f21593893ecf0214c21f07

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://turtella.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Aug 2023 10:27:42 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: image/gif
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Length: 911
Expires: Mon, 15 Aug 2022 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 16 Aug 2023 10:27:41 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: text/html
Location: https://counter.yadro.ru/hit?q;t57.6;r;s1600*1200*24;uhttps%3A//turtella.ru/main;0.8653468604884322
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Length: 32
Expires: Mon, 15 Aug 2022 21:00:00 GMT

GET
H2 200 count.php
click.topturizm.ru/ 696 B
1022 B 522ms
136ms Image
image/gif 95.182.108.142
DATA-CHEAP-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://click.topturizm.ru/count.php?0.7287972123202942&s=13538&im=10&r=&pg=https%3A//turtella.ru/main&c=Y&j=N&wh=1600x1200&px=24&js=1.3&
Requested by: Host: turtella.ru
URL: https://turtella.ru/main
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.182.108.142 Moscow, Russian Federation, ASN213220 (DATA-CHEAP-AS, RU),
Reverse DNS
Software: nginx/1.20.1 / PHP/5.6.40
Resource Hash: 9a0b6199ceb05d6ccf0f1bb2aacc69e2bb58b1b107ccba0c46900a7ad401bbb1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://turtella.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 16 Aug 2023 10:27:42 GMT
cache-control: no-cache
server: nginx/1.20.1
x-powered-by: PHP/5.6.40
p3p: policyref="http://click.topturizm.ru/w3c/p3p2.xml", CP="NON CURa ADMa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV INT"

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ 168 KB
59 KB 377ms
187ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: turtella.ru
URL: https://turtella.ru/main

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

0c8b1f98b3af7160b780dfac0e91ab579d16130a518fb98d402efa1733894d58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://turtella.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 10:27:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Thu, 10 Aug 2023 13:02:56 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "64d4b5d0-eb67"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 60263
expires: Wed, 16 Aug 2023 11:27:41 GMT

GET
H2 200 icon-login.gif
core.turtella.ru/i/ 1 KB
2 KB 115ms
114ms Image
image/gif 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://core.turtella.ru/i/icon-login.gif
Requested by: Host: core.turtella.ru
URL: https://core.turtella.ru/main.css?version=5.17.1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 08a8e9d901d3eddf02820341236ce5331d3dc2c8fead2ef239724a7eee038b7b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://core.turtella.ru/main.css?version=5.17.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 16 Aug 2023 10:27:41 GMT
x-amz-request-id: Z2D16NYSQG42ENZD
x-cache: HIT
x-77-cache: HIT
x-age: 1019245
x-accel-date: 1691162416
content-length: 1399
x-amz-id-2: stSHDW9UZ2urgxFA7tpdSrFFhGMWt7bUC3gcCIcAbDsRIB1UF0lk+cWvtky7t0GA8JE10lSilVo=
x-77-nzt: AcO1rycdbfn/bY0PAA
x-accel-expires: @1692199216
last-modified: Sun, 08 Jan 2017 06:00:54 GMT
server: CDN77-Turbo
etag: "7b0ad5c69a4ca1c882020549c19d9e3d"
x-77-nzt-ray: 25b02131b2fdf7bd9da4dc644cf5342f
content-type: image/gif
accept-ranges: bytes

GET
H2 200 icon-registration.gif
core.turtella.ru/i/ 2 KB
2 KB 115ms
114ms Image
image/gif 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://core.turtella.ru/i/icon-registration.gif
Requested by: Host: core.turtella.ru
URL: https://core.turtella.ru/main.css?version=5.17.1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: b9d1b8d0b742dc4e5747f2cfc316bd01cdbcbf2cebbde1119fd862365110eca8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://core.turtella.ru/main.css?version=5.17.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 16 Aug 2023 10:27:41 GMT
x-amz-request-id: 2C5FWZJJRSWJY6T5
x-cache: HIT
x-77-cache: HIT
x-age: 682694
x-accel-date: 1691498967
content-length: 1594
x-amz-id-2: QrzG3oUHXPXB3EzUe1qXSI2LOJvktszonQlK8lLvAhdXpWra8kBnh48JGZ5ZgLUfKS6LPfZgkfI=
x-77-nzt: AcO1ryc1Tov/xmoKAA
x-accel-expires: @1692535767
last-modified: Sun, 08 Jan 2017 06:00:54 GMT
server: CDN77-Turbo
etag: "49bf2c5e79022802b579576e2ff54381"
x-77-nzt-ray: 25b02131b2fdf7bd9da4dc64b145392f
content-type: image/gif
accept-ranges: bytes

GET
H2 200 mnu-sep.gif
core.turtella.ru/i/ 1 KB
1 KB 117ms
116ms Image
image/gif 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://core.turtella.ru/i/mnu-sep.gif
Requested by: Host: core.turtella.ru
URL: https://core.turtella.ru/main.css?version=5.17.1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 3d444842ec16475498126a2314ead7741fa00a53455e8d59800b5a70b340ade6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://core.turtella.ru/main.css?version=5.17.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 16 Aug 2023 10:27:41 GMT
x-amz-request-id: W4HD5ADQHNTWK5VT
x-cache: HIT
x-77-cache: HIT
x-age: 525675
x-accel-date: 1691655986
content-length: 1097
x-amz-id-2: kYnXCez1rQyfOxx9xFrlozHDNm4K9P9b3P7Lk/EvfvpOpfM0yzd/gn/J5vUIAp4bHU3X+IZ6Qrk=
x-77-nzt: AcO1ryecxof/awUIAA
x-accel-expires: @1692692786
last-modified: Sun, 08 Jan 2017 06:00:54 GMT
server: CDN77-Turbo
etag: "0314b45e606d5404db7db504d1ab2ce1"
x-77-nzt-ray: 25b02131b2fdf7bd9da4dc64f0143e2f
content-type: image/gif
accept-ranges: bytes

GET
H2 200 lmnu.gif
core.turtella.ru/i/ 1 KB
1 KB 120ms
119ms Image
image/gif 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://core.turtella.ru/i/lmnu.gif
Requested by: Host: core.turtella.ru
URL: https://core.turtella.ru/main.css?version=5.17.1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 181bc8da495ec8323917af345dc3995b4cdf16ca632f00c96ced42671f2ef476

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://core.turtella.ru/main.css?version=5.17.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 16 Aug 2023 10:27:41 GMT
x-amz-request-id: Z2D6KNGX9N6S8YXW
x-cache: HIT
x-77-cache: HIT
x-age: 1019245
x-accel-date: 1691162416
content-length: 1097
x-amz-id-2: R73HKKvG13fmsqxu5cSl3/bqYXnxp/TAkY2Qj16m9S6bS22f7dfotP8kDFQ7PH19P6D93SiSeLM=
x-77-nzt: AcO1ryc9JQz/bY0PAA
x-accel-expires: @1692199216
last-modified: Sun, 08 Jan 2017 06:00:54 GMT
server: CDN77-Turbo
etag: "f9054e95606b2745fd07ea46be2895c2"
x-77-nzt-ray: 25b02131b2fdf7bd9da4dc64f224422f
content-type: image/gif
accept-ranges: bytes

GET
H2 200 ico_reply3.gif
core.turtella.ru/img/ 180 B
595 B 119ms
119ms Image
image/gif 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://core.turtella.ru/img/ico_reply3.gif
Requested by: Host: core.turtella.ru
URL: https://core.turtella.ru/main.css?version=5.17.1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 199d921fa72f9628a6eba98583b3e9da3e9684319387161d845241ce3e7edda6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://core.turtella.ru/main.css?version=5.17.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 16 Aug 2023 10:27:41 GMT
x-amz-request-id: GF3BRGKXA4451THX
x-cache: HIT
x-77-cache: HIT
x-age: 276482
x-accel-date: 1691905179
content-length: 180
x-amz-id-2: aZzg37Y+cNteA612GZkVTwF+deMMnvO3iMQFQoCmJYxhxiyq6jLVO8dqTFAQFAgpu5/Ua0lwj3U=
x-77-nzt: AcO1ryeUQwz/AjgEAA
x-accel-expires: @1692941979
last-modified: Sun, 08 Jan 2017 06:01:03 GMT
server: CDN77-Turbo
etag: "e02a7ccf67a8e39c29e5872565f2c5c9"
x-77-nzt-ray: 25b02131b2fdf7bd9da4dc64e0f0452f
content-type: image/gif
accept-ranges: bytes

GET
H2 200 bot-line1.png
core.turtella.ru/img/ 651 B
1 KB 119ms
119ms Image
image/png 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://core.turtella.ru/img/bot-line1.png
Requested by: Host: core.turtella.ru
URL: https://core.turtella.ru/main.css?version=5.17.1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: e7707b1c7479908cb3e5523a048c639ccf5ffa425fedb08f05371c40405cc88e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://core.turtella.ru/main.css?version=5.17.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 16 Aug 2023 10:27:41 GMT
x-amz-request-id: STHG3EHEP04Z6Z4V
x-cache: HIT
x-77-cache: HIT
x-age: 1018152
x-accel-date: 1691163509
content-length: 651
x-amz-id-2: G75GZU9saPQCxh7ZQ7bdHuCqejvmHMN1kzOhAaCnlaZFFIHu9sEoo7PZuRvYaY8Z0FOxWZFQTWs=
x-77-nzt: AcO1ryfswGL/KIkPAA
x-accel-expires: @1692200309
last-modified: Sun, 08 Jan 2017 06:01:02 GMT
server: CDN77-Turbo
etag: "de87d62d0ef12cfe110918b249308748"
x-77-nzt-ray: 25b02131b2fdf7bd9da4dc6495094d2f
content-type: image/png
accept-ranges: bytes

GET
H2 200 bot-line2.jpg
core.turtella.ru/img/ 1 KB
2 KB 119ms
119ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://core.turtella.ru/img/bot-line2.jpg
Requested by: Host: core.turtella.ru
URL: https://core.turtella.ru/main.css?version=5.17.1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 2ae72651ea5c44a9f869e79692d53f42f2458d210580cd567e4b047af49c8cd6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://core.turtella.ru/main.css?version=5.17.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 16 Aug 2023 10:27:41 GMT
x-amz-request-id: K01Z9SW564CJA7A2
x-cache: HIT
x-77-cache: HIT
x-age: 1017415
x-accel-date: 1691164246
content-length: 1230
x-amz-id-2: Xkm7o+XdUzHsZSQGFjflqNObU/fa9AIhOQmY9cDci+D1QVm+WQ9BDqDU+T//kFEhBockSGA7d3g=
x-77-nzt: AcO1ryfVrBP/R4YPAA
x-accel-expires: @1692201046
last-modified: Sun, 08 Jan 2017 06:01:02 GMT
server: CDN77-Turbo
etag: "653ebed906ef83ae65d723448f6693a4"
x-77-nzt-ray: 25b02131b2fdf7bd9da4dc64a221512f
content-type: image/jpeg
accept-ranges: bytes

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
fonts.gstatic.com/s/opensans/v35/ 26 KB
26 KB 245ms
129ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700&subset=latin,cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

600130a0fc244c82240330b3d0e4d9a592ca6523cf0509f16e3e1a3da0eebbab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://turtella.ru
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 21:10:34 GMT
x-content-type-options: nosniff
age: 479827
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26616
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 09 Aug 2024 21:10:34 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ 47 KB
48 KB 167ms
52ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700&subset=latin,cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://turtella.ru
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 09:02:59 GMT
x-content-type-options: nosniff
age: 437082
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48412
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Aug 2024 09:02:59 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
242 B 183ms
64ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-S4KFHKCKS8&gtm=45je3890&_p=99077064&cid=432699938.1692181662&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1692181662&sct=1&seg=0&dl=https%3A%2F%2Fturtella.ru%2Fmain&dt=%D0%9E%D1%82%D0%B7%D1%8B%D0%B2%D1%8B%20%D0%BE%D0%B1%20%D0%BE%D1%82%D0%B5%D0%BB%D1%8F%D1%85%20%D0%B8%20%D1%80%D0%B0%D1%81%D1%81%D0%BA%D0%B0%D0%B7%D1%8B%20%D1%82%D1%83%D1%80%D0%B8%D1%81%D1%82%D0%BE%D0%B2&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S4KFHKCKS8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://turtella.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 10:27:42 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://turtella.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/ 369 KB
125 KB 133ms
132ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2527231214147379&plah=turtella.ru

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

59d51c4dafdd0b3654b723f7057e6aa41dbbfaed91deb2ae74d0fe100619e2e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://turtella.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 10:27:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128227
x-xss-protection: 0
server: cafe
etag: 4356914331755481875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 16 Aug 2023 10:27:42 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230810/r20190131/ Frame E9CD 10 KB
5 KB 176ms
57ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230810/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://turtella.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 7213
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 16 Aug 2023 08:27:29 GMT
etag: 12368291122986407432
expires: Wed, 30 Aug 2023 08:27:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10097.d2mzlWA_F1dOP73twM-KTjBQfrLVAO-kROYF_kg1HPvJRfF6P1yTyRbYow2z1G9r.gtUCgwpL-GGXNwup9UuXiRpXT4o%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10097.miQqXWU_X9y5-ncWFu363O6LS9IGVax3YCcVPNKP8FBk9UH53TL5rb_YeYUNRNvC3wCmJlMYrfjLSDfzCBBcGkinJrpb34AtnYIYEnCc2H8%2C.2490lNcDu-9JTLMgPyzMzHpacqI%2C

43 B
67 B

94ms
94ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=10097.miQqXWU_X9y5-ncWFu363O6LS9IGVax3YCcVPNKP8FBk9UH53TL5rb_YeYUNRNvC3wCmJlMYrfjLSDfzCBBcGkinJrpb34AtnYIYEnCc2H8%2C.2490lNcDu-9JTLMgPyzMzHpacqI%2C

Requested by

Host: turtella.ru
URL: https://turtella.ru/main

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://turtella.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 10:27:42 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=10097.miQqXWU_X9y5-ncWFu363O6LS9IGVax3YCcVPNKP8FBk9UH53TL5rb_YeYUNRNvC3wCmJlMYrfjLSDfzCBBcGkinJrpb34AtnYIYEnCc2H8%2C.2490lNcDu-9JTLMgPyzMzHpacqI%2C
date: Wed, 16 Aug 2023 10:27:42 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
162 B 94ms
94ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: turtella.ru
URL: https://turtella.ru/main

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://turtella.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 10:27:42 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 10 Aug 2023 13:02:56 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "64d4b5d0-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Wed, 16 Aug 2023 11:27:42 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 389 B
601 B 178ms
63ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=turtella.ru&callback=_gfp_s_&client=ca-pub-2527231214147379

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2527231214147379&plah=turtella.ru

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49d13c6769df34edd2d4bbdb21ebb61d2ee5e71a19acf670f3e7f6fb17fb37ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://turtella.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 10:27:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 250
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 578B 260 KB
66 KB 1099ms
1098ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2527231214147379&output=html&adk=264356386&adf=4279258763&lmt=1692178062&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fturtella.ru%2Fmain&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692181662081&bpp=3&bdt=816&idt=239&shv=r20230810&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8467847889206&frm=20&pv=2&ga_vid=432699938.1692181662&ga_sid=1692181662&ga_hid=99077064&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077148&oid=2&pvsid=2996708598079933&tmod=821911690&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=261

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

90e11a767d497fb26076ca2b083015392e504571def0105f891ad72277465e29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://turtella.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 67222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 16 Aug 2023 10:27:43 GMT
expires: Wed, 16 Aug 2023 10:27:43 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F827 144 KB
44 KB 684ms
683ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2527231214147379&output=html&h=280&slotname=3497672943&adk=286206994&adf=3413030609&pi=t.ma~as.3497672943&w=748&fwrn=4&fwrnh=100&lmt=1692178062&rafmt=1&format=748x280&url=https%3A%2F%2Fturtella.ru%2Fmain&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692181662084&bpp=2&bdt=820&idt=263&shv=r20230810&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8467847889206&frm=20&pv=1&ga_vid=432699938.1692181662&ga_sid=1692181662&ga_hid=99077064&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=371&ady=1688&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077148&oid=2&pvsid=2996708598079933&tmod=821911690&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=GYs1I5CK7K&p=https%3A//turtella.ru&dtd=267

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

357bbc5a921f25891368c77d2f2ed3409dd3541d66cd3f85aaba3244fe2271e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://turtella.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 44654
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 16 Aug 2023 10:27:42 GMT
expires: Wed, 16 Aug 2023 10:27:42 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame EF98 119 KB
40 KB 740ms
739ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2527231214147379&output=html&h=280&slotname=2184591276&adk=1776695755&adf=4290593704&pi=t.ma~as.2184591276&w=748&fwrn=4&fwrnh=100&lmt=1692178062&rafmt=1&format=748x280&url=https%3A%2F%2Fturtella.ru%2Fmain&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692181662086&bpp=1&bdt=821&idt=272&shv=r20230810&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C748x280&nras=1&correlator=8467847889206&frm=20&pv=1&ga_vid=432699938.1692181662&ga_sid=1692181662&ga_hid=99077064&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=371&ady=3035&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077148&oid=2&pvsid=2996708598079933&tmod=821911690&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=KL6Y46oDG8&p=https%3A//turtella.ru&dtd=276

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8841ef81d11ac1bd2bd88e82c6c0f3498d6af01da468e951f9dfe91bd30fdbae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://turtella.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 40509
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 16 Aug 2023 10:27:43 GMT
expires: Wed, 16 Aug 2023 10:27:43 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D57D 144 KB
44 KB 897ms
896ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2527231214147379&output=html&h=600&slotname=4810754619&adk=413430865&adf=162054646&pi=t.ma~as.4810754619&w=300&fwrn=4&fwrnh=100&lmt=1692178062&rafmt=1&format=300x600&url=https%3A%2F%2Fturtella.ru%2Fmain&fwr=0&fwrattr=true&rw=300&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692181662087&bpp=1&bdt=823&idt=279&shv=r20230810&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C748x280%2C748x280&nras=1&correlator=8467847889206&frm=20&pv=1&ga_vid=432699938.1692181662&ga_sid=1692181662&ga_hid=99077064&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1135&ady=158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077148&oid=2&pvsid=2996708598079933&tmod=821911690&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=hU6tgqwqkb&p=https%3A//turtella.ru&dtd=282

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ddcb300d83645d999ae14b7f7dde7b2ddead30f4789e04cf590ceff61842bf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://turtella.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 44664
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 16 Aug 2023 10:27:43 GMT
expires: Wed, 16 Aug 2023 10:27:43 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9E05 95 KB
37 KB 595ms
595ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2527231214147379&output=html&h=600&slotname=6289888493&adk=1066094053&adf=3154994636&pi=t.ma~as.6289888493&w=300&lmt=1692178062&format=300x600&url=https%3A%2F%2Fturtella.ru%2Fmain&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692181662087&bpp=1&bdt=823&idt=288&shv=r20230810&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C748x280%2C748x280%2C300x600&nras=1&correlator=8467847889206&frm=20&pv=1&ga_vid=432699938.1692181662&ga_sid=1692181662&ga_hid=99077064&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1135&ady=1187&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077148&oid=2&pvsid=2996708598079933&tmod=821911690&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=HL58TzO9FB&p=https%3A//turtella.ru&dtd=291

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

229c9fe56b5cdb3986dfa16ba43fcfbbb3d91f3bc581bfc23eeb70704c25fc4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://turtella.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 38035
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 16 Aug 2023 10:27:42 GMT
expires: Wed, 16 Aug 2023 10:27:42 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CDBA 99 KB
37 KB 871ms
870ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2527231214147379&output=html&h=600&slotname=3170369883&adk=4089991135&adf=464485730&pi=t.ma~as.3170369883&w=300&fwrn=4&fwrnh=100&lmt=1692178062&rafmt=1&format=300x600&url=https%3A%2F%2Fturtella.ru%2Fmain&fwr=0&fwrattr=true&rw=300&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692181662087&bpp=1&bdt=823&idt=294&shv=r20230810&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C748x280%2C748x280%2C300x600%2C300x600&nras=1&correlator=8467847889206&frm=20&pv=1&ga_vid=432699938.1692181662&ga_sid=1692181662&ga_hid=99077064&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1135&ady=1807&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077148&oid=2&pvsid=2996708598079933&tmod=821911690&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=aoDaJTy5pA&p=https%3A//turtella.ru&dtd=296

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

99a88e84f330f657be3401cab3def53e808f31a7e4380fb1edb49ac033899663

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://turtella.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 37601
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 16 Aug 2023 10:27:43 GMT
expires: Wed, 16 Aug 2023 10:27:43 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

1 Show response
mc.yandex.com/watch/81638/
Redirect Chain

https://mc.yandex.com/watch/81638?wmode=7&page-url=https%3A%2F%2Fturtella.ru%2Fmain&charset=utf-8&cnt-class=1&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Afle5kqy8ltv55tkdn444gpr%3Afp%3A1013%3Afu%3A0%...
https://mc.yandex.com/watch/81638/1?wmode=7&page-url=https%3A%2F%2Fturtella.ru%2Fmain&charset=utf-8&cnt-class=1&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Afle5kqy8ltv55tkdn444gpr%3Afp%3A1013%3Afu%3A...

435 B
769 B

95ms
94ms

Fetch
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/81638/1?wmode=7&page-url=https%3A%2F%2Fturtella.ru%2Fmain&charset=utf-8&cnt-class=1&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Afle5kqy8ltv55tkdn444gpr%3Afp%3A1013%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1093%3Acn%3A1%3Adp%3A0%3Als%3A1651536629776%3Ahid%3A149605753%3Az%3A60%3Ai%3A20230816112742%3Aet%3A1692181662%3Ac%3A1%3Arn%3A759970487%3Arqn%3A1%3Au%3A1692181662736448193%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C0%2C221%2C9%2C310%2C0%2C%2C462%2C4%2C%2C%2C%2C1003%3Aco%3A0%3Acpf%3A1%3Ans%3A1692181660729%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1692181663%3At%3A%D0%9E%D1%82%D0%B7%D1%8B%D0%B2%D1%8B%20%D0%BE%D0%B1%20%D0%BE%D1%82%D0%B5%D0%BB%D1%8F%D1%85%20%D0%B8%20%D1%80%D0%B0%D1%81%D1%81%D0%BA%D0%B0%D0%B7%D1%8B%20%D1%82%D1%83%D1%80%D0%B8%D1%81%D1%82%D0%BE%D0%B2&t=clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29&redirnss=1

Requested by

Host: turtella.ru
URL: https://turtella.ru/main

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

331955508346e7ab2c22279f9f6c63554d769b4b4899388a00fd83c62a82ff99

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://turtella.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 10:27:42 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Wed, 16-Aug-2023 10:27:42 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://turtella.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 435
x-xss-protection: 1; mode=block
expires: Wed, 16-Aug-2023 10:27:42 GMT

Redirect headers

pragma: no-cache
date: Wed, 16 Aug 2023 10:27:42 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 16-Aug-2023 10:27:42 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/81638/1?wmode=7&page-url=https%3A%2F%2Fturtella.ru%2Fmain&charset=utf-8&cnt-class=1&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Afle5kqy8ltv55tkdn444gpr%3Afp%3A1013%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1093%3Acn%3A1%3Adp%3A0%3Als%3A1651536629776%3Ahid%3A149605753%3Az%3A60%3Ai%3A20230816112742%3Aet%3A1692181662%3Ac%3A1%3Arn%3A759970487%3Arqn%3A1%3Au%3A1692181662736448193%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C0%2C221%2C9%2C310%2C0%2C%2C462%2C4%2C%2C%2C%2C1003%3Aco%3A0%3Acpf%3A1%3Ans%3A1692181660729%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1692181663%3At%3A%D0%9E%D1%82%D0%B7%D1%8B%D0%B2%D1%8B%20%D0%BE%D0%B1%20%D0%BE%D1%82%D0%B5%D0%BB%D1%8F%D1%85%20%D0%B8%20%D1%80%D0%B0%D1%81%D1%81%D0%BA%D0%B0%D0%B7%D1%8B%20%D1%82%D1%83%D1%80%D0%B8%D1%81%D1%82%D0%BE%D0%B2&t=clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29&redirnss=1
access-control-allow-origin: https://turtella.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Wed, 16-Aug-2023 10:27:42 GMT

GET
H2

200

sync_cookie_image_decide_secondary
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check_secondary
https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=10097.vAR1aIDWohEx4OpXDCbeKTKESpjw02QyqMc6WnWyWYQTgQQAXRcemjgYxMdV5xGb.Y8_CsrZsT1dlduhYa13bpVGGZOM%2C
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10097.wfsrXEsSKOn6hYMaSyX0zsIn_ugBpUrttUW4_elq0uKknXSA7lTThxx-e-9IOT3VOH-ZxwczjtUST8t4EmoPdlf4UFvxk4ObrWFvD-33F2k%2C.H1Ne2ZCfhJ43Ss8QX...

43 B
103 B

98ms
98ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10097.wfsrXEsSKOn6hYMaSyX0zsIn_ugBpUrttUW4_elq0uKknXSA7lTThxx-e-9IOT3VOH-ZxwczjtUST8t4EmoPdlf4UFvxk4ObrWFvD-33F2k%2C.H1Ne2ZCfhJ43Ss8QXDEfu5gORH8%2C

Requested by

Host: turtella.ru
URL: https://turtella.ru/main

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://turtella.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 10:27:43 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10097.wfsrXEsSKOn6hYMaSyX0zsIn_ugBpUrttUW4_elq0uKknXSA7lTThxx-e-9IOT3VOH-ZxwczjtUST8t4EmoPdlf4UFvxk4ObrWFvD-33F2k%2C.H1Ne2ZCfhJ43Ss8QXDEfu5gORH8%2C
date: Wed, 16 Aug 2023 10:27:42 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 16734276296461825361
tpc.googlesyndication.com/simgad/ Frame 9E05 141 KB
142 KB 264ms
133ms Image
image/gif 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16734276296461825361

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2527231214147379&output=html&h=600&slotname=6289888493&adk=1066094053&adf=3154994636&pi=t.ma~as.6289888493&w=300&lmt=1692178062&format=300x600&url=https%3A%2F%2Fturtella.ru%2Fmain&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692181662087&bpp=1&bdt=823&idt=288&shv=r20230810&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C748x280%2C748x280%2C300x600&nras=1&correlator=8467847889206&frm=20&pv=1&ga_vid=432699938.1692181662&ga_sid=1692181662&ga_hid=99077064&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1135&ady=1187&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077148&oid=2&pvsid=2996708598079933&tmod=821911690&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=HL58TzO9FB&p=https%3A//turtella.ru&dtd=291

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2201c81c29859521baf3250652e05a069603d8bc1fe4321f034ff148cf6faeea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 07:26:19 GMT
x-content-type-options: nosniff
age: 356484
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 144662
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:46:04 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 11 Aug 2024 07:26:19 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230810/r20110914/ Frame 9E05 23 KB
9 KB 229ms
106ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230810/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2c51c49db9c74085ebad0d11a1c5d1eea450239668797fbc3a477dc0ded3023

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 14:31:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71754
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9094
x-xss-protection: 0
server: cafe
etag: 8732331910907961498
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Aug 2023 14:31:49 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 245D 143 B
166 B 53ms
53ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2527231214147379&output=html&h=600&slotname=6289888493&adk=1066094053&adf=3154994636&pi=t.ma~as.6289888493&w=300&lmt=1692178062&format=300x600&url=https%3A%2F%2Fturtella.ru%2Fmain&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692181662087&bpp=1&bdt=823&idt=288&shv=r20230810&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C748x280%2C748x280%2C300x600&nras=1&correlator=8467847889206&frm=20&pv=1&ga_vid=432699938.1692181662&ga_sid=1692181662&ga_hid=99077064&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1135&ady=1187&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077148&oid=2&pvsid=2996708598079933&tmod=821911690&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=HL58TzO9FB&p=https%3A//turtella.ru&dtd=291
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 1169
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 16 Aug 2023 10:08:14 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/ Frame 9E05 3 KB
1 KB 348ms
227ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 08:34:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6805
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 08:34:18 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/ Frame 9E05 20 KB
8 KB 175ms
54ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 02:41:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27969
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8262
x-xss-protection: 0
server: cafe
etag: 6392178368060142121
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 02:41:34 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9E05 180 KB
56 KB 277ms
158ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

336a0c08c69f92f1a5b7a1d71902aa98ee2199424c0581dbaa27242b267942f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 10:27:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57610
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692013115309786"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Aug 2023 10:27:43 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/ Frame 9E05 35 KB
14 KB 233ms
114ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e90f6b678b2f030caab438c18a9682c81b824f5b829cf9e436065c11bf293193

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 15:15:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69104
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14283
x-xss-protection: 0
server: cafe
etag: 10830060499921058150
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Aug 2023 15:15:59 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame F827 14 KB
1 KB 63ms
62ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2527231214147379&output=html&h=280&slotname=3497672943&adk=286206994&adf=3413030609&pi=t.ma~as.3497672943&w=748&fwrn=4&fwrnh=100&lmt=1692178062&rafmt=1&format=748x280&url=https%3A%2F%2Fturtella.ru%2Fmain&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692181662084&bpp=2&bdt=820&idt=263&shv=r20230810&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8467847889206&frm=20&pv=1&ga_vid=432699938.1692181662&ga_sid=1692181662&ga_hid=99077064&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=371&ady=1688&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077148&oid=2&pvsid=2996708598079933&tmod=821911690&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=GYs1I5CK7K&p=https%3A//turtella.ru&dtd=267

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 16 Aug 2023 10:27:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 16 Aug 2023 10:26:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 16 Aug 2023 10:27:43 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/ Frame F827 2 KB
973 B 162ms
112ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 14:40:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71251
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Aug 2023 14:40:12 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 245D
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

61ms
60ms

Document
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 16 Aug 2023 10:27:43 GMT
expires: Wed, 16 Aug 2023 10:27:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 16 Aug 2023 10:27:43 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 data=Hajh2_zJ2fyClJ4Fjgiuprh4BDLjCU2shiRvrWneOCJIEp4kdfRn8TkGlRj-peUOpCa1W0O0TnguWEQ3Q1rAXV2lwek
mts0.google.com/vt/ Frame F827 69 KB
69 KB 732ms
479ms Image
image/png 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mts0.google.com/vt/data=Hajh2_zJ2fyClJ4Fjgiuprh4BDLjCU2shiRvrWneOCJIEp4kdfRn8TkGlRj-peUOpCa1W0O0TnguWEQ3Q1rAXV2lwek

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

647de6160ab57e21e8a9992fa818a83deb35d6438b93b3f09213fec0fe59eaa6

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 10:27:43 GMT
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=424
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70649
x-xss-protection: 0
x-server-version-bin: CggIBBCp/+amBg==
server: scaffolding on HTTPServer2
etag: 0a0a5ee861f6dbcc
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=3600
expires: Wed, 16 Aug 2023 11:27:43 GMT

GET
DATA 200
OK truncated
/ Frame F827 297 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 65f22d8aa0690bd9cf8ffe5d68e5f6866b05ed8fc6f6c9083b996c1b3c4c75f4

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame F827 336 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame F827 462 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 01cbb105faef1373e9d53ddc5e62c9c7b5f66cbc64c2c045a3daec0328b831e6

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame F827 465 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41b7f4ef86f2344e72da822fe79265700ff1bf3361450a02ab4397ff1a5eb040

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230810/r20110914/ Frame F827 23 KB
9 KB 259ms
223ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230810/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2c51c49db9c74085ebad0d11a1c5d1eea450239668797fbc3a477dc0ded3023

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 14:31:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71754
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9094
x-xss-protection: 0
server: cafe
etag: 8732331910907961498
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Aug 2023 14:31:49 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/ Frame F827 3 KB
1 KB 262ms
227ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 08:34:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6805
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 08:34:18 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/ Frame F827 20 KB
8 KB 96ms
61ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 02:41:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27969
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8262
x-xss-protection: 0
server: cafe
etag: 6392178368060142121
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 02:41:34 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F827 180 KB
56 KB 236ms
202ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

336a0c08c69f92f1a5b7a1d71902aa98ee2199424c0581dbaa27242b267942f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 10:27:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57610
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692013115309786"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Aug 2023 10:27:43 GMT

GET
H3 200 d405e63a5f7e8b51eabf017ab96b7905.js Show response
www.gstatic.com/mysidia/ Frame F827 35 KB
15 KB 161ms
53ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/d405e63a5f7e8b51eabf017ab96b7905.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45184ea47e05d3bba4aaa0895510a212c59d5596d5295fba864d8fa38b6e7cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 04:19:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22089
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14930
x-xss-protection: 0
last-modified: Thu, 10 Aug 2023 20:56:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 14 Nov 2023 04:19:34 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame EF98 14 KB
1 KB 62ms
61ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2527231214147379&output=html&h=280&slotname=2184591276&adk=1776695755&adf=4290593704&pi=t.ma~as.2184591276&w=748&fwrn=4&fwrnh=100&lmt=1692178062&rafmt=1&format=748x280&url=https%3A%2F%2Fturtella.ru%2Fmain&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692181662086&bpp=1&bdt=821&idt=272&shv=r20230810&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C748x280&nras=1&correlator=8467847889206&frm=20&pv=1&ga_vid=432699938.1692181662&ga_sid=1692181662&ga_hid=99077064&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=371&ady=3035&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077148&oid=2&pvsid=2996708598079933&tmod=821911690&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=KL6Y46oDG8&p=https%3A//turtella.ru&dtd=276

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 16 Aug 2023 10:27:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 16 Aug 2023 08:44:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 16 Aug 2023 10:27:43 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/ Frame EF98 2 KB
926 B 233ms
226ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 14:40:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71251
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Aug 2023 14:40:12 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230810/r20110914/ Frame EF98 23 KB
9 KB 224ms
220ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230810/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2c51c49db9c74085ebad0d11a1c5d1eea450239668797fbc3a477dc0ded3023

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 14:31:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71754
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9094
x-xss-protection: 0
server: cafe
etag: 8732331910907961498
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Aug 2023 14:31:49 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/ Frame EF98 3 KB
1 KB 134ms
130ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 08:34:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6805
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 08:34:18 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/ Frame EF98 20 KB
8 KB 71ms
69ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 02:41:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27969
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8262
x-xss-protection: 0
server: cafe
etag: 6392178368060142121
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 02:41:34 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EF98 180 KB
57 KB 75ms
74ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

336a0c08c69f92f1a5b7a1d71902aa98ee2199424c0581dbaa27242b267942f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 10:27:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57610
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692013115309786"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Aug 2023 10:27:43 GMT

GET
H3 200 d405e63a5f7e8b51eabf017ab96b7905.js Show response
www.gstatic.com/mysidia/ Frame EF98 35 KB
15 KB 131ms
55ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/d405e63a5f7e8b51eabf017ab96b7905.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45184ea47e05d3bba4aaa0895510a212c59d5596d5295fba864d8fa38b6e7cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 04:19:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22089
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14930
x-xss-protection: 0
last-modified: Thu, 10 Aug 2023 20:56:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 14 Nov 2023 04:19:34 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/15342407667436315315/ Frame EF98 22 KB
22 KB 230ms
229ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15342407667436315315/14763004658117789537?w=400&h=209

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2ab8b8dcb5326544ecf90e1188dfe6a18726be43c7dd1ddfba51df5aa409672

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 10:09:37 GMT
x-content-type-options: nosniff
age: 1086
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22110
x-xss-protection: 0
last-modified: Tue, 23 Aug 2022 10:10:38 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 15 Aug 2024 10:09:37 GMT

GET
DATA 200
OK truncated
/ Frame EF98 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame EF98 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame F827 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 868d44b11ddb2733eacaabc491f4ed3d2937019e18a13fc26eca1114b3c1f9f4

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 9E05 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 15c8acf7e9c1cef3cbe7a5905bb576f851c15ebc70cf0b3b0becab5e9dcb9e4c

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame EF98 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62e5a5b8246d41ae36ac998fe362e6b5675871a3cd9f2723380be113875181a4

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/ Frame CDBA 2 KB
926 B 66ms
64ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2527231214147379&output=html&h=600&slotname=3170369883&adk=4089991135&adf=464485730&pi=t.ma~as.3170369883&w=300&fwrn=4&fwrnh=100&lmt=1692178062&rafmt=1&format=300x600&url=https%3A%2F%2Fturtella.ru%2Fmain&fwr=0&fwrattr=true&rw=300&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692181662087&bpp=1&bdt=823&idt=294&shv=r20230810&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C748x280%2C748x280%2C300x600%2C300x600&nras=1&correlator=8467847889206&frm=20&pv=1&ga_vid=432699938.1692181662&ga_sid=1692181662&ga_hid=99077064&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1135&ady=1807&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077148&oid=2&pvsid=2996708598079933&tmod=821911690&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=aoDaJTy5pA&p=https%3A//turtella.ru&dtd=296

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 14:40:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71251
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Aug 2023 14:40:12 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230810/r20110914/ Frame CDBA 23 KB
9 KB 66ms
64ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230810/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2c51c49db9c74085ebad0d11a1c5d1eea450239668797fbc3a477dc0ded3023

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 14:31:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71754
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9094
x-xss-protection: 0
server: cafe
etag: 8732331910907961498
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Aug 2023 14:31:49 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/ Frame CDBA 3 KB
1 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 08:34:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6805
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 08:34:18 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/ Frame CDBA 20 KB
8 KB 64ms
63ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 02:41:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27969
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8262
x-xss-protection: 0
server: cafe
etag: 6392178368060142121
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 02:41:34 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CDBA 180 KB
56 KB 80ms
79ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

336a0c08c69f92f1a5b7a1d71902aa98ee2199424c0581dbaa27242b267942f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 10:27:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57610
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692013115309786"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Aug 2023 10:27:43 GMT

GET
H3 200 d405e63a5f7e8b51eabf017ab96b7905.js Show response
www.gstatic.com/mysidia/ Frame CDBA 35 KB
15 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/d405e63a5f7e8b51eabf017ab96b7905.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45184ea47e05d3bba4aaa0895510a212c59d5596d5295fba864d8fa38b6e7cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 04:19:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22089
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14930
x-xss-protection: 0
last-modified: Thu, 10 Aug 2023 20:56:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 14 Nov 2023 04:19:34 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame D57D 14 KB
1 KB 66ms
65ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2527231214147379&output=html&h=600&slotname=4810754619&adk=413430865&adf=162054646&pi=t.ma~as.4810754619&w=300&fwrn=4&fwrnh=100&lmt=1692178062&rafmt=1&format=300x600&url=https%3A%2F%2Fturtella.ru%2Fmain&fwr=0&fwrattr=true&rw=300&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692181662087&bpp=1&bdt=823&idt=279&shv=r20230810&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C748x280%2C748x280&nras=1&correlator=8467847889206&frm=20&pv=1&ga_vid=432699938.1692181662&ga_sid=1692181662&ga_hid=99077064&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1135&ady=158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077148&oid=2&pvsid=2996708598079933&tmod=821911690&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=hU6tgqwqkb&p=https%3A//turtella.ru&dtd=282

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 16 Aug 2023 10:27:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 16 Aug 2023 10:26:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 16 Aug 2023 10:27:43 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/ Frame D57D 2 KB
926 B 59ms
59ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 14:40:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71251
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Aug 2023 14:40:12 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230810/r20110914/ Frame D57D 23 KB
9 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230810/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2c51c49db9c74085ebad0d11a1c5d1eea450239668797fbc3a477dc0ded3023

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 14:31:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71754
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9094
x-xss-protection: 0
server: cafe
etag: 8732331910907961498
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Aug 2023 14:31:49 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/ Frame D57D 3 KB
1 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 08:34:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6805
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 08:34:18 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/ Frame D57D 20 KB
8 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 02:41:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27969
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8262
x-xss-protection: 0
server: cafe
etag: 6392178368060142121
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 02:41:34 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D57D 180 KB
56 KB 81ms
80ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

336a0c08c69f92f1a5b7a1d71902aa98ee2199424c0581dbaa27242b267942f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 10:27:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57610
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692013115309786"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Aug 2023 10:27:43 GMT

GET
H3 200 d405e63a5f7e8b51eabf017ab96b7905.js Show response
www.gstatic.com/mysidia/ Frame D57D 35 KB
15 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/d405e63a5f7e8b51eabf017ab96b7905.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45184ea47e05d3bba4aaa0895510a212c59d5596d5295fba864d8fa38b6e7cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 04:19:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22089
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14930
x-xss-protection: 0
last-modified: Thu, 10 Aug 2023 20:56:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 14 Nov 2023 04:19:34 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 9E05
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C4UEmnqTcZK_0Gar2mLAPyfmT4APE7_urcvOj4Yj0EfuEycjoBRABIMSFqhtgu76ug9AKoAGoqpLHA8gBA6kCr3MxWeNMtT6oAwHIA8kEqgTGAU_QAKd1x8WYnyohMW7XEtUVNKF1tHyun_N...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223236974928637288041%22,%22debug_reporting%22:true,%22destination%22:%22https://bl.uk%22,%22event_report_window%22:%2225920...

0
0

197ms
87ms

Fetch
text/css

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223236974928637288041%22,%22debug_reporting%22:true,%22destination%22:%22https://bl.uk%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22954504488%22],%224%22:[%2208-16%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210918649680503983329%22}&andc=true

Requested by

Host: turtella.ru
URL: https://turtella.ru/main

Protocol

Server

142.250.186.66 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 10:27:43 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"3236974928637288041","debug_reporting":true,"destination":"https://bl.uk","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["954504488"],"4":["08-16"],"6":["true"]},"priority":"500","source_event_id":"10918649680503983329"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 16 Aug 2023 10:27:43 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 16 Aug 2023 10:27:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"3236974928637288041","debug_reporting":true,"destination":"https://bl.uk","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["954504488"],"4":["08-16"],"6":["true"]},"priority":"500","source_event_id":"10918649680503983329"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 data=pD7PZUHc-_OKCbFL8dJBqib448uI5U7UIg6KnJxy2YMGnopp9snzLYwAbhsCpNrGYDFco7DwkbhEW_sj2nhiNin5v-eG
mts0.google.com/vt/ Frame D57D 118 KB
118 KB 396ms
395ms Image
image/png 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mts0.google.com/vt/data=pD7PZUHc-_OKCbFL8dJBqib448uI5U7UIg6KnJxy2YMGnopp9snzLYwAbhsCpNrGYDFco7DwkbhEW_sj2nhiNin5v-eG

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ce75b2bb7ecc96492c677e4a661e894da798085ad0bb95f753931d772a218615

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 10:27:43 GMT
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=329
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120635
x-xss-protection: 0
x-server-version-bin: CggIBBCp/+amBg==
server: scaffolding on HTTPServer2
etag: 0f76c218b78a9c14e
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=3600
expires: Wed, 16 Aug 2023 11:27:43 GMT

GET
DATA 200
OK truncated
/ Frame D57D 297 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 65f22d8aa0690bd9cf8ffe5d68e5f6866b05ed8fc6f6c9083b996c1b3c4c75f4

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame D57D 336 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame D57D 462 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 01cbb105faef1373e9d53ddc5e62c9c7b5f66cbc64c2c045a3daec0328b831e6

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame D57D 465 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41b7f4ef86f2344e72da822fe79265700ff1bf3361450a02ab4397ff1a5eb040

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 16628953005734007206
tpc.googlesyndication.com/daca_images/simgad/ Frame CDBA 38 KB
39 KB 143ms
142ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/16628953005734007206?w=360&h=720

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e7bcccb8a85d63dec18d6bc0bba8f08027588a47b392655c894c23d93cbe66f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 10:27:43 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39389
x-xss-protection: 0
last-modified: Sat, 22 Jul 2023 06:50:25 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 23 Aug 2023 10:27:43 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame EF98 33 KB
33 KB 53ms
52ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 05:04:01 GMT
x-content-type-options: nosniff
age: 365022
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 11 Aug 2024 05:04:01 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame EF98
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CeI6-nqTcZOH0GIGz1wbIzIjwDMH03YJxtNa0kcwQ5-Le7fcKEAEgxIWqG2C7vq6D0AqgAbPpge8CyAEJqQIL3hSwklCyPqgDAcgDywSqBMgBT9BZEpPnLPaTTuDvVXYj9G0mvk0-M2qTT0d...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211117478486223357211%22,%22debug_reporting%22:true,%22destination%22:%22https://rewardcatering.ie%22,%22event_report_windo...

0
0

159ms
88ms

Fetch
text/css

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211117478486223357211%22,%22debug_reporting%22:true,%22destination%22:%22https://rewardcatering.ie%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22769684659%22],%224%22:[%2208-16%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213224021392632377393%22}&andc=true

Requested by

Host: turtella.ru
URL: https://turtella.ru/main

Protocol

Server

142.250.186.66 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 10:27:43 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"11117478486223357211","debug_reporting":true,"destination":"https://rewardcatering.ie","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["769684659"],"4":["08-16"],"6":["true"]},"priority":"500","source_event_id":"13224021392632377393"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 16 Aug 2023 10:27:43 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 16 Aug 2023 10:27:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"11117478486223357211","debug_reporting":true,"destination":"https://rewardcatering.ie","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["769684659"],"4":["08-16"],"6":["true"]},"priority":"500","source_event_id":"13224021392632377393"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame F827 33 KB
33 KB 52ms
52ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 05:04:01 GMT
x-content-type-options: nosniff
age: 365022
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 11 Aug 2024 05:04:01 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjYUvaYr.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame F827 15 KB
15 KB 65ms
65ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjYUvaYr.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5825c88b68a498c8b3d8d34f0090a625f063a366c8f3cbebf51e7657623fb13b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 21:04:34 GMT
x-content-type-options: nosniff
age: 480189
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15352
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:34:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 09 Aug 2024 21:04:34 GMT

GET
H3 200 CSOfw_hsnqCQOuvd9EdsMHEKKK7Q7ue9EljC2uloiwY.js Show response
pagead2.googlesyndication.com/bg/ Frame A92D 37 KB
14 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CSOfw_hsnqCQOuvd9EdsMHEKKK7Q7ue9EljC2uloiwY.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09239fc3f86c9ea0903aebddf4476c30710a28aed0eee7bd1258c2dae9688b06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 06:37:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13786
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14663
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 12:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 15 Aug 2024 06:37:57 GMT

GET
H3 200 CSOfw_hsnqCQOuvd9EdsMHEKKK7Q7ue9EljC2uloiwY.js Show response
pagead2.googlesyndication.com/bg/ Frame 2A30 37 KB
14 KB 58ms
58ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CSOfw_hsnqCQOuvd9EdsMHEKKK7Q7ue9EljC2uloiwY.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09239fc3f86c9ea0903aebddf4476c30710a28aed0eee7bd1258c2dae9688b06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 06:37:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13786
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14663
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 12:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 15 Aug 2024 06:37:57 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 219ms
86ms Preflight
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 16 Aug 2023 10:27:43 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/ 154 KB
52 KB 103ms
102ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7ab0ab4405baf59c272291e67c27e3eee09cd30a3610ceb5231501c7dcab52ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://turtella.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 10:27:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53700
x-xss-protection: 0
server: cafe
etag: 3890196214879884414
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 16 Aug 2023 10:27:43 GMT

GET
DATA 200
OK truncated
/ Frame D57D 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f774dc8bfc568b22696aefd68aba99c1a129f846da3d68bb8fd4bfe8d62c1494

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 redir.html Show response
p4-es4rj2otgqypk-v5ho6umckxtcya5d-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame CD7C 247 B
869 B 244ms
87ms Document
text/html 172.217.18.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-es4rj2otgqypk-v5ho6umckxtcya5d-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f99.1e100.net

Software

sffe /

Resource Hash

c3a40f30b34e7581520fba47d1e333aea7163b410bd4dede37b744f3651101d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 204
content-security-policy-report-only: script-src 'nonce-Vsr0oVfTun4OkYEW29WZCw' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Wed, 16 Aug 2023 10:27:43 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Mon, 02 Dec 2019 20:15:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame CDBA
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C84FvnqTcZPKSGp7gmLAPq764sAnSkvb_cOzE2umiEKjrwpGVORABIMSFqhtgu76ug9AKoAHJkKzYAsgBAakCzZ7FXaVTsj6oAwHIA8sEqgTVAU_QMP5yD6PIEQQVE9-G5-cW3SsfZRLu_WY...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211961798651616528139%22,%22debug_reporting%22:true,%22destination%22:%22https://ordit.co.uk%22,%22event_report_window%22:%...

0
0

153ms
88ms

Fetch
text/css

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211961798651616528139%22,%22debug_reporting%22:true,%22destination%22:%22https://ordit.co.uk%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22722143305%22],%224%22:[%2208-16%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217731209883952144385%22}&andc=true

Requested by

Protocol

Server

142.250.186.66 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 10:27:43 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"11961798651616528139","debug_reporting":true,"destination":"https://ordit.co.uk","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["722143305"],"4":["08-16"],"6":["true"]},"priority":"500","source_event_id":"17731209883952144385"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 16 Aug 2023 10:27:43 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 16 Aug 2023 10:27:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"11961798651616528139","debug_reporting":true,"destination":"https://ordit.co.uk","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["722143305"],"4":["08-16"],"6":["true"]},"priority":"500","source_event_id":"17731209883952144385"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame CDBA 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 76a1ec8f82d1a0cb1836d82d6b360c0c2bc2c994b6efa3b50b46ea26a0b95ef4

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame D57D 33 KB
33 KB 53ms
52ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 05:04:01 GMT
x-content-type-options: nosniff
age: 365022
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 11 Aug 2024 05:04:01 GMT

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjYUvaYr.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame D57D 15 KB
15 KB 53ms
53ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjYUvaYr.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5825c88b68a498c8b3d8d34f0090a625f063a366c8f3cbebf51e7657623fb13b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 21:04:34 GMT
x-content-type-options: nosniff
age: 480189
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15352
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:34:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 09 Aug 2024 21:04:34 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 86ms
86ms Preflight
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 16 Aug 2023 10:27:43 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 87ms
86ms Preflight
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 16 Aug 2023 10:27:43 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230810/r20110914/ Frame 8DFB 10 KB
4 KB 52ms
52ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230810/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://turtella.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 71355
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 15 Aug 2023 14:38:28 GMT
etag: 12368291122986407432
expires: Tue, 29 Aug 2023 14:38:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230810/r20110914/ Frame 41A1 10 KB
4 KB 53ms
52ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230810/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://turtella.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 71355
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 15 Aug 2023 14:38:28 GMT
etag: 12368291122986407432
expires: Tue, 29 Aug 2023 14:38:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css2
fonts.googleapis.com/ Frame 8DFB 4 KB
671 B 65ms
65ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230810/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 16 Aug 2023 10:27:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 16 Aug 2023 08:42:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 16 Aug 2023 10:27:43 GMT

GET
H3 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230810/r20110914/elements/html/ Frame 8DFB 15 KB
6 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230810/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230810/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

29d66372a3c96dcd72388bd1bc1d1e69d704c97b9a35dbf2b231b64a7e0e80d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 15:21:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68761
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6441
x-xss-protection: 0
server: cafe
etag: 14691725014340836395
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Aug 2023 15:21:42 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230810/r20110914/elements/html/ Frame 8DFB 20 KB
8 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230810/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230810/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1811bc9b3358a9055f1cbbe1889ab60ee5159f52c39959e386fe42c98988a78d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 14:54:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70390
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8576
x-xss-protection: 0
server: cafe
etag: 10593844011591499743
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Aug 2023 14:54:33 GMT

GET
H3 200 4e9503689cc568474c146d9979c074f7.js Show response
www.gstatic.com/mysidia/ Frame 41A1 9 KB
4 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4e9503689cc568474c146d9979c074f7.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230810/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9ea77bdbdb2740b6029b3672b833edef7b592763a0ebbad204ef84c211a7c84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 14:16:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72658
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3932
x-xss-protection: 0
last-modified: Thu, 10 Aug 2023 20:56:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 13 Nov 2023 14:16:45 GMT

GET
H3 200 26d602273cbdc885b3acd5d1ed1b7ba0.js Show response
www.gstatic.com/mysidia/ Frame 41A1 11 KB
5 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/26d602273cbdc885b3acd5d1ed1b7ba0.js?tag=text/vanilla_highlight

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230810/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6350dce6469ed24caf9785f9f9d3279bbf0042d58cbe2721cec9137c9aca9d06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 05:46:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 103260
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4721
x-xss-protection: 0
last-modified: Thu, 10 Aug 2023 20:56:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 13 Nov 2023 05:46:43 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 41A1 14 KB
1 KB 63ms
63ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230810/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 16 Aug 2023 10:27:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 16 Aug 2023 08:44:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 16 Aug 2023 10:27:43 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/ Frame 41A1 2 KB
892 B 66ms
65ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230810/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 14:40:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71251
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Aug 2023 14:40:12 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230810/r20110914/ Frame 41A1 23 KB
9 KB 69ms
69ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230810/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230810/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2c51c49db9c74085ebad0d11a1c5d1eea450239668797fbc3a477dc0ded3023

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 14:31:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71754
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9094
x-xss-protection: 0
server: cafe
etag: 8732331910907961498
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Aug 2023 14:31:49 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/ Frame 41A1 3 KB
1 KB 81ms
80ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230810/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 08:34:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6805
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 08:34:18 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/ Frame 41A1 20 KB
8 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230810/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 02:41:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27969
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8262
x-xss-protection: 0
server: cafe
etag: 6392178368060142121
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 02:41:34 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 41A1 180 KB
56 KB 68ms
67ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230810/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

336a0c08c69f92f1a5b7a1d71902aa98ee2199424c0581dbaa27242b267942f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 10:27:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57610
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692013115309786"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Aug 2023 10:27:43 GMT

GET
H3 200 d405e63a5f7e8b51eabf017ab96b7905.js Show response
www.gstatic.com/mysidia/ Frame 41A1 35 KB
15 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/d405e63a5f7e8b51eabf017ab96b7905.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230810/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45184ea47e05d3bba4aaa0895510a212c59d5596d5295fba864d8fa38b6e7cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 04:19:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22089
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14930
x-xss-protection: 0
last-modified: Thu, 10 Aug 2023 20:56:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 14 Nov 2023 04:19:34 GMT

GET
H2 200 iframe.html Show response
p4-es4rj2otgqypk-v5ho6umckxtcya5d-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame CD7C 5 KB
2 KB 97ms
96ms Document
text/html 172.217.18.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-es4rj2otgqypk-v5ho6umckxtcya5d-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html

Requested by

Host: p4-es4rj2otgqypk-v5ho6umckxtcya5d-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-es4rj2otgqypk-v5ho6umckxtcya5d-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f99.1e100.net

Software

sffe /

Resource Hash

f9558493d7080e08ade572ca7a7a509826a463e897811be917052a54d80bdaa0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://p4-es4rj2otgqypk-v5ho6umckxtcya5d-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 1985
content-security-policy-report-only: script-src 'nonce-u51XyfjIStifewp-6Kb8Rw' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Wed, 16 Aug 2023 10:27:43 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Fri, 03 Feb 2023 22:38:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 6222368270543674702
tpc.googlesyndication.com/simgad/ Frame 41A1 2 KB
2 KB 108ms
108ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6222368270543674702?w=100&h=100

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230810/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a2808f2d0c9a4b6bd25885aa754c3702f3dfd9beb98524cd015b8066afc985c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 10:27:43 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2421
x-xss-protection: 0
last-modified: Wed, 27 Mar 2019 13:58:11 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 15 Aug 2024 10:27:43 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 46A8 143 B
166 B 53ms
52ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230810/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230810/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 1169
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 16 Aug 2023 10:08:14 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230810/r20110914/ Frame 052A 23 KB
9 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230810/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230810/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2c51c49db9c74085ebad0d11a1c5d1eea450239668797fbc3a477dc0ded3023

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 14:31:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71754
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9094
x-xss-protection: 0
server: cafe
etag: 8732331910907961498
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Aug 2023 14:31:49 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 052A 8 KB
750 B 62ms
62ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230810/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 16 Aug 2023 10:27:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 16 Aug 2023 08:32:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 16 Aug 2023 10:27:43 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/ Frame 052A 15 KB
3 KB 195ms
53ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230810/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 19:19:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 54481
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2920
x-xss-protection: 0
last-modified: Wed, 02 Aug 2023 10:38:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Aug 2024 19:19:43 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/ Frame 052A 368 KB
128 KB 197ms
55ms Script
text/javascript 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230810/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0dc2dfbb8a7cfd95b7e26cd31635911739b4ee1fb41363e062a9673fdca156f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 18:22:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57885
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 130842
x-xss-protection: 0
last-modified: Wed, 02 Aug 2023 10:38:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Aug 2024 18:22:59 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/ Frame 052A 20 KB
8 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230810/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 02:41:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27969
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8262
x-xss-protection: 0
server: cafe
etag: 6392178368060142121
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 02:41:34 GMT

GET
DATA 200
OK truncated
/ Frame 41A1 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 46c219f1abf69c2da30818c80bcadcbe7044dc8dd0c5f073425a58a7f8989f3d

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame F827
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C_OHgnqTcZJyXGKebmLAPx-KZ8A2r-M2_cKvly9_pEYCOoZXlGhABIMSFqhtgu76ug9AKoAHziIWcKMgBCakCRaVr-aRftT6oAwHIA8sEqgTVAU_QkwufWfi1ypId4sw9FFuZZInBCgOd9ZV...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225129725221918730124%22,%22debug_reporting%22:true,%22destination%22:%22https://f45training.co.uk%22,%22event_report_window...

0
0

87ms
86ms

Fetch
text/css

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225129725221918730124%22,%22debug_reporting%22:true,%22destination%22:%22https://f45training.co.uk%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210796221555%22],%224%22:[%2208-16%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227472588008838301985%22}&andc=true

Requested by

Host: turtella.ru
URL: https://turtella.ru/main

Protocol

Server

142.250.186.66 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 10:27:44 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"5129725221918730124","debug_reporting":true,"destination":"https://f45training.co.uk","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10796221555"],"4":["08-16"],"6":["true"]},"priority":"500","source_event_id":"7472588008838301985"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 16 Aug 2023 10:27:44 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 16 Aug 2023 10:27:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"5129725221918730124","debug_reporting":true,"destination":"https://f45training.co.uk","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10796221555"],"4":["08-16"],"6":["true"]},"priority":"500","source_event_id":"7472588008838301985"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame D57D
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C4Y6RnqTcZNbTGYXxmLAPy7qF0Ayr-M2_cKvly9_pEYCOoZXlGhABIMSFqhtgu76ug9AKoAHziIWcKMgBCakCRaVr-aRftT6oAwHIA8sEqgTVAU_QKDuvchnrkehgTJ7j1DTd2XSd_xiWzM6...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225927021111611191034%22,%22debug_reporting%22:true,%22destination%22:%22https://f45training.co.uk%22,%22event_report_window...

0
0

88ms
87ms

Fetch
text/css

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225927021111611191034%22,%22debug_reporting%22:true,%22destination%22:%22https://f45training.co.uk%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210796221555%22],%224%22:[%2208-16%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227347501260230542897%22}&andc=true

Requested by

Host: turtella.ru
URL: https://turtella.ru/main

Protocol

Server

142.250.186.66 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 10:27:44 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"5927021111611191034","debug_reporting":true,"destination":"https://f45training.co.uk","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10796221555"],"4":["08-16"],"6":["true"]},"priority":"500","source_event_id":"7347501260230542897"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 16 Aug 2023 10:27:44 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 16 Aug 2023 10:27:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"5927021111611191034","debug_reporting":true,"destination":"https://f45training.co.uk","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10796221555"],"4":["08-16"],"6":["true"]},"priority":"500","source_event_id":"7347501260230542897"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 CSOfw_hsnqCQOuvd9EdsMHEKKK7Q7ue9EljC2uloiwY.js Show response
pagead2.googlesyndication.com/bg/ Frame CFE1 37 KB
14 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CSOfw_hsnqCQOuvd9EdsMHEKKK7Q7ue9EljC2uloiwY.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09239fc3f86c9ea0903aebddf4476c30710a28aed0eee7bd1258c2dae9688b06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 06:37:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13787
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14663
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 12:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 15 Aug 2024 06:37:57 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 46A8
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

64ms
64ms

Document
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230810/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 16 Aug 2023 10:27:44 GMT
expires: Wed, 16 Aug 2023 10:27:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 16 Aug 2023 10:27:44 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 CSOfw_hsnqCQOuvd9EdsMHEKKK7Q7ue9EljC2uloiwY.js Show response
pagead2.googlesyndication.com/bg/ Frame A0BD 37 KB
14 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CSOfw_hsnqCQOuvd9EdsMHEKKK7Q7ue9EljC2uloiwY.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09239fc3f86c9ea0903aebddf4476c30710a28aed0eee7bd1258c2dae9688b06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 06:37:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13787
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14663
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 12:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 15 Aug 2024 06:37:57 GMT

GET
H3 200 CSOfw_hsnqCQOuvd9EdsMHEKKK7Q7ue9EljC2uloiwY.js Show response
pagead2.googlesyndication.com/bg/ Frame DB27 37 KB
14 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CSOfw_hsnqCQOuvd9EdsMHEKKK7Q7ue9EljC2uloiwY.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09239fc3f86c9ea0903aebddf4476c30710a28aed0eee7bd1258c2dae9688b06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 06:37:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13787
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14663
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 12:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 15 Aug 2024 06:37:57 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 88ms
87ms Preflight
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 16 Aug 2023 10:27:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 87ms
87ms Preflight
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 16 Aug 2023 10:27:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 41A1
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C9onunqTcZNaYHIegi9YPhcuXyAyDwcDHccrjxeO4CPK8goHABRABIMSFqhtgu76ug9AKoAH6gP_5A8gBAakCZcwVCkBWtT6oAwHIA8sEqgTIAU_QGO1xsM-Q1v8ZejJho8HrofbGGDYm6Mx...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225426141839050149748%22,%22debug_reporting%22:true,%22destination%22:%22https://icelandprocruises.co.uk%22,%22event_report_...

0
0

87ms
87ms

Fetch
text/css

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225426141839050149748%22,%22debug_reporting%22:true,%22destination%22:%22https://icelandprocruises.co.uk%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221061142650%22],%224%22:[%2208-16%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214658181432565768385%22}&andc=true

Requested by

Host: turtella.ru
URL: https://turtella.ru/main

Protocol

Server

142.250.186.66 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 10:27:44 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"5426141839050149748","debug_reporting":true,"destination":"https://icelandprocruises.co.uk","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1061142650"],"4":["08-16"],"6":["true"]},"priority":"500","source_event_id":"14658181432565768385"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 16 Aug 2023 10:27:44 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 16 Aug 2023 10:27:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"5426141839050149748","debug_reporting":true,"destination":"https://icelandprocruises.co.uk","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1061142650"],"4":["08-16"],"6":["true"]},"priority":"500","source_event_id":"14658181432565768385"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 CSOfw_hsnqCQOuvd9EdsMHEKKK7Q7ue9EljC2uloiwY.js Show response
pagead2.googlesyndication.com/bg/ Frame A428 37 KB
14 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CSOfw_hsnqCQOuvd9EdsMHEKKK7Q7ue9EljC2uloiwY.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230810/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09239fc3f86c9ea0903aebddf4476c30710a28aed0eee7bd1258c2dae9688b06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 06:37:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13787
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14663
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 12:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 15 Aug 2024 06:37:57 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 052A 0
234 B 863ms
300ms Ping
image/gif 2800:3f0:4004:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lldl9sle&c=4729383535157&slotId=2364691767578.5&qqid=CNXfi_f74IADFQfQwgQdheUFyQ&fb=outstream-lima&sei=44730425%2C44752538%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2800:3f0:4004:806::2003 , Argentina, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 10:27:44 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 052A 0
20 B 157ms
156ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CRV1_nqTcZNWYHIegi9YPhcuXyAyXuN-zcci9n4erEZW06c_IAhABIMSFqhtgu76ug9AKyAEFqQIL3hSwklCyPqgDAcgDmwSqBOQBT9BN-3Mf97-8iKOfdjSsqpVQx5pM5SlQfX8mSKt9StsbvWEaAPlHrjZnSfyae068u-WaUfobI6ifpGBegWTeQExeLvmtSNoPmRBUhKzSJi8cKdoiBoQxinCT17EAXyYWU8UO4UtJoiVrpYAGOmVRJ6UOPXxeIkSQgSXjhBSjxHyhxBFmOdGnoUG1_khRX5DBhDouABUMWFTtTk34UPX0n7wJWfqtDgqSaVFia0FWeODzC1cIbBuSa4L-utD8SXIH8mcEtwtOzU1xBHmTKQ-gvN4RmdvzJtWxx36ujMLwxvd0dWCRwATX-9aBswTgBAOQBgGgBnaAB9iO674CqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwHgCwGADAGqDQJHQsgNAbAT_M32E8gT08mn4wPQEwDYEwqIFALYFAHQFQH4FgGAFwHoFwU&eventType=clickstring&clientTime=1692181664265&ai=CRV1_nqTcZNWYHIegi9YPhcuXyAyXuN-zcci9n4erEZW06c_IAhABIMSFqhtgu76ug9AKyAEFqQIL3hSwklCyPqgDAcgDmwSqBOQBT9BN-3Mf97-8iKOfdjSsqpVQx5pM5SlQfX8mSKt9StsbvWEaAPlHrjZnSfyae068u-WaUfobI6ifpGBegWTeQExeLvmtSNoPmRBUhKzSJi8cKdoiBoQxinCT17EAXyYWU8UO4UtJoiVrpYAGOmVRJ6UOPXxeIkSQgSXjhBSjxHyhxBFmOdGnoUG1_khRX5DBhDouABUMWFTtTk34UPX0n7wJWfqtDgqSaVFia0FWeODzC1cIbBuSa4L-utD8SXIH8mcEtwtOzU1xBHmTKQ-gvN4RmdvzJtWxx36ujMLwxvd0dWCRwATX-9aBswTgBAOQBgGgBnaAB9iO674CqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwHgCwGADAGqDQJHQsgNAbAT_M32E8gT08mn4wPQEwDYEwqIFALYFAHQFQH4FgGAFwHoFwU

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230810/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 10:27:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 052A 0
54 B 861ms
305ms Ping
image/gif 2800:3f0:4004:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lldl9slm&c=4729383535157&slotId=2364691767578.5&qqid=CNXfi_f74IADFQfQwgQdheUFyQ&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.1hk&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2800:3f0:4004:806::2003 , Argentina, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 10:27:44 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 052A 29 KB
17 KB 213ms
84ms XHR
text/xml 142.250.13.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-CG-z5CtHeZDz1BScbJzUBrwotvzRD8kJzX63rvVtaPzVeTl6yLeTwYZ6ZssgDf_pFBXQ3QnCzD1P8iqVr_dyWw_aOziw&cry=1&dbm_d=AKAmf-BaE-ZLR3nZO1Fz3V11CoSh9zp24GvhFAmgPx9YccpqzOuP-Yi4CFqvSRXDe9hDOz4Bc75wWgCdUCGXUA4i3xbKRTJQg5D6Wz88bqs-mEEzY4sjQGrBADPjS4htcF5HNOaCQvIrfPuc6ZZCxmWei5lYiUlV7oN2z1KoApijPKV6_P8u_6602K_QKAwe9Oj_mirfxKE4wgPA6iFLMY9ikGUY22spRBJ8PHN6ZUdIc23Ku-y98UF9QEWymUVm2g_10ezzmWgPBmzIs1t6A3sWUxw3WQB6ADjbmEJDqauAyBDDNY7Z9wE65WycHUFv3ghsOXwFiVizmRFKmgePn9zJXYfx1NUXIRtADO1dps4ioc_ioZ1qKG59zfwgkcK41OlIh0gbKENqBZ0WVGNZFmAMq_LlgrN9QF29LW5cd46xalCQX_YloXqGbjVk6dt7TCcKc0IEZpR6O2hI_yY0vblJ9g5svcsmmIk783QE4awLttq2JIveUPbQfIzKpUnDxh_QeFeiNZaTKH63pBNs43h8G9j6FVmJ8nVQw2OEKQtDDhm-DUz-xyoeLB8_jd-9IzS4EXJqX-ZMoDsDtVKbb0LRDOMT5jmHu1M7VKBbFdcnA1LEdxBXI1JgWE6VeXTskPtLSpVzb0vlVI25xZOPvsgZ3WITL2ucU1tJqODg7AAEZPgjREa0CJtfQq2DoF6gdzdUxtpBcAMRA7AiQsHI2s9EIvnUzUhMIZFBHquAO85LI7tVsx19hxcaQVK4hxfdXThY_80zUsJhQ8yaG5h_ogEjnssMMoAgXYyYXgYn4GqpClgtC3Rd1u6F-PehW-BAMAyh8hpRuSKPrlAN8SKJtQ1OwelIQlBGO3c16WNdiqR8TjxvLREJEooO9Fkdsvr3X0wt2SKQZWHfPpLh8WLUBYqNLmNT9NPnTfl6IGv4PiTepgRGCzKnIcnVoFIUMl2zPBbNwYjMVdVVFjIX0QDrFGzAg8d7kkpBRcDBASPek1elXOzE8NzYvuxN3NLi3bcL5UlSQbbo_7SuXAEtBIeEioeb6ROLWd3RPVnIr2dOqe9szi1XdWHFdahvxBI7ZcFuATplI-SoAFA8FzuvfqlNQbFPC77hA9O25OIw_J8_qYIC7s7c578NWMmd1bgRBA932JAmRxETH4OAIT1IF9X84gUU9z4b2WtpLiqiF6Jc6NpzpMhHOcBqF6fgay2Q53-HUq6ouRxF89O5vvWGXxrXy6NTDxas5v2Qs2UoKIfvVVE6cupFYz4DGVi5SmVL9w4hM6NjwD4qbW1pFLqXh4h3RubP52w-JAweH4rFsJHc2iNhuZbDgnWNAOLwSSJj9UsQzAgmauZzvo1Lk2u7kZSCtABFP3uoVUIHM05ZLpHgAh2pxGBmyM3hiWfklAaG92G0fJD3CNHZFZMAH0_mtbEC2NOaY-AUzqvkKN_rMpYC2HVAGfZbx8nNIV_BSgI-RZ-UuZcUG8Y7Zhpf60Y1GaQJ4g8DkM8phjsHHXNIjQveUmKYUH4U3blE7c0xjPOV4KEjJEomAeYiXYPO8ZqlnuoT0M6uawrryBv1txrO6gww3F-cDK3_dHNXh4-w80Zh_JpfuHsWrQzjJcQOG5HN36sLoSLtDeSuu5iBBNATEl5Sa7r3kXKMO25IivNsg9yTnAKW1UAZGSIeLPCjN4g3Q9Q82AEo-jBJjODYWDFioDGo9ntMoG0L5bPV3-FKaD6GDUSZlmyH0nrM3E9p-iRYfj8wbokdPmy_mr5HbbofVPcuM3W1bKeuPGeXi6OVUKJpRz4VkGB4yzI1RxkmCVg1I-6ygutQH7AxTM5d8vyM5QVPEisb11M_crKVdxDgpuxDccll4q68JaHZ2MHz7wns6fwfx3ZGrpFyUVswAud4u3rUzj5TTML_HcXHJtY5-IBtOPF9Xwv-77_ipZ389_IdMId_zez8uRZMZruxxYxJilJDEQW18Qq1Qx3W68trqt9HXcT2OX8JhX5dn6ISlV_4eniwaOE8jlVe9yjh_BQNKOyWGMISF7WPz7UikH0_tlfrh8fLEgNw9yr_HPdy1M1YOGo5EI8mcV1eEAkaGtAnMK90irWrFdXQQEAdZzxweZJHds-7HBAT5m3lLPp2NBX3ftavtb2a8lAoIRF3fw1KU1gl3hE2RPnZIcejEbohGoX7IescQXZb29AVbgHo3IKF5jz6auGcD9ep-5H1TgRruT0M0mTDrzki-_cJFY2WLyNRj0fkYgEkGjKqfUPphbgg2GbxfmKQ0PDfubRABrYkQz4v2djtAYEjv_zlA-5q_OLk-5WVDiKOGFtRgV8p7g-ESmkLcvRNa4VwvNTXtmtYkXtmDn5x_ERMnPbfni6sYlaGJH8Y1edJ4UiWXpmUeNr_EQkPNU_i_ZdKz94501hcG9hYQ_CD-eeCN5p3PIPhRowlZ32juvK4wd4R6fcx5jdhfXyfwu57i0klTWU331-MiQeJz0-I14W7G8MwQ8BIvZiijR2wvrmH3dYZ3R5sTiR8_r9wtLfN7zk_32_ffyDu0qGrBFCH7JN7Ssop_QrDJPGn9OyUeIwDV1fxuBuMBisVN-idHSpS1U9e2vVtn9mD6BDns7q6QtxrWD-GLUEuZcqlz6LJ2x6JmhrHGzD-8L0WYXvfnarr--FiEryAh9ND5yaM4OYsjmizwJcRVchjV1jDTrYXue0n1OWyttM5yWvbHEssMjwgRMVrVEbSfm4cigoHBmycjjUonpmJVXbIzLUORdLUKcuG_9KY-lQFd4Wr8QcSRW4oMr_da48G5Zb5uwS0x8qKVZLDG8xjw0QESlIKUOozJj2Mt81BwxTcFMODHDE1V-wbSvsMyIbAYAcVEme3jxak3gW4qSSSwARSDgM64w0gkLkR84sHcnGttIBz0KIF1E3Yj-QIo7L7YoCr3SibxqRRoO3-XqLek1sjhbYHP4JaOOwZIIJ4z0CKICt8jpm8WteB1H4mI598CSq07T489wH_uP5yZrNt85iaswgA9T4_H1haVB51BEXs9gelTFcr1FWpSBC6SdkMsq4ZqVlqA_uJpakVfmVWSB4YIiPSZ-vsELREYgI6yLWNE3MKeWKTe1xVNMfuSiqVxUdopU8fqjt1lNmHSqc-W7E08ZjPMornGekJUPNlfCWN7IfHWjxyrSFONBczgsyLrKCPxLQvZlMBXv9WXCaP0jXlQApdgHL8rmuwg2TMJJbQny27g-yVYePl43a0uEUBWOSED-oQCOTgKayfB0ojxqcP35SToNXxKMSsNUTTsqPChidd1rSaWU24UEjpHpH3EdRsacPX9Sh8BrHQ_sCVuCFqv5nyCvsdCBQvSOe4pSOYhCegR4J43XC-3Z18kgZk4UyPDLrcxkJbI07zkwKgjEAyI0Wl-SPF2JIg2lOODXrMkwdf5yjMtsN8MndFzzIh41GdNBRBR7vhnXotCtKOO1llQeLtEborvy1CFDrIcHLKXFnLPV7ZnoYx5PuO6ZRbGwD3w8frxpT4irwz2CRljNaNXcWPViq2dhklZWKQwqB8yuiDFMf46rEqbBJj2H6n-xvlVf3LFhMKxOG_Mvg-5GLMdyOvtXmCGu6nJyZnSXHW0SBO5vg9okU-cBw2jZABqIKXXAxedKCaHBiWOx0vzo1RHt0lvlSVybEzSrskstLliFumRGZddeO5xm52YsahPAPjhvY2G4Jm-oW86v5M5jDzJqOfky3CrVzzfB34yIhBuwjKmYRYCqt8GCAVMf7dU33AxsTC34v36QjoWs03LhLcJOApH7LYgJrD7H9ba0Y3UkFL3ra5iNsBwAWJ2VsjvYvDiDMi0rx9Myn0-kreor8BoPzleRjMhLHcXxaCqpqzDhE3xuETeXAYxShzIBVfMQ&cid=CAQSGwBpAlJWK0uY9i2Xq2FM15UAoW9Dq-8ylXfFTRgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.13.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

we-in-f156.1e100.net

Software

cafe /

Resource Hash

6204fe6bc713bae3991f09e06c80277696152d2a5aa140234bab87d8f4eb9aa4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 10:27:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16607
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 87ms
87ms Preflight
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 16 Aug 2023 10:27:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 210ms
102ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230810&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fab81dac13e3b158cae78a5597caee164430b1be343af54b61e13201cbc9b0bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://turtella.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 10:27:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11798
x-xss-protection: 0

POST
H2 204 csi
csi.gstatic.com/ Frame 052A 0
54 B 626ms
301ms Ping
image/gif 2800:3f0:4004:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lldl9slt&c=4729383535157&slotId=2364691767578.5&qqid=CNXfi_f74IADFQfQwgQdheUFyQ&fb=outstream-lima&vast_v=2.0&vmfc=12&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2800:3f0:4004:806::2003 , Argentina, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 10:27:44 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 052A 41 KB
15 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 06:25:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 360130
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 11 Aug 2024 06:25:34 GMT

HEAD
H/1.1

200
OK

file.mp4
r1---sn-4g5lznez.c.2mdn.net/videoplayback/id/fd2213d47f45cec6/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1723717664/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 052A
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/fd2213d47f45cec6/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1723717664/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
https://r1---sn-4g5lznez.c.2mdn.net/videoplayback/id/fd2213d47f45cec6/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1723717664/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

197ms
53ms

Fetch
video/mp4

2a00:1450:4001:11::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r1---sn-4g5lznez.c.2mdn.net/videoplayback/id/fd2213d47f45cec6/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1723717664/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/363CC3E99BA079308FDE4D731629F4E6E632F565.786C8C44FF1E187D6CFC26B31D75C47D802102E7/key/cms1/cms_redirect/yes/mh/Nc/mip/2a01:4a0:2c::3/mm/42/mn/sn-4g5lznez/ms/onc/mt/1692181301/mv/u/mvi/1/pl/48/file/file.mp4

Protocol

HTTP/1.1

Server

2a00:1450:4001:11::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Wed, 16 Aug 2023 10:27:44 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 2224714
Last-Modified: Wed, 19 Jul 2023 10:00:23 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Wed, 16 Aug 2023 10:27:44 GMT

Redirect headers

date: Wed, 16 Aug 2023 10:27:44 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 644
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r1---sn-4g5lznez.c.2mdn.net/videoplayback/id/fd2213d47f45cec6/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1723717664/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/363CC3E99BA079308FDE4D731629F4E6E632F565.786C8C44FF1E187D6CFC26B31D75C47D802102E7/key/cms1/cms_redirect/yes/mh/Nc/mip/2a01:4a0:2c::3/mm/42/mn/sn-4g5lznez/ms/onc/mt/1692181301/mv/u/mvi/1/pl/48/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 4BB0 23 KB
8 KB 54ms
53ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 106337
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 7799
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 15 Aug 2023 04:55:27 GMT
expires: Wed, 14 Aug 2024 04:55:27 GMT
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 8-ZmOU9oT98dzwhVxdRhvR2EKDTIqAFN6aCn3enqCsE.js Show response
pagead2.googlesyndication.com/bg/ Frame 4BB0 38 KB
15 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/8-ZmOU9oT98dzwhVxdRhvR2EKDTIqAFN6aCn3enqCsE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3e666394f684fdf1dcf0855c5d461bd1d842834c8a8014de9a0a7dde9ea0ac1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 08:36:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6655
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14855
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 12:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 15 Aug 2024 08:36:49 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 71ms
71ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://turtella.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 10:27:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 16 Aug 2023 10:27:44 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5E4B 13 KB
5 KB 53ms
52ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://turtella.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 2711
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 16 Aug 2023 09:42:33 GMT
expires: Thu, 15 Aug 2024 09:42:33 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4BFA 831 B
557 B 63ms
63ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b10eb5c383184867434c94666ac09e42bc569dc821829ccc4e8e3c2b9d0572b5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-VKXCf3i4EWXmgnXLWj0AzQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://turtella.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 535
content-security-policy: script-src 'report-sample' 'nonce-VKXCf3i4EWXmgnXLWj0AzQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 16 Aug 2023 10:27:44 GMT
expires: Wed, 16 Aug 2023 10:27:44 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4BFA 0
0 151ms
151ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230810&jk=2996708598079933&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

GET
H3 200 CSOfw_hsnqCQOuvd9EdsMHEKKK7Q7ue9EljC2uloiwY.js Show response
pagead2.googlesyndication.com/bg/ Frame 5E4B 37 KB
14 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CSOfw_hsnqCQOuvd9EdsMHEKKK7Q7ue9EljC2uloiwY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09239fc3f86c9ea0903aebddf4476c30710a28aed0eee7bd1258c2dae9688b06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 06:37:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13787
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14663
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 12:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 15 Aug 2024 06:37:57 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4BB0 0
20 B 156ms
155ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=Bzo5HoKTcZM2GG6SZkdUP66u_wAkAAAAAOAHgBAI&bg=!WVqlWg7NAAaiGN5Pghg7ADkAdvg8WibbP3sB4zbISgIDLnEggMKXYpWLXJxOpHCyi9AbRyXgtxT7DPkng3z0Xu_m1JlEm_qv_0ICAAAAWlIAAAAFaAEHmQMSqzsPeBpFEw-OLVfoGMPHrm054R3r7mPvQhOXQqsTIOoUWSuEfUE81B8XC-iYqAxM7AmbC89D_qP-7P2Vmpv2xWnT014BaSdqbamx7Yv11RtZyBehLLaNVEIOIxzVvABo215F0kRytoklnarJ-xvdgFTbxEXxfNcbQNJ78CfBjpKGWfOZF4RKgbT-nI1N5KTdnUE9ZyI4YhgYFDlaQbgY6VmyciND65YQjz_DRioGxwd1H-WxezBuGfOjfLnCQpzjPMm0cFfscH5VNhzal40rzheOf4bB_ATdqsCR-K_At1ermhwREyisCuyCbmSCW-UW9v5PdybP6tKWdobTtKkhmnrFTr0U3FRh9vUb8nEc_UYNa4T72-ks7CTxlYZ9MR7vAVJcxOVB8Vlji7e7qG46wlJP2j_yBx3dFo9PchbeTB6QlMz5vIynvIG5id-zV6Z-rzOk2t28ln3JYDXoRWURIkhIKYVXjZk0FITErk-HQx1uf4lZMu6oxlSlg-Hw3sZD7X6BmiLhhTdB35FqiXpMFY8y6nszCcQ5HQ1x_kBt8IxIIc4RJhAsqt_BJ3DGZrFjP1cTuOPDR-7gadAsJORVpuE7Lcv9V0OACQ5CBYVM3HWGJSmx8K8-1n78wz0Ebh4Hwt07mDPgR9aCL-c6RIBbSf2iOiXghDVP4ez1aFNQaNXnmqPf4dVYxbttMvTQ8BqUe6SyQp9zk2PY7QrM4qK_MlUfVjHNE9R9Kc8fpgHlKMcLqwW0r9KqQ08a_YtvuJFQ6JyZ0FtAqs1P5OtlWKYG3l2odHchlyXzs9ZZbU_1lwQrNUDzcg1B22p4GpR9YTb0OHxidauY9TLwwpfJdngdw59TH6dxs1E4HjLbp1Sl-MNPXLmglpeMBBMRy2Obf5DNEShoHKTeL_dZBDxChWnjyc074cNeILID7Lh8m9awqCCbcK--n_t5FYSRteRt3SCi6_zjNhp3fZ3PZxeF24NNeCexIU9izf3ZqL-fbLOYZ6NAHU9AvBnSPfTesE9OFuT_2oJoMrmbexGu4w4VQKj9-JA7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 10:27:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 206 file.mp4
r1---sn-4g5lznez.c.2mdn.net/videoplayback/id/fd2213d47f45cec6/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1723717664/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 052A 2 MB
2 MB 107ms
53ms Media
video/mp4 2a00:1450:4001:11::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:11::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

9fa6591f56e092c972caf9354ca941aa259832e6df06a9df434d95dceb88ca91

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Range: bytes=0-

Response headers

expires: Wed, 16 Aug 2023 10:27:45 GMT
date: Wed, 16 Aug 2023 10:27:45 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-2224713/2224714
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 2224714
last-modified: Wed, 19 Jul 2023 10:00:23 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 5E4B 0
10 B 52ms
52ms Image
text/plain 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?8YrAbw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 10:27:44 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D57D 42 B
64 B 158ms
157ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuwTXX3F0iNw3xQU-F_A6je2TY0dlGNRXwI-7PmBdOumCXsuETciD_o7GjDSkPE-dbjP2iGS5yBZOlaXRAcxCZE_awWEEBLyH_RVL3j29GmVfrXGGUFtQOPTHw8uAfWYHGERSd804ezCfqA&sai=AMfl-YSb5CNDofA9OYHchlVjfhrz7lJDFmsZkXp8k1e44NGT3jMHMc7SSNUZWOt04_qSM5SOT8YJEAmgrl5y&sig=Cg0ArKJSzKOlslHHoJtvEAE&cid=CAQSGwBpAlJWetw9AOJMuTprcaIJRtCzuyALAliCNxgB&id=lidar2&mcvt=1000&p=0,0,600,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230814&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=413430865&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692181662370&rpt=1633&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 10:27:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 41A1 42 B
64 B 157ms
156ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuKbX3r6hEPVojQIoKcFldb8eFrrhnVIzBeeKej6_ilwBParxT6dw1iwi8cULSgGdyvwarMpFHISIGKaa1crXb2YZku1nrlfktd0PkyCDY9I7kVncC8BBkoyDv_EyYZaBRwgK6SDKNeQwAv&sai=AMfl-YTrkr8Oi1ODDeFDOMKTFSlEcxflkXPLokXDJ_UfH2JfaxojbzqfvGFVfTvGIBWDPEMTfvgvzd0KekJ-&sig=Cg0ArKJSzNwqtw788Sf4EAE&cid=CAQSGwBpAlJWK0uY9i2Xq2FM15UAoW9Dq-8ylXfFTRgB&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=167,851,1000,1000,1000&tos=167,684,149,0,0&v=20230814&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=264356381&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692181663745&rpt=480&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 10:27:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 158ms
157ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230810&jk=2996708598079933&bg=!BAelB1PNAAaiGN5Pghg7ADkAdvg8WoagOb6ItYt66IJd3GK9wDK4xsgW5I5t9hiamBOcHKG5X21GDJVLxYk-vj6nzp84qexQ1XICAAAAQlIAAAAGaAEHmQK72y9ZZHgLNXT7hCyIB1iYS7VM7x_DrFVgq9Yy3l0Tyuo9ddXMIO4epXR4cQGu6r7qn1KD_8m3ubZCIpJ17z9QOASIhEwbBo9dUinS3ntE16BU6lVomZmWs7IJeDXyBEYIk81sULqIlmPDtGKT6mF9QNpltVMQNi2xZnm0gfqi409jin3FpIugJOlMsiBB7MpgZgrNUVlRHoal9yMFM1-egODajsfA8IZxG0C0bllwGy0DagDXKbZHSCVdYgHEKsfftQyBsFmabBxrxY4M25n_lT8VM0acNrfAHSo5lAaDEo5mnTryK1kmJ4cjiZv-XbAV3OSV2G51wHrTUiHJXu3AJaYY31JPACuehUqgH9rBzIlda6VCePUv2wlROhqKqhXWo8_BVpf4t4A_X3Ou_Go1Jk5r2ZfH9d0tiwQu-Wnf7II8KuOhH0wTtdOWnIYOoJeu1vQdn9Nx3UTkk4iJoCy6amg10pAWIphY_wh4i2aq9E3Tcd_9jElvhzpGcqTdM1kvDv5qSUsL_cWINafz_ntvlvyWxlIk4xvLCXUvS-a6kiH4ryCOKJOBj0SXX7ssgr9IlzjWbTr2MPxZ5Se6v_6eJfgoPTVcMdUNcTD21k3s4c9OtCRAQiWnbG2fpTCZH7aODmUBT4FzuZBBgBz1nAAZxzfto_BBmlQA7IpRjuPKZvj_xDxNAQ-SAnQikJ38zAhnoddKJtXVanGL4Q_3jmjRKZ3BLfZxMQx_4Ww9D24syCfEI-b7Bomd0jzn-c-9NxFL6AvNN1ZHbMm3Nh8OF3Y603tA8MPVFfjfLZ2yVFaQOIH2xvpZ4AOlxWluFNo-LlsAQTDiDiJnjek9FzDuWqEfIc1jXhUFiW6E1bAS5-T3rmymtUb5idTFZjPpHGSh-P5W-Zfg4nTVi6TcyGkOoEea-wNYxAo6aXOQy0rl
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://turtella.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

POST
H2 204 csi
csi.gstatic.com/ Frame 052A 0
54 B 309ms
309ms Ping
image/gif 2800:3f0:4004:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lldl9ss8&c=4729383535157&slotId=2364691767578.5&qqid=CNXfi_f74IADFQfQwgQdheUFyQ&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=987&mt=video%2Fmp4&vs=640x360&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.1o4~vil.26a~vfl.2d3&ua_e=1&ape=1&ple=1&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2800:3f0:4004:806::2003 , Argentina, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 10:27:45 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

81 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
turtella.ru/	1969-12-31 23:59:59	Name: JSESSIONID Value: E868BD3CAF87DB4EB6E625C9CCB3400F
turtella.ru/	1969-12-31 23:59:59	Name: netlog Value: 1
.turtella.ru/	1970-01-20 23:39:01	Name: _ga_S4KFHKCKS8 Value: GS1.1.1692181662.1.0.1692181662.0.0.0
.turtella.ru/	1970-01-20 23:39:01	Name: _ga Value: GA1.1.432699938.1692181662
.yadro.ru/	1970-01-20 22:47:49	Name: FTID Value: 1atAIT0enH8c1atAIT0037Ez
.yadro.ru/	1970-01-20 22:47:49	Name: VID Value: 3g-LHS2aL3Oc1atAIU0037Fv
.mc.yandex.com/	1970-01-20 14:03:02	Name: sync_cookie_csrf Value: 2247876163fake
.mc.yandex.ru/	1970-01-20 14:03:02	Name: sync_cookie_csrf Value: 3354209336fake
.turtella.ru/	1970-01-20 23:24:37	Name: __gads Value: ID=20b8730466659276-226d151051de0046:T=1692181662:RT=1692181662:S=ALNI_MYIKKpjo1heRQKnb1q0P2jiRE8LbQ
.turtella.ru/	1970-01-20 23:24:37	Name: __gpi Value: UID=00000c60cc969f80:T=1692181662:RT=1692181662:S=ALNI_Mb7JZjzCMA6Uqin0FqIOeTXpoXLNQ
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 340070411692181662
.yandex.com/	1970-01-20 23:39:01	Name: i Value: sy1ejIKEMa7z9TffmNF0XL6s+49NtcWq52MLT6yA5ztOLpUecawlO1gzN01ZJ9WZ9kCHwDtteoleknloB4MJ/9lxrO0=
.yandex.com/	1970-01-20 23:39:01	Name: yandexuid Value: 9482317901692181662
.yandex.com/	1970-01-20 22:48:37	Name: yuidss Value: 9482317901692181662
.yandex.com/	1970-01-20 22:48:37	Name: ymex Value: 1723717662.yrts.1692181662#1723717662.yrtsi.1692181662
.yandex.com/	1970-01-20 22:48:37	Name: bh Value: KgI/MA==
.doubleclick.net/	1970-01-20 14:03:05	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 23:24:37	Name: IDE Value: AHWqTUkaJhyTC3sL9cZujrUetmhGiF6plMoBqLvDx9z1EoIqRZCy8Yzf8hc7t1e__KA
.googleadservices.com/	1970-01-20 16:12:37	Name: ar_debug Value: 1
.doubleclick.net/	1970-01-20 18:22:13	Name: APC Value: AfxxVi73tGzFgmW3brr80u7Pvr93CdfnCh36YkyOFeaPLZoubI_z4A

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
bid.g.doubleclick.net
click.topturizm.ru
core.turtella.ru
counter.yadro.ru
csi.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
imasdk.googleapis.com
mc.yandex.com
mc.yandex.ru
mts0.google.com
p4-es4rj2otgqypk-v5ho6umckxtcya5d-if-v6exp3-v4.metric.gstatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
r1---sn-4g5lznez.c.2mdn.net
region1.google-analytics.com
st.turtella.ru
tpc.googlesyndication.com
turtella.ru
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
142.250.13.156
142.250.186.66
172.217.18.99
2001:4860:4802:34::36
2800:3f0:4004:806::2003
2a00:1450:4001:11::6
2a00:1450:4001:801::2008
2a00:1450:4001:806::2002
2a00:1450:4001:80b::200a
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:811::200e
2a00:1450:4001:813::2003
2a00:1450:4001:81c::200a
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2001
2a00:1450:4001:830::2002
2a00:1450:4001:831::200a
2a02:6b8::1:119
2a02:6ea0:c700::11
2a02:6ea0:c700::17
34.120.78.78
88.212.202.52
95.182.108.142
01bb42da92b50ab72f164ecd06dfdd2dbcae13a71cab5b2686775e74684f57ea
01cbb105faef1373e9d53ddc5e62c9c7b5f66cbc64c2c045a3daec0328b831e6
07af4360c2212cdb2437994bbb1cb31c63d0811357f21593893ecf0214c21f07
08a8e9d901d3eddf02820341236ce5331d3dc2c8fead2ef239724a7eee038b7b
09239fc3f86c9ea0903aebddf4476c30710a28aed0eee7bd1258c2dae9688b06
09c703fc6b74daf9ee9922485961462286899d0560f5528fea71c6467a3e47c2
0c8b1f98b3af7160b780dfac0e91ab579d16130a518fb98d402efa1733894d58
0dc2dfbb8a7cfd95b7e26cd31635911739b4ee1fb41363e062a9673fdca156f6
10bb30e8ef3123dd33350652f4863a093fda2b702485a8df6bab4ff1342c42fc
11df8f44207ab94b1a63905e12997b4c34deff2f0f2649729dc878def420ff7b
15c8acf7e9c1cef3cbe7a5905bb576f851c15ebc70cf0b3b0becab5e9dcb9e4c
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1811bc9b3358a9055f1cbbe1889ab60ee5159f52c39959e386fe42c98988a78d
181bc8da495ec8323917af345dc3995b4cdf16ca632f00c96ced42671f2ef476
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
199d921fa72f9628a6eba98583b3e9da3e9684319387161d845241ce3e7edda6
1c78bd552942864082516a0c2d16b7a0e4d7b0d924a35673702eea3175907f44
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1e7bcccb8a85d63dec18d6bc0bba8f08027588a47b392655c894c23d93cbe66f
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
2201c81c29859521baf3250652e05a069603d8bc1fe4321f034ff148cf6faeea
229c9fe56b5cdb3986dfa16ba43fcfbbb3d91f3bc581bfc23eeb70704c25fc4a
22deba5695aed3c3cf5cbe9d704037399d26cdbebc35ef9398be378e93d67ac1
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
29d66372a3c96dcd72388bd1bc1d1e69d704c97b9a35dbf2b231b64a7e0e80d8
2ae72651ea5c44a9f869e79692d53f42f2458d210580cd567e4b047af49c8cd6
2cf3ec10a36afbac4d9c01d8842db1dfea3cfcede2d1741a923c58f21ca9c383
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2dba53c45f5fb78811bd27bc86846a6646758adf3ab6d15f20bb746768640a13
30cd056ec0e2ce2af45b0bdd96f4898ac439cfbdadedc7131132509042ab4195
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
331955508346e7ab2c22279f9f6c63554d769b4b4899388a00fd83c62a82ff99
336a0c08c69f92f1a5b7a1d71902aa98ee2199424c0581dbaa27242b267942f4
357bbc5a921f25891368c77d2f2ed3409dd3541d66cd3f85aaba3244fe2271e1
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3b6815257ca6d70623322a49c33b5da9fad28eb223ad5a13ae9a8cc6cedb2616
3d444842ec16475498126a2314ead7741fa00a53455e8d59800b5a70b340ade6
40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9
41b7f4ef86f2344e72da822fe79265700ff1bf3361450a02ab4397ff1a5eb040
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
45184ea47e05d3bba4aaa0895510a212c59d5596d5295fba864d8fa38b6e7cdc
46c219f1abf69c2da30818c80bcadcbe7044dc8dd0c5f073425a58a7f8989f3d
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
49d13c6769df34edd2d4bbdb21ebb61d2ee5e71a19acf670f3e7f6fb17fb37ba
4e10decd94169d7d1f15e05bf8dacf4bdbf25589429a518923db6ece46285db4
528885843a33c978d355be55c1d57337f34858ffb8fb6eecb7455d6c9d891113
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5825c88b68a498c8b3d8d34f0090a625f063a366c8f3cbebf51e7657623fb13b
59d51c4dafdd0b3654b723f7057e6aa41dbbfaed91deb2ae74d0fe100619e2e5
5a2808f2d0c9a4b6bd25885aa754c3702f3dfd9beb98524cd015b8066afc985c
600130a0fc244c82240330b3d0e4d9a592ca6523cf0509f16e3e1a3da0eebbab
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6204fe6bc713bae3991f09e06c80277696152d2a5aa140234bab87d8f4eb9aa4
62e5a5b8246d41ae36ac998fe362e6b5675871a3cd9f2723380be113875181a4
6350dce6469ed24caf9785f9f9d3279bbf0042d58cbe2721cec9137c9aca9d06
647de6160ab57e21e8a9992fa818a83deb35d6438b93b3f09213fec0fe59eaa6
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
65f22d8aa0690bd9cf8ffe5d68e5f6866b05ed8fc6f6c9083b996c1b3c4c75f4
66f1675b6efb26674cac8eee607be514b08589684826d14d75048a5971a7419d
676318e1e48715cf21def311c8dc349ee2252ff47a7752bbd9287ef7ce7df416
6a573ed2d823eaa7761f76f04d52b8c3eb0d1e73d76a2d71c5b5a8479c4e1796
6cc3ebfb30c7f44ea17d0b8ff3aca5cb2e6710e62d0da7c5ecb35a65f6ae4802
6dd719bc66e94884a02c878a4ba4c963e313d6c2bcdfdc4e56ddc5fc51a49269
75eaf9775a697a655efb57549fb1cb14a1b9752e266bc177e89b5e612a1a2f4d
76a1ec8f82d1a0cb1836d82d6b360c0c2bc2c994b6efa3b50b46ea26a0b95ef4
7ab0ab4405baf59c272291e67c27e3eee09cd30a3610ceb5231501c7dcab52ad
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
868d44b11ddb2733eacaabc491f4ed3d2937019e18a13fc26eca1114b3c1f9f4
8841ef81d11ac1bd2bd88e82c6c0f3498d6af01da468e951f9dfe91bd30fdbae
8d9e06db9e393c1eaf5c4c45ba1cf40bc1d99529cbc0fffed00e36dab91aaa49
8ddcb300d83645d999ae14b7f7dde7b2ddead30f4789e04cf590ceff61842bf6
90e11a767d497fb26076ca2b083015392e504571def0105f891ad72277465e29
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
99a88e84f330f657be3401cab3def53e808f31a7e4380fb1edb49ac033899663
9a0b6199ceb05d6ccf0f1bb2aacc69e2bb58b1b107ccba0c46900a7ad401bbb1
9fa6591f56e092c972caf9354ca941aa259832e6df06a9df434d95dceb88ca91
a2c51c49db9c74085ebad0d11a1c5d1eea450239668797fbc3a477dc0ded3023
a7ea96fa00a214a9b931bc7c6d21f1ffd82002485b74712198a62c23f4833dfe
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
b10eb5c383184867434c94666ac09e42bc569dc821829ccc4e8e3c2b9d0572b5
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2ab8b8dcb5326544ecf90e1188dfe6a18726be43c7dd1ddfba51df5aa409672
b99644c38763a03badb9641e2aa275d58fb0e9e686b93e8a11afd26196b744e3
b9d1b8d0b742dc4e5747f2cfc316bd01cdbcbf2cebbde1119fd862365110eca8
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e
be60d08e8109d66ecce232e07b378bad8ee4fe22b83e03a4d2d062ead7886dc1
bfd9a264b48c9eb3119aebbf4b472151e8e109bc50ab2645adaac765177a0ada
c1199b7078cf98e8ba10c17f6c5bb80bfea88238220deb9610dfa30515020c57
c3a40f30b34e7581520fba47d1e333aea7163b410bd4dede37b744f3651101d7
c4ff1b46d7ada0cbbb80e9bee8633c61b380bb2f46c9979fcc8b19df78ae33d5
c627bfabf9b6d0e559a01747c1f95e5ce420d3fed0ece1589cff320e364589c9
cbc50bb55ec251fad1a7c080d283608ece8685cee12527e2469c29eea733c4ef
ce75b2bb7ecc96492c677e4a661e894da798085ad0bb95f753931d772a218615
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
df4997605d5a23101bb83f31410df0d671df9427ff2a34a7ce394e724cf2be7c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7707b1c7479908cb3e5523a048c639ccf5ffa425fedb08f05371c40405cc88e
e90f6b678b2f030caab438c18a9682c81b824f5b829cf9e436065c11bf293193
e9ea77bdbdb2740b6029b3672b833edef7b592763a0ebbad204ef84c211a7c84
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0db486317b3e43f2bf794b1fa79d3ea3eeab6bfd84ec09a24d3aa6023119898
f3e666394f684fdf1dcf0855c5d461bd1d842834c8a8014de9a0a7dde9ea0ac1
f5ea6a27e2579110bc0b18f12828c5a0824e746a8e612948d644492be06d177c
f774dc8bfc568b22696aefd68aba99c1a129f846da3d68bb8fd4bfe8d62c1494
f7d2f97b0ef2b5fca5c32fcf993ca078a0ef31e62ac495b4442256cc211aa388
f81a1fccf1bc9809048bb8bfdff0983cfbea477925fa72f8089e3499adf3451b
f9558493d7080e08ade572ca7a7a509826a463e897811be917052a54d80bdaa0
fab81dac13e3b158cae78a5597caee164430b1be343af54b61e13201cbc9b0bb
fcae7eaed7f9674501a9b35fa826141d1a5075fd107af2a5a9830a9c6fd877a7
fecd47dfc64dc422f69ce70511078c0735bad30736ef25bc6dc1bb1c3f5029bd

turtella.ru Open in urlscan Pro 34.120.78.78 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

171 Requests

94 %HTTPS

77 %IPv6

15 Domains

27 Subdomains

26 IPs

4 Countries

4866 kBTransfer

8238 kBSize

20 Cookies

8 Outgoing links

Page URL History

Redirected requests

171 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 16 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

turtella.ru Open in urlscan Pro
34.120.78.78 Public Scan

Screenshot
Live screenshot

Full Image

171
Requests

94 %
HTTPS

77 %
IPv6

15
Domains

27
Subdomains

26
IPs

4
Countries

4866 kB
Transfer

8238 kB
Size

20
Cookies

171 HTTP transactions
16 data transactions