urlscan.io logo urlscan.io
SecurityTrails logo

176.9.92.137 Open in urlscan Pro
176.9.92.137  Public Scan

Go To Rescan Add Verdict Report
URL: http://176.9.92.137/
Submission: On July 21 via api from TW
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 40 IPs in 10 countries across 27 domains to perform 170 HTTP transactions. The main IP is 176.9.92.137, located in Germany and belongs to HETZNER-AS, DE. The main domain is 176.9.92.137.
This is the only time 176.9.92.137 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 176.9.92.137 24940 (HETZNER-AS)
47 2606:4700:10:... 13335 (CLOUDFLAR...)
3 2a02:2638:1::3 44788 (ASN-CRITE...)
10 185.7.176.223 42910 (PREMIERDC...)
2 2a00:1450:400... 15169 (GOOGLE)
8 31.3.2.119 21245 (NETSA-AS)
4 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 13.35.254.115 16509 (AMAZON-02)
2 192.0.77.48 2635 (AUTOMATTIC)
12 216.58.208.34 15169 (GOOGLE)
2 92.122.252.114 16625 (AKAMAI-AS)
18 185.7.176.221 42910 (PREMIERDC...)
9 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a02:2638:1::13 44788 (ASN-CRITE...)
1 178.250.2.146 44788 (ASN-CRITE...)
1 2600:9000:214... 16509 (AMAZON-02)
2 2606:4700:e2:... 13335 (CLOUDFLAR...)
1 2600:9000:214... 16509 (AMAZON-02)
2 178.250.2.131 44788 (ASN-CRITE...)
1 216.52.2.48 29791 (VOXEL-DOT...)
1 52.58.146.181 16509 (AMAZON-02)
3 213.19.162.31 26667 (RUBICONPR...)
1 185.64.189.112 62713 (AS-PUBMATIC)
1 2 54.154.174.199 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
6 37.157.6.246 198622 (ADFORM)
1 213.19.162.67 26667 (RUBICONPR...)
3 37.157.6.234 198622 (ADFORM)
1 2 172.217.21.198 15169 (GOOGLE)
2 104.111.230.142 16625 (AKAMAI-AS)
1 2 52.211.146.59 16509 (AMAZON-02)
2 2a03:2880:f01... 32934 (FACEBOOK)
2 2a03:2880:f11... 32934 (FACEBOOK)
170 40
1    176.9.92.137 (Germany)

ASN24940 (HETZNER-AS, DE)
176.9.92.137
47    2606:4700:10::6814:e66f (United States)

ASN13335 (CLOUDFLARENET, US)
c.nefisyemektarifleri.com
i.nefisyemektarifleri.com
3    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
10    185.7.176.223 (Turkey)

ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR)
static.virgul.com
ng2.virgul.com
2    2a00:1450:4001:821::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
8    31.3.2.119 (Turkey)

ASN21245 (NETSA-AS, TR)
mn.nytcdn.com
4    2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2606:4700:3032::ac43:c1c0 (United States)

ASN13335 (CLOUDFLARENET, US)
static.nefisyemektarifleri.net
3    2a00:1450:4001:814::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    13.35.254.115 (Seattle, United States)

ASN16509 (AMAZON-02, US)
tags.crwdcntrl.net
2    192.0.77.48 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
s.w.org
12    216.58.208.34 (Mountain View, United States)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
2    92.122.252.114 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
ads.pubmatic.com
18    185.7.176.221 (Turkey)

ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR)
ng.virgul.com
9    2a00:1450:4001:81b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
adservice.google.de
adservice.google.com
www.googletagservices.com
1    2a00:1450:4001:821::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ampcid.google.com
1    2a00:1450:4001:819::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ampcid.google.de
1    2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:821::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
1    2600:9000:214f:7000:15:efbc:e300:93a1 (United States)

ASN16509 (AMAZON-02, US)
js.agkn.com
2    2606:4700:e2::ac40:8620 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
1    2600:9000:214f:9c00:19:fc2c:a140:93a1 (United States)

ASN16509 (AMAZON-02, US)
d.agkn.com
2    178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
1    216.52.2.48 (United States)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
1    52.58.146.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
prebid-server.rubiconproject.com
3    213.19.162.31 (United Kingdom)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
2    54.154.174.199 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
samsungturkey.demdex.net
1    2a00:1450:4001:819::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
5108c0169a02a2d0abaed8431efbdce9.safeframe.googlesyndication.com
8    2a00:1450:4001:818::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
6    37.157.6.246 (Denmark)

ASN198622 (ADFORM, DK)
track.adform.net
1    213.19.162.67 (United Kingdom)

ASN26667 (RUBICONPROJECT, US)
beacon-eu-ams3.rubiconproject.com
3    37.157.6.234 (Denmark)

ASN198622 (ADFORM, DK)
s1.adform.net
2    172.217.21.198 (United States)

ASN15169 (GOOGLE, US)
ad.doubleclick.net
2    104.111.230.142 (Netherlands)

ASN16625 (AKAMAI-AS, US)
eus.rubiconproject.com
2    52.211.146.59 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
bcp.crwdcntrl.net
2    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
47 nefisyemektarifleri.com
c.nefisyemektarifleri.com
i.nefisyemektarifleri.com
711 KB
28 virgul.com
static.virgul.com
ng.virgul.com
ng2.virgul.com
150 KB
15 doubleclick.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
ad.doubleclick.net
125 KB
14 googlesyndication.com
pagead2.googlesyndication.com
5108c0169a02a2d0abaed8431efbdce9.safeframe.googlesyndication.com
tpc.googlesyndication.com
174 KB
9 adform.net
track.adform.net
s1.adform.net
86 KB
8 nytcdn.com
mn.nytcdn.com
43 KB
7 rubiconproject.com
prebid-server.rubiconproject.com
fastlane.rubiconproject.com
beacon-eu-ams3.rubiconproject.com
eus.rubiconproject.com
7 KB
4 criteo.com
gum.criteo.com
mug.criteo.com
bidder.criteo.com
2 KB
4 gstatic.com
fonts.gstatic.com
38 KB
3 google.de
adservice.google.de
ampcid.google.de
www.google.de
763 B
3 google.com
ampcid.google.com
adservice.google.com
www.google.com
879 B
3 pubmatic.com
ads.pubmatic.com
hbopenbid.pubmatic.com
74 KB
3 crwdcntrl.net
tags.crwdcntrl.net
bcp.crwdcntrl.net
12 KB
3 google-analytics.com
www.google-analytics.com
18 KB
3 criteo.net
static.criteo.net
32 KB
2 facebook.com
www.facebook.com
525 B
2 facebook.net
connect.facebook.net
165 KB
2 ampproject.org
cdn.ampproject.org
86 KB
2 googletagservices.com
www.googletagservices.com
54 KB
2 demdex.net
samsungturkey.demdex.net
2 KB
2 4dex.io
script.4dex.io
20 KB
2 agkn.com
js.agkn.com
d.agkn.com
4 KB
2 w.org
s.w.org
1008 B
2 googletagmanager.com
www.googletagmanager.com
81 KB
1 lijit.com
ap.lijit.com
575 B
1 nefisyemektarifleri.net
static.nefisyemektarifleri.net
1 KB
0 adsrvr.org Failed
match.adsrvr.org Failed
170 27
Domain Requested by
37 i.nefisyemektarifleri.com 176.9.92.137
18 ng.virgul.com static.virgul.com
176.9.92.137
12 securepubads.g.doubleclick.net static.virgul.com
securepubads.g.doubleclick.net
176.9.92.137
10 c.nefisyemektarifleri.com 176.9.92.137
8 tpc.googlesyndication.com securepubads.g.doubleclick.net
176.9.92.137
cdn.ampproject.org
tpc.googlesyndication.com
8 mn.nytcdn.com 176.9.92.137
7 ng2.virgul.com static.virgul.com
6 track.adform.net 176.9.92.137
s1.adform.net
5 pagead2.googlesyndication.com static.virgul.com
securepubads.g.doubleclick.net
4 fonts.gstatic.com 176.9.92.137
3 s1.adform.net track.adform.net
s1.adform.net
176.9.92.137
3 fastlane.rubiconproject.com static.virgul.com
3 www.google-analytics.com www.googletagmanager.com
176.9.92.137
3 static.virgul.com 176.9.92.137
static.virgul.com
3 static.criteo.net 176.9.92.137
2 www.facebook.com
2 connect.facebook.net 176.9.92.137
connect.facebook.net
2 bcp.crwdcntrl.net 1 redirects tags.crwdcntrl.net
2 eus.rubiconproject.com 176.9.92.137
static.virgul.com
2 ad.doubleclick.net 1 redirects 176.9.92.137
2 cdn.ampproject.org securepubads.g.doubleclick.net
2 www.googletagservices.com securepubads.g.doubleclick.net
2 samsungturkey.demdex.net 1 redirects 176.9.92.137
2 bidder.criteo.com static.criteo.net
2 script.4dex.io static.virgul.com
script.4dex.io
2 ads.pubmatic.com static.virgul.com
2 s.w.org 176.9.92.137
2 www.googletagmanager.com 176.9.92.137
1 beacon-eu-ams3.rubiconproject.com 176.9.92.137
1 5108c0169a02a2d0abaed8431efbdce9.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 hbopenbid.pubmatic.com static.virgul.com
1 prebid-server.rubiconproject.com static.virgul.com
1 ap.lijit.com static.virgul.com
1 d.agkn.com js.agkn.com
1 js.agkn.com static.virgul.com
1 mug.criteo.com 176.9.92.137
1 gum.criteo.com 1 redirects
1 www.google.de 176.9.92.137
1 www.google.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 ampcid.google.de www.google-analytics.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 ampcid.google.com www.google-analytics.com
1 tags.crwdcntrl.net www.googletagmanager.com
1 static.nefisyemektarifleri.net 176.9.92.137
0 match.adsrvr.org Failed ads.pubmatic.com
170 47
Subject Issuer Validity Valid
*.nefisyemektarifleri.com
Sectigo RSA Domain Validation Secure Server CA		 2020-05-05 -
2021-07-04		 a year crt.sh
*.criteo.net
DigiCert ECC Secure Server CA		 2020-06-22 -
2020-09-20		 3 months crt.sh
*.virgul.com
COMODO RSA Domain Validation Secure Server CA		 2017-08-17 -
2020-09-28		 3 years crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-07-07 -
2020-09-29		 3 months crt.sh
mn.nytcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2020-01-20 -
2021-03-20		 a year crt.sh
*.gstatic.com
GTS CA 1O1		 2020-06-30 -
2020-09-22		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-07-11 -
2021-07-11		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2019-06-13 -
2021-06-28		 2 years crt.sh
*.w.org
Sectigo RSA Domain Validation Secure Server CA		 2019-12-19 -
2021-12-18		 2 years crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-06-30 -
2020-09-22		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-07-07 -
2020-09-29		 3 months crt.sh
*.google.de
GTS CA 1O1		 2020-06-30 -
2020-09-22		 3 months crt.sh
www.google.de
GTS CA 1O1		 2020-07-07 -
2020-09-29		 3 months crt.sh
*.criteo.com
DigiCert ECC Secure Server CA		 2020-06-22 -
2020-09-20		 3 months crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2020-03-11 -
2021-05-10		 a year crt.sh
*.rubiconproject.com
DigiCert SHA2 Secure Server CA		 2019-01-10 -
2021-01-14		 2 years crt.sh
*.pubmatic.com
Sectigo RSA Organization Validation Secure Server CA		 2019-02-22 -
2021-02-21		 2 years crt.sh
*.demdex.net
DigiCert SHA2 High Assurance Server CA		 2018-01-09 -
2021-02-12		 3 years crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2020-06-30 -
2020-09-22		 3 months crt.sh
misc-sni.google.com
GTS CA 1O1		 2020-06-30 -
2020-09-22		 3 months crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA		 2019-09-16 -
2021-09-20		 2 years crt.sh
*.doubleclick.net
GTS CA 1O1		 2020-06-30 -
2020-09-22		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-05-14 -
2020-08-05		 3 months crt.sh

This page contains 18 frames:

Primary Page: http://176.9.92.137/
Frame ID: 8E179B091A2B1C039A701B6568EA26C8
Requests: 133 HTTP requests in this frame

Frame: https://ng2.virgul.com/ic/5e25888d6f82ad050a0138d8?scm=https&g=1&t=cpc_annotation&sdr=5000&tp=&r=153183@site_geneli@nefisyemektarifleri:site_geneli&l=&info=&os=&mt=1595331757864&userId=vnetce904a4a-b829-43fd-8f50-e15d9cab183d
Frame ID: B8C69A4A79CB8575C8F81F85AA356E08
Requests: 1 HTTP requests in this frame

Frame: https://ng2.virgul.com/ic/5e2588ac6f82ad050a013a2c?scm=https&g=1&t=cpc_annotation&sdr=5000&tp=&r=153188@site_geneli@nefisyemektarifleri:site_geneli&l=&info=&os=&mt=1595331757864&userId=vnetce904a4a-b829-43fd-8f50-e15d9cab183d
Frame ID: 8C57CF0C3CA963E67C974F1E49C544D4
Requests: 1 HTTP requests in this frame

Frame: https://ng2.virgul.com/ic/5e2588a66f82ad050a0139ec?scm=https&g=1&t=cpc_annotation&sdr=5000&tp=&r=153191@site_geneli@nefisyemektarifleri:site_geneli&l=&info=&os=&mt=1595331757864&userId=vnetce904a4a-b829-43fd-8f50-e15d9cab183d
Frame ID: 63129D7DFEF4B2066E58AC5A8B2B0A5B
Requests: 1 HTTP requests in this frame

Frame: https://ng2.virgul.com/ic/5e2588ae6f82ad050a013a52?scm=https&g=1&t=cpc_annotation&sdr=5000&tp=&r=153187@site_geneli@nefisyemektarifleri:site_geneli&l=&info=&os=&mt=1595331757864&userId=vnetce904a4a-b829-43fd-8f50-e15d9cab183d
Frame ID: CFC81D1899EA8FE469E83033C8F127C0
Requests: 1 HTTP requests in this frame

Frame: https://ng2.virgul.com/ic/5e2588ae6f82ad050a013a58?scm=https&g=1&t=cpc_annotation&sdr=5000&tp=&r=153184@site_geneli@nefisyemektarifleri:site_geneli&l=&info=&os=&mt=1595331757864&userId=vnetce904a4a-b829-43fd-8f50-e15d9cab183d
Frame ID: 72D597A664C7FE873687166DABD03D27
Requests: 1 HTTP requests in this frame

Frame: https://ng2.virgul.com/ic/5e2588ae6f82ad050a013a56?scm=https&g=1&t=cpc_annotation&sdr=5000&tp=&r=153185@site_geneli@nefisyemektarifleri:site_geneli&l=&info=&os=&mt=1595331757864&userId=vnetce904a4a-b829-43fd-8f50-e15d9cab183d
Frame ID: 5870D8E0421D3D5F0E2FE1A001B77828
Requests: 1 HTTP requests in this frame

Frame: http://d.agkn.com/iframe/8613/?che=733207952&gdpr=&gdpr_consent=&ref=&bpid=noktacommedya&c=%7B%22bpid%22%3A%22noktacommedya%22%2C%22loc%22%3A%22http%3A%2F%2F176.9.92.137%2F%22%2C%22gdpr%22%3A%22%22%2C%22gdpr_consent%22%3A%22%22%2C%22ref%22%3A%22-1%22%2C%22cid%22%3A%22-1%22%2C%22sid%22%3A%22nefisyemektarifleri%22%2C%22gen%22%3A%22-1%22%2C%22age%22%3A%22-1%22%2C%22cat%22%3A%22site_geneli%22%2C%22brd%22%3A%22-1%22%7D
Frame ID: D8C0FEEB7C372B9929CB865ADD1E0C25
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 753502331889E4B62973C9C8B9317B9F
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012007102309000/amp4ads-v0.js
Frame ID: 8A0EDE8972700FD1BA82288A76118216
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: C9BDEA0B0F092A1868407B33FCD3FE58
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssZvyBR_MjHqylCE5Uf1HH_LtGE4aIynRJdZ2JqFhwWv_Py8ids-mGH3IAv-rEASV1SMliLcZsJHWmhV1YwzJswIkRvs1Cdm1zXVrWE8MgMm46qHSDuyPNwWfdp14DlVRHW6kekyrOm2p5MOk7213TfQdzoYlOo8ivGm-0m-OLk_iGHC7OBOCK-vaHm9IhnPVav5EfXY8a1lfUJS89T-fN-6wUCsxV3QGoHVILnR4ssXjd_AJQMVLraFCKC_v_0YK8e0ENaYiwj4Gg&sai=AMfl-YSBjVmTHikNEnYI0vlN9iHtcip9b3goczQiizUWBKEO4vd_kuzvth9OorYrRLmGc1TkYT5dxv3ZaALKFxVqVqKBJCZjlmJxqxgJ8adgYQ&sig=Cg0ArKJSzNtrc2sX7j89EAE&urlfix=1&adurl=
Frame ID: AC40E98D2F7539B93B9ED857A026E379
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 8B560EFBEECB77BBF104DCCA5C0686EC
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=pl
Frame ID: 6307AC6F4E4BE935410AF26EF098BF35
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/5/ct=y/c=14357/rand=896071899/pv=y/rt=ifr
Frame ID: 087116007F57FA99883F1E0ED39A10CB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: 43279175AD07F9216AA53AF1272B5CA6
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 8C9DCD996B47E644DA9FEB4BB2731F20
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 2C9F4E6959B27D7BBAE5784957B48329
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers via /varnish(?: \(Varnish\/([\d.]+)\))?/i

Page Statistics

170
Requests

97 %
HTTPS

50 %
IPv6

27
Domains

47
Subdomains

40
IPs

10
Countries

1911 kB
Transfer

4327 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 61
  • http://www.googletagmanager.com/gtag/js?id=G-WGBDLK44E4&l=dataLayer&cx=c HTTP 307
  • https://www.googletagmanager.com/gtag/js?id=G-WGBDLK44E4&l=dataLayer&cx=c
Request Chain 78
  • https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j83&tid=UA-258511-16&cid=1445147702.1595331758&jid=1074135833&gjid=943552606&_gid=1508115909.1595331758&_u=YCDAgEABAAQC~&z=297497043 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-258511-16&cid=1445147702.1595331758&jid=1074135833&_v=j83&z=297497043 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-258511-16&cid=1445147702.1595331758&jid=1074135833&_v=j83&z=297497043&slf_rd=1&random=644532387
Request Chain 79
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2F176.9.92.137%2F&domain=176.9.92.137&cw=1&pbt=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=1fMf13xUQ3h0NnFxUGFjVEJCSURnbTdhMldPRnFUTWtRZ3poV2pITDNvTysxTDhRNU42MnAzRFYrTTVXOEMzODZwd2xiY3hLb1ZVYXlWZ3A4eVMzOHQ2MEplTStvSElDVldHMncwckR1Vk9KbmQ5VVc2ZTdPOEVZZThPOHZHQStkMjZGeE94ck1lRU5veE44R2hjNi9rbS8zVzNmamtvY2EzUjdiZlZ0SHBQSjlJeXZUeEtoLytrdGhKaW5mMndYNWlZZEQ5S1cwVEEyd1FubFN0L1RWb3JqYUYzV3BkNWdIQnZhUWRHV2g2NEpKcjNLSVFjSUUyTitNRDdnWkNiUy9MejVxfA&cppv=2
Request Chain 99
  • https://samsungturkey.demdex.net/event?c_source=desktop&c_url=http%3A%2F%2F176.9.92.137%2F&c_site=nefisyemektarifleri&c_title=Nefis%20Yemek%20Tarifleri%20-%20Kolay%20ve%20Pratik%20Yemek%20Tarifleri&c_category=kategori&c_subcategory=&c_day=tuesday&c_time=lunch HTTP 302
  • https://samsungturkey.demdex.net/firstevent?c_source=desktop&c_url=http%3A%2F%2F176.9.92.137%2F&c_site=nefisyemektarifleri&c_title=Nefis%20Yemek%20Tarifleri%20-%20Kolay%20ve%20Pratik%20Yemek%20Tarifleri&c_category=kategori&c_subcategory=&c_day=tuesday&c_time=lunch
Request Chain 130
  • https://ad.doubleclick.net/ddm/trackimp/N126614.1945103AUDIENCENETWORK0/B21830396.231455012;dc_trk_aid=429325705;dc_trk_cid=124426746;pb=value;ord=62381;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N126614.1945103AUDIENCENETWORK0/B21830396.231455012;dc_pre=CLiYgPeh3uoCFcmAgwcd9G0IOQ;dc_trk_aid=429325705;dc_trk_cid=124426746;pb=value;ord=62381;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
Request Chain 142
  • https://bcp.crwdcntrl.net/5/c=14357/rand=896071899/pv=y/rt=ifr HTTP 302
  • https://bcp.crwdcntrl.net/5/ct=y/c=14357/rand=896071899/pv=y/rt=ifr

170 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
176.9.92.137/ 		169 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://176.9.92.137/
Protocol
HTTP/1.1
Server
176.9.92.137 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
/
Resource Hash
1c09d2be2d709bc3e5a3c556696aebb1bf254d937ac4e7b1e72f6ae518ca15cc

Request headers

Host
176.9.92.137
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Last-Modified
Mon, 20 Jul 2020 07:41:02 GMT
Content-Encoding
gzip
X-BNC
remote
X-R
1
cache-control
max-age=97890000
Content-Length
27143
Accept-Ranges
bytes
Date
Tue, 21 Jul 2020 11:42:36 GMT
Age
100894
Via
1.1 varnish
Connection
close
X-Cache
X-HIT
style-min.css
c.nefisyemektarifleri.com/wp-content/themes/nefistema/ 		200 KB
39 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.nefisyemektarifleri.com/wp-content/themes/nefistema/style-min.css?ver=112407
Requested by
Host: 176.9.92.137
URL: http://176.9.92.137/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:e66f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75aec09e5467d9d0f2f4158809f3e9ed23f71e9340f8df415d6139b9ff4c30de

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 21 Jul 2020 11:42:37 GMT
via
1.1 varnish
cf-cache-status
HIT
age
4823526
x-cache
X-HIT
status
200
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0412c7dbb1000016e676ba2200000001
x-bnc
local
last-modified
Tue, 26 May 2020 15:41:54 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=97890000
x-r
0
cf-ray
5b64a8d91ec116e6-FRA
access-control-allow-headers
X-Requested-With
publishertag.js
static.criteo.net/js/ld/ 		103 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: 176.9.92.137
URL: http://176.9.92.137/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
488371624e2b23b5e2243c8a40fe23c82cfe992f6c7052421c66e982e68b2fec

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 21 Jul 2020 11:42:36 GMT
content-encoding
gzip
last-modified
Wed, 01 Jul 2020 10:37:58 GMT
server
nginx
etag
W/"5efc6786-19a49"
status
200
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Wed, 22 Jul 2020 11:42:36 GMT
style-print-min.css
c.nefisyemektarifleri.com/wp-content/themes/nefistema/ 		827 B
523 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.nefisyemektarifleri.com/wp-content/themes/nefistema/style-print-min.css?ver=102
Requested by
Host: 176.9.92.137
URL: http://176.9.92.137/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:e66f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88c55fbec08c4264b185f51a619b15f3010cbc3329532cd0b997df67b73f54b9

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 21 Jul 2020 11:42:37 GMT
via
1.1 varnish
cf-cache-status
HIT
age
4828460
x-cache
X-HIT
status
200
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0412c7dc26000016e676bb4200000001
x-bnc
local
last-modified
Fri, 24 Jan 2020 14:29:15 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=97890000
x-r
0
cf-ray
5b64a8d9d88f16e6-FRA
access-control-allow-headers
X-Requested-With
yogurtlu-bulgur-salatasi-320x213.jpg
i.nefisyemektarifleri.com/2020/07/20/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nefisyemektarifleri.com/2020/07/20/yogurtlu-bulgur-salatasi-320x213.jpg
Requested by
Host: 176.9.92.137
URL: http://176.9.92.137/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:e66f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c499a2895e59b7744a80f33f7b66618f1064176517a2482a2d88d96e55447e43

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 21 Jul 2020 11:42:37 GMT
via
1.1 varnish
cf-cache-status
HIT
age
2
cf-polished
origSize=25309, status=webp_bigger
x-cache
X-MISS
status
200
x-optim-disabled
true
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
23888
cf-request-id
0412c7dc26000016e676bab200000001
x-bnc
photonkunefe
last-modified
Tue, 21 Jul 2020 11:42:35 GMT
server
cloudflare
photon
remote
etag
"40ad95465e5dcbdf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=97890000
x-r
0
accept-ranges
bytes
cf-ray
5b64a8d9d88116e6-FRA
cf-bgj
imgq:100,h2pri
xa1579472359-fbf127387cfa8922668bfa5e14e387d4-bpthumb.jpg
i.nefisyemektarifleri.com/avatar/2020/01/19/3445133/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nefisyemektarifleri.com/avatar/2020/01/19/3445133/xa1579472359-fbf127387cfa8922668bfa5e14e387d4-bpthumb.jpg
Requested by
Host: 176.9.92.137
URL: http://176.9.92.137/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:e66f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0397051fc31d1382bc5b1809f1a3c8e067bfd69e26f64eb3a62952c5526086a

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 21 Jul 2020 11:42:37 GMT
via
1.1 varnish
cf-cache-status
HIT
age
2937230
cf-polished
origSize=11247, status=webp_bigger
x-cache
X-MISS
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10594
cf-request-id
0412c7dc26000016e676baa200000001
x-bnc
local
last-modified
Sun, 19 Jan 2020 22:19:19 GMT
server
cloudflare
etag
"5e24d5e7-2bef"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=97890000
x-r
0
accept-ranges
bytes
cf-ray
5b64a8d9d87d16e6-FRA
access-control-allow-headers
X-Requested-With
cf-bgj
imgq:100,h2pri
kiraz-tatlisi-320x213.jpg
i.nefisyemektarifleri.com/2020/07/20/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nefisyemektarifleri.com/2020/07/20/kiraz-tatlisi-320x213.jpg
Requested by
Host: 176.9.92.137
URL: http://176.9.92.137/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:e66f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d21cb16f026aed82cbf5581001161ea1fb52b619bf50048ac587aab5b939e6e0

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 21 Jul 2020 11:42:37 GMT
via
1.1 varnish
cf-cache-status
HIT
age
104071
cf-polished
origSize=16610, status=webp_bigger
x-cache
X-HIT
status
200
x-optim-disabled
true
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16180
cf-request-id
0412c7dc26000016e676bac200000001
x-bnc
photon
last-modified
Mon, 20 Jul 2020 06:37:45 GMT
server
cloudflare
photon
local
etag
"d281e2ebadf52f1e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=97890000
x-r
0
accept-ranges
bytes
cf-ray
5b64a8d9d88216e6-FRA
cf-bgj
imgq:100,h2pri
xa1565941737-b29cecdfce526fad90960c486fef5e2c-bpthumb.jpg
i.nefisyemektarifleri.com/avatar/2019/08/16/2963855/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nefisyemektarifleri.com/avatar/2019/08/16/2963855/xa1565941737-b29cecdfce526fad90960c486fef5e2c-bpthumb.jpg
Requested by
Host: 176.9.92.137
URL: http://176.9.92.137/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:e66f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97a4f7fb7aafec5f72a69ef4ccce75b46fe77eee5623b95766e0eca1cbee4f2d

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 21 Jul 2020 11:42:37 GMT
via
1.1 varnish
cf-cache-status
HIT
age
103996
cf-polished
origSize=5220, status=webp_bigger
x-cache
X-MISS
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4803
cf-request-id
0412c7dc26000016e676bad200000001
x-bnc
local
last-modified
Fri, 16 Aug 2019 07:48:57 GMT
server
cloudflare
etag
"5d565fe9-1464"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=97890000
x-r
0
accept-ranges
bytes
cf-ray
5b64a8d9d88316e6-FRA
access-control-allow-headers
X-Requested-With
cf-bgj
imgq:100,h2pri
beyaz-cikolatali-supangle-320x213.jpg
i.nefisyemektarifleri.com/2020/07/20/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nefisyemektarifleri.com/2020/07/20/beyaz-cikolatali-supangle-320x213.jpg
Requested by
Host: 176.9.92.137
URL: http://176.9.92.137/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:e66f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7fd45eaeaf58c2d9dfe0d899469a85a572fd8516215329b4331210616776d5f

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 21 Jul 2020 11:42:37 GMT
via
1.1 varnish
cf-cache-status
HIT
age
105073
cf-polished
origSize=16046, status=webp_bigger
x-cache
X-HIT
status
200
x-optim-disabled
true
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15645
cf-request-id
0412c7dc26000016e676bae200000001
x-bnc
photonkunefe
last-modified
Mon, 20 Jul 2020 06:22:41 GMT
server
cloudflare
photon
remote
etag
"f8333f637b563485"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=97890000
x-r
0
accept-ranges
bytes
cf-ray
5b64a8d9d88516e6-FRA
cf-bgj
imgq:100,h2pri
xa1591164220-efc9abad183ef57fcebbacbd7ceb5575-bpthumb.jpg
i.nefisyemektarifleri.com/avatar/2020/06/03/3699954/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nefisyemektarifleri.com/avatar/2020/06/03/3699954/xa1591164220-efc9abad183ef57fcebbacbd7ceb5575-bpthumb.jpg
Requested by
Host: 176.9.92.137
URL: http://176.9.92.137/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:e66f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc4ebde1f9367375f085b5435123e08526fa12b3d7cd90a2615b3b22e7dfbf29

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 21 Jul 2020 11:42:37 GMT
via
1.1 varnish
cf-cache-status
HIT
age
1141131
cf-polished
origSize=7689, status=webp_bigger
x-cache
X-MISS
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7225
cf-request-id
0412c7dc26000016e676baf200000001
x-bnc
remote
last-modified
Wed, 03 Jun 2020 06:03:40 GMT
server
cloudflare
etag
"5ed73d3c-1e09"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=97890000
x-r
1
accept-ranges
bytes
cf-ray
5b64a8d9d88616e6-FRA
cf-bgj
imgq:100,h2pri
firinda-butun-tavuk-320x213.jpg
i.nefisyemektarifleri.com/2020/07/20/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nefisyemektarifleri.com/2020/07/20/firinda-butun-tavuk-320x213.jpg
Requested by
Host: 176.9.92.137
URL: http://176.9.92.137/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:e66f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26897ba4be6ae4605c3d445dba771e5e229fd66a3bbeb72cbc15a417cd31fed5

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 21 Jul 2020 11:42:37 GMT
via
1.1 varnish
cf-cache-status
HIT
age
105072
cf-polished
origSize=18601, status=webp_bigger
x-cache
X-HIT
status
200
x-optim-disabled
true
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17945
cf-request-id
0412c7dc5c000016e676bb6200000001
x-bnc
photon
last-modified
Mon, 20 Jul 2020 06:19:33 GMT
server
cloudflare
photon
local
etag
"45daa258063b4baa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=97890000
x-r
0
accept-ranges
bytes
cf-ray
5b64a8da296e16e6-FRA
cf-bgj
imgq:100,h2pri
xa1505564210-b9da808c6af7f2ea1d5ad39fd055bf5e-bpthumb.jpg
i.nefisyemektarifleri.com/avatar/2017/09/16/1351892/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nefisyemektarifleri.com/avatar/2017/09/16/1351892/xa1505564210-b9da808c6af7f2ea1d5ad39fd055bf5e-bpthumb.jpg
Requested by
Host: 176.9.92.137
URL: http://176.9.92.137/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:e66f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfdcb66ce83376872be3d63cee3155a7737b92b9b89d9a5385ac12a597604ed1

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 21 Jul 2020 11:42:37 GMT
via
1.1 varnish
cf-cache-status
HIT
age
163419
cf-polished
origSize=3979, status=webp_bigger
x-cache
X-MISS
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3609
cf-request-id
0412c7dc5c000016e676bb7200000001
x-bnc
local
last-modified
Sat, 16 Sep 2017 12:16:50 GMT
server
cloudflare
etag
"59bd1632-f8b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=97890000
x-r
0
accept-ranges
bytes
cf-ray
5b64a8da297016e6-FRA
access-control-allow-headers
X-Requested-With
cf-bgj
imgq:100,h2pri
cikolatali-pasta-320x213.jpg
i.nefisyemektarifleri.com/2020/07/20/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nefisyemektarifleri.com/2020/07/20/cikolatali-pasta-320x213.jpg
Requested by
Host: 176.9.92.137
URL: http://176.9.92.137/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:e66f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3920a2264135d609d3031e5f4b9b0a1c8b39fed08cc60036eb6583603aaf914b

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 21 Jul 2020 11:42:37 GMT
via
1.1 varnish
cf-cache-status
HIT
age
106033
cf-polished
origSize=18904, status=webp_bigger
x-cache
X-HIT
status
200
x-optim-disabled
true
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18205
cf-request-id
0412c7dc5d000016e676bb8200000001
x-bnc
photon
last-modified
Mon, 20 Jul 2020 06:06:52 GMT
server
cloudflare
photon
local
etag
"d9cd850f16c399af"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=97890000
x-r
0
accept-ranges
bytes
cf-ray
5b64a8da297916e6-FRA
cf-bgj
imgq:100,h2pri
firin-sutlac-tarifim-6-kisilik-toprak-guvec-kabinda-1-320x213.jpg
i.nefisyemektarifleri.com/2020/07/19/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nefisyemektarifleri.com/2020/07/19/firin-sutlac-tarifim-6-kisilik-toprak-guvec-kabinda-1-320x213.jpg
Requested by
Host: 176.9.92.137
URL: http://176.9.92.137/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:e66f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd3f0aa44cebd94ff82613261f00653e3cd3f6fe1d91a63b7bc928202e16e16c

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 21 Jul 2020 11:42:37 GMT
via
1.1 varnish
cf-cache-status
HIT
age
156802
cf-polished
origSize=19077, status=webp_bigger
x-cache
X-HIT
status
200
x-optim-disabled
true
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18475
cf-request-id
0412c7dc5d000016e676bb9200000001
x-bnc
photonkunefe
last-modified
Sun, 19 Jul 2020 16:07:03 GMT
server
cloudflare
photon
remote
etag
"778e6b55f174e524"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=97890000
x-r
0
accept-ranges
bytes
cf-ray
5b64a8da297c16e6-FRA
cf-bgj
imgq:100,h2pri
xa1573483699-fad181e2ff477911d595b8d8fdd25b36-bpthumb.jpg
i.nefisyemektarifleri.com/avatar/2019/11/11/2561352/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nefisyemektarifleri.com/avatar/2019/11/11/2561352/xa1573483699-fad181e2ff477911d595b8d8fdd25b36-bpthumb.jpg
Requested by
Host: 176.9.92.137
URL: http://176.9.92.137/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:e66f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db087f4cf06a580ec8564077755aeecaaeba86fb0632317ca2102a885d5063f9

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 21 Jul 2020 11:42:37 GMT
via
1.1 varnish
cf-cache-status
HIT
age
710096
cf-polished
origSize=15372, status=webp_bigger
x-cache
X-MISS
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14204
cf-request-id
0412c7dc5d000016e676bba200000001
x-bnc
local
last-modified
Mon, 11 Nov 2019 14:48:19 GMT
server
cloudflare
etag
"5dc974b3-3c0c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=97890000
x-r
0
accept-ranges
bytes
cf-ray
5b64a8da298116e6-FRA
access-control-allow-headers
X-Requested-With
cf-bgj
imgq:100,h2pri
dalindan-taze-taze-kayisi-suyu-320x213.jpg
i.nefisyemektarifleri.com/2020/07/19/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nefisyemektarifleri.com/2020/07/19/dalindan-taze-taze-kayisi-suyu-320x213.jpg
Requested by
Host: 176.9.92.137
URL: http://176.9.92.137/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:e66f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fdf7ecc271dfe1b62737be233be9880363a6395831bdb1bee4fb0306ddbe1b4

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 21 Jul 2020 11:42:37 GMT
via
1.1 varnish
cf-cache-status
HIT
age
142950
cf-polished
origSize=16563, status=webp_bigger
x-cache
X-HIT
status
200
x-optim-disabled
true
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16060
cf-request-id
0412c7dc5d000016e676bbb200000001
x-bnc
photonkunefe
last-modified
Sun, 19 Jul 2020 19:46:39 GMT
server
cloudflare
photon
remote
etag
"4ea315133588b8ed"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=97890000
x-r
0
accept-ranges
bytes
cf-ray
5b64a8da298216e6-FRA
cf-bgj
imgq:100,h2pri
xa1582408692-4085cf22385a430b81e8bb9a6b8cad4a-bpthumb.jpg
i.nefisyemektarifleri.com/avatar/2020/02/22/2005959/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nefisyemektarifleri.com/avatar/2020/02/22/2005959/xa1582408692-4085cf22385a430b81e8bb9a6b8cad4a-bpthumb.jpg
Requested by
Host: 176.9.92.137
URL: http://176.9.92.137/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:e66f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69e0d9e5288b3807279fbc567aaf9b4d140e3e2d78f3e0728251fc5b8fd303e8

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 21 Jul 2020 11:42:37 GMT
via
1.1 varnish
cf-cache-status
HIT
age
275423
cf-polished
origSize=11404, status=webp_bigger
x-cache
X-MISS
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10530
cf-request-id
0412c7dc6b000016e676bc1200000001
x-bnc
local
last-modified
Sat, 22 Feb 2020 21:58:12 GMT
server
cloudflare
etag
"5e51a3f4-2c8c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=97890000
x-r
0
accept-ranges
bytes
cf-ray
5b64a8da49bd16e6-FRA
access-control-allow-headers
X-Requested-With
cf-bgj
imgq:100,h2pri
nohutlu-semizotu-salatasi-320x213.jpg
i.nefisyemektarifleri.com/2020/07/19/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nefisyemektarifleri.com/2020/07/19/nohutlu-semizotu-salatasi-320x213.jpg
Requested by
Host: 176.9.92.137
URL: http://176.9.92.137/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:e66f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf8fb06163cf8a726373ac8f00b3a23b4a02de1c6ed045bc4b84071421f2d1f2

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 21 Jul 2020 11:42:37 GMT
via
1.1 varnish
cf-cache-status
HIT
age
138471
cf-polished
origSize=24628, status=webp_bigger
x-cache
X-HIT
status
200
x-optim-disabled
true
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
23213
cf-request-id
0412c7dc6b000016e676bc2200000001
x-bnc
photon
last-modified
Sun, 19 Jul 2020 21:06:36 GMT
server
cloudflare
photon
local
etag
"1b4789cf840d9423"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=97890000
x-r
0
accept-ranges
bytes
cf-ray
5b64a8da49c116e6-FRA
cf-bgj
imgq:100,h2pri
nyt-yazar-avatar.jpg
i.nefisyemektarifleri.com/2018/02/01/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nefisyemektarifleri.com/2018/02/01/nyt-yazar-avatar.jpg
Requested by
Host: 176.9.92.137
URL: http://176.9.92.137/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:e66f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10662d594e623f0caf8c42148d6f98e4caf9e6c1566ccd3eef75909787743a6a

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 21 Jul 2020 11:42:37 GMT
via
1.1 varnish
cf-cache-status
HIT
age
4842790
cf-polished
status=not_needed
x-cache
X-HIT
status
200
x-optim-disabled
true
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1106
cf-request-id
0412c7dc77000016e676bc3200000001
x-bnc
photon
last-modified
Tue, 26 May 2020 08:23:03 GMT
server
cloudflare
photon
remote
etag
"b8968f301bca37bc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=97890000
x-r
0
accept-ranges
bytes
cf-ray
5b64a8da59ec16e6-FRA
cf-bgj
imgq:100,h2pri
susamli-kuru-cayli-kurabiye-320x213.jpg
i.nefisyemektarifleri.com/2020/07/19/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nefisyemektarifleri.com/2020/07/19/susamli-kuru-cayli-kurabiye-320x213.jpg
Requested by
Host: 176.9.92.137
URL: http://176.9.92.137/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:e66f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8489fba8a5561cc5f15c866f42cd94eb07b1ac4d713f66c352689fe78558469

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 21 Jul 2020 11:42:37 GMT
via
1.1 varnish
cf-cache-status
HIT
age
187430
cf-polished
origSize=20137, status=webp_bigger
x-cache
X-HIT
status
200
x-optim-disabled
true
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19236
cf-request-id
0412c7dc78000016e676bc4200000001
x-bnc
photon
last-modified
Sun, 19 Jul 2020 07:32:44 GMT
server
cloudflare
photon
local
etag
"0178dc5de0ad8c7d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=97890000
x-r
0
accept-ranges
bytes
cf-ray
5b64a8da59f616e6-FRA
cf-bgj
imgq:100,h2pri
xa1588705331-189628ed130ef1fdc8e0eb199bd03be2-bpthumb.jpg
i.nefisyemektarifleri.com/avatar/2020/05/05/1653101/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nefisyemektarifleri.com/avatar/2020/05/05/1653101/xa1588705331-189628ed130ef1fdc8e0eb199bd03be2-bpthumb.jpg
Requested by
Host: 176.9.92.137
URL: http://176.9.92.137/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:e66f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
160a52632666d0c48a001d812b10401b6d6d8d88f0ffbd49c9f9bc58d95715b7

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 21 Jul 2020 11:42:37 GMT
via
1.1 varnish
cf-cache-status
HIT
age
185236
cf-polished
origSize=12043, status=webp_bigger
x-cache
X-MISS
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11278
cf-request-id
0412c7dc78000016e676bc5200000001
x-bnc
remote
last-modified
Tue, 05 May 2020 19:02:11 GMT
server
cloudflare
etag
"5eb1b833-2f0b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=97890000
x-r
1
accept-ranges
bytes
cf-ray
5b64a8da59fa16e6-FRA
cf-bgj
imgq:100,h2pri
erik-suyu-videolu-320x213.jpg
i.nefisyemektarifleri.com/2020/07/19/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nefisyemektarifleri.com/2020/07/19/erik-suyu-videolu-320x213.jpg
Requested by
Host: 176.9.92.137
URL: http://176.9.92.137/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:e66f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8092a6f926c93052c0a491c68242410a34e6254248c58c4e02697729b581d0b2

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 21 Jul 2020 11:42:37 GMT
via
1.1 varnish
cf-cache-status
HIT
age
172633
cf-polished
origSize=20284, status=webp_bigger
x-cache
X-HIT
status
200
x-optim-disabled
true
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19589
cf-request-id
0412c7dc78000016e676bc6200000001
x-bnc
photon
last-modified
Sun, 19 Jul 2020 11:43:18 GMT
server
cloudflare
photon
local
etag
"33990ec7a4fbd771"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=97890000
x-r
0
accept-ranges
bytes
cf-ray
5b64a8da59fc16e6-FRA
cf-bgj
imgq:100,h2pri
xa1588370105-bf78924c990e28003efabf3a8a5607e9-bpthumb.jpg
i.nefisyemektarifleri.com/avatar/2020/05/01/3397664/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nefisyemektarifleri.com/avatar/2020/05/01/3397664/xa1588370105-bf78924c990e28003efabf3a8a5607e9-bpthumb.jpg
Requested by
Host: 176.9.92.137
URL: http://176.9.92.137/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:e66f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58bccf1d72601c43106ef30ca2955b5cf82cfbca6020fb5d4344c67cefd873a8

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 21 Jul 2020 11:42:37 GMT
via
1.1 varnish
cf-cache-status
HIT
age
1123759
cf-polished
origSize=11459, status=webp_bigger
x-cache
X-MISS
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10716
cf-request-id
0412c7dc7c000016e676bc7200000001
x-bnc
remote
last-modified
Fri, 01 May 2020 21:55:05 GMT
server
cloudflare
etag
"5eac9ab9-2cc3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=97890000
x-r
1
accept-ranges
bytes
cf-ray
5b64a8da6a1016e6-FRA
cf-bgj
imgq:100,h2pri
tum_tarifler_img.jpg
i.nefisyemektarifleri.com/2017/01/31/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nefisyemektarifleri.com/2017/01/31/tum_tarifler_img.jpg
Requested by
Host: 176.9.92.137
URL: http://176.9.92.137/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:e66f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e6ed12228e776748b0d101a72a45a3843a5ecf19873a1467483d2e202852441

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 21 Jul 2020 11:42:37 GMT
via
1.1 varnish
cf-cache-status
HIT
age
4842810
cf-polished
origSize=18427, status=webp_bigger
x-cache
X-MISS
status
200
x-optim-disabled
true
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17644
cf-request-id
0412c7dc7c000016e676bc8200000001
x-bnc
photonkunefe
last-modified
Tue, 26 May 2020 10:29:07 GMT
server
cloudflare
photon
remote
etag
"77601842b9820b7f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=97890000
x-r
0
accept-ranges
bytes
cf-ray
5b64a8da6a1416e6-FRA
cf-bgj
imgq:100,h2pri
1x1.gif
c.nefisyemektarifleri.com/wp-content/ 		34 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.nefisyemektarifleri.com/wp-content/1x1.gif
Requested by
Host: 176.9.92.137
URL: http://176.9.92.137/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:e66f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 21 Jul 2020 11:42:37 GMT
via
1.1 varnish
cf-cache-status
HIT
age
307491
cf-polished
origFmt=gif, origSize=42
x-cache
X-HIT
status
200
content-disposition
inline; filename="1x1.webp"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
34
cf-request-id
0412c7dc26000016e676bb0200000001
x-bnc
local
last-modified
Mon, 28 Oct 2019 15:26:32 GMT
server
cloudflare
etag
"5db708a8-2a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=97890000
x-r
0
accept-ranges
bytes
cf-ray
5b64a8d9d88916e6-FRA
access-control-allow-headers
X-Requested-With
cf-bgj
imgq:100,h2pri
spinner_white.gif
c.nefisyemektarifleri.com//wp-content/plugins/wp-fb-autoconnect/assets/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.nefisyemektarifleri.com//wp-content/plugins/wp-fb-autoconnect/assets/spinner_white.gif
Requested by
Host: 176.9.92.137
URL: http://176.9.92.137/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:e66f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8eb0f5543923bdfbb83d9b787939792ad6b569281cfc77797b28bdb8d30c1d7

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 21 Jul 2020 11:42:37 GMT
via
1.1 varnish
cf-cache-status
HIT
age
4828544
cf-polished
origSize=1849, status=webp_bigger
x-cache
X-HIT
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1490
cf-request-id
0412c7dc26000016e676bb1200000001
x-bnc
local
last-modified
Tue, 07 Apr 2015 14:55:04 GMT
server
cloudflare
etag
"5523efc8-739"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=97890000
x-r
0
accept-ranges
bytes
cf-ray
5b64a8d9d88a16e6-FRA
access-control-allow-headers
X-Requested-With
cf-bgj
imgq:100,h2pri
ajax-loader.gif
c.nefisyemektarifleri.com/wp-content/themes/nefistema/images/ 		440 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.nefisyemektarifleri.com/wp-content/themes/nefistema/images/ajax-loader.gif
Requested by
Host: 176.9.92.137
URL: http://176.9.92.137/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:e66f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc2cb0c9a660884fd7cae62a1580fa40a40d2c76cd5947d9e5e013aafd7367a0

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 21 Jul 2020 11:42:37 GMT
via
1.1 varnish
cf-cache-status
HIT
age
4828544
cf-polished
origSize=457, status=webp_bigger
x-cache
X-HIT
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
440
cf-request-id
0412c7dc26000016e676bb2200000001
x-bnc
local
last-modified
Tue, 07 Apr 2015 14:55:04 GMT
server
cloudflare
etag
"5523efc8-1c9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=97890000
x-r
0
accept-ranges
bytes
cf-ray
5b64a8d9d88b16e6-FRA
access-control-allow-headers
X-Requested-With
cf-bgj
imgq:100,h2pri
ads.js
c.nefisyemektarifleri.com/wp-content/assets/js/ 		22 B
383 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.nefisyemektarifleri.com/wp-content/assets/js/ads.js
Requested by
Host: 176.9.92.137
URL: http://176.9.92.137/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:e66f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7c9b72b83effd2a37450d5431f9a732620ebfb73244a5b2d80a716e33ba2ca9

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 21 Jul 2020 11:42:37 GMT
via
1.1 varnish
cf-cache-status
HIT
age
4828544
cf-polished
origSize=24
x-cache
X-HIT
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
22
cf-request-id
0412c7dc26000016e676bb3200000001
x-bnc
local
last-modified
Tue, 04 Apr 2017 20:32:05 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=97890000
x-r
0
accept-ranges
bytes
cf-ray
5b64a8d9d88d16e6-FRA
access-control-allow-headers
X-Requested-With
cf-bgj
minify
jquery.js
c.nefisyemektarifleri.com/wp-includes/js/jquery/ 		95 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.nefisyemektarifleri.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
Requested by
Host: 176.9.92.137
URL: http://176.9.92.137/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:e66f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 21 Jul 2020 11:42:37 GMT
via
1.1 varnish
cf-cache-status
HIT
age
4828461
x-cache
X-HIT
status
200
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0412c7dbe9000016e676ba5200000001
x-bnc
local
last-modified
Thu, 27 Jun 2019 07:05:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=97890000
x-r
0
cf-ray
5b64a8d97fa916e6-FRA
access-control-allow-headers
X-Requested-With
jquery-migrate.min.js
c.nefisyemektarifleri.com/wp-includes/js/jquery/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.nefisyemektarifleri.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.11.0
Requested by
Host: 176.9.92.137
URL: http://176.9.92.137/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:e66f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 21 Jul 2020 11:42:37 GMT
via
1.1 varnish
cf-cache-status
HIT
age
4828461
x-cache
X-HIT
status
200
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0412c7dbe9000016e676ba6200000001
x-bnc
local
last-modified
Tue, 19 Jul 2016 20:18:05 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=97890000
x-r
0
cf-ray
5b64a8d97fac16e6-FRA
access-control-allow-headers
X-Requested-With
nefistema-min-v2.js
c.nefisyemektarifleri.com/wp-content/themes/nefistema/js/ 		170 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.nefisyemektarifleri.com/wp-content/themes/nefistema/js/nefistema-min-v2.js?ver=112412
Requested by
Host: 176.9.92.137
URL: http://176.9.92.137/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:e66f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb37376455a1993425a374c474385b86482f2f2f61ac930e0bb7bd216dd46cf0

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 21 Jul 2020 11:42:37 GMT
via
1.1 varnish
cf-cache-status
HIT
age
4777704
x-cache
X-HIT
status
200
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0412c7dc16000016e676ba7200000001
x-bnc
local
last-modified
Thu, 23 Apr 2020 11:06:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=97890000
x-r
0
cf-ray
5b64a8d9b84016e6-FRA
access-control-allow-headers
X-Requested-With
outside.js
static.virgul.com/theme/mockups/adcode/ 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.virgul.com/theme/mockups/adcode/outside.js?dts=18464
Requested by
Host: 176.9.92.137
URL: http://176.9.92.137/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.9.7.3 /
Resource Hash
4f535d5ad52240b624fb581075f1702ebc4a1014b9402c6931f893bc9d822b22

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 21 Jul 2020 11:42:37 GMT
Content-Encoding
gzip
Last-Modified
Fri, 10 Jul 2020 09:24:10 GMT
Server
openresty/1.9.7.3
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Tue, 28 Jul 2020 11:42:37 GMT
gtm.js
www.googletagmanager.com/ 		124 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MFXWLS3
Requested by
Host: 176.9.92.137
URL: http://176.9.92.137/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
513d6ea74b29baab297d105452e6aecc77ebf7b0403697432664e7e0080febd6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 21 Jul 2020 11:42:37 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36426
x-xss-protection
0
last-modified
Tue, 21 Jul 2020 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 21 Jul 2020 11:42:37 GMT
bg.png
mn.nytcdn.com/wp-content/themes/nefistema/images/bg/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mn.nytcdn.com/wp-content/themes/nefistema/images/bg/bg.png
Requested by
Host: 176.9.92.137
URL: http://176.9.92.137/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.3.2.119 , Turkey, ASN21245 (NETSA-AS, TR),
Reverse DNS
Software
MNCDN-2148 /
Resource Hash
06d77b2acaee76b08f69fce135dca0db0d5b6dc8d9102334c88b98fb831b20d6

Request headers

Referer
https://c.nefisyemektarifleri.com/wp-content/themes/nefistema/style-min.css?ver=112407
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 21 Jul 2020 11:42:37 GMT
via
1.1 varnish
age
1
x-edge-location
DE-372
x-cache-status
Edge : HIT,
x-cache
X-HIT
status
200
content-length
1589
x-bnc
local
last-modified
Tue, 07 Apr 2015 14:55:04 GMT
server
MNCDN-2148
etag
"5523efc8-635"
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=97890000
x-r
0
accept-ranges
bytes
access-control-allow-headers
X-Requested-With
x-mserver
2200
nyt-sprite26.png
mn.nytcdn.com/wp-content/themes/nefistema/images/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mn.nytcdn.com/wp-content/themes/nefistema/images/nyt-sprite26.png?v1
Requested by
Host: 176.9.92.137
URL: http://176.9.92.137/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.3.2.119 , Turkey, ASN21245 (NETSA-AS, TR),
Reverse DNS
Software
MNCDN-2148 /
Resource Hash
c97a58eaacad7f6e1a1b0b6a92987b68301be2df6399f3c34104170b069e8af7

Request headers

Referer
https://c.nefisyemektarifleri.com/wp-content/themes/nefistema/style-min.css?ver=112407
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 21 Jul 2020 11:42:37 GMT
via
1.1 varnish
age
1
x-edge-location
DE-372
x-cache-status
Edge : HIT,
x-cache
X-HIT
status
200
content-length
34199
x-bnc
local
last-modified
Thu, 06 Feb 2020 14:56:59 GMT
server
MNCDN-2148
etag
"5e3c293b-8597"
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=97890000
x-r
0
accept-ranges
bytes
access-control-allow-headers
X-Requested-With
x-mserver
2200
header_bg.png
mn.nytcdn.com/wp-content/themes/nefistema/images/bg/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mn.nytcdn.com/wp-content/themes/nefistema/images/bg/header_bg.png
Requested by
Host: 176.9.92.137
URL: http://176.9.92.137/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.3.2.119 , Turkey, ASN21245 (NETSA-AS, TR),
Reverse DNS
Software
MNCDN-2148 /
Resource Hash
82fa4edcb8f458a88938a6f360b66b41c12fd95f98d53d6d4016d58687b68a3d

Request headers

Referer
https://c.nefisyemektarifleri.com/wp-content/themes/nefistema/style-min.css?ver=112407
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 21 Jul 2020 11:42:37 GMT
via
1.1 varnish
age
1792
x-edge-location
DE-372
x-cache-status
Edge : HIT,
x-cache
X-HIT
status
200
content-length
4795
x-bnc
local
last-modified
Tue, 07 Apr 2015 14:55:04 GMT
server
MNCDN-2148
etag
"5523efc8-12bb"
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=97890000
x-r
0
accept-ranges
bytes
access-control-allow-headers
X-Requested-With
x-mserver
2200
cJZKeOuBrn4kERxqtaUH3ZBw1xU1rKptJj_0jans920.woff2
fonts.gstatic.com/s/opensans/v13/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v13/cJZKeOuBrn4kERxqtaUH3ZBw1xU1rKptJj_0jans920.woff2
Requested by
Host: 176.9.92.137
URL: http://176.9.92.137/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
732d5765c33eff81c7825dcc5e8cd1eda32dc04f39da7cae66accf9580b1e3a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://c.nefisyemektarifleri.com/wp-content/themes/nefistema/style-min.css?ver=112407
Origin
http://176.9.92.137

Response headers

date
Fri, 12 Jun 2020 13:36:08 GMT
x-content-type-options
nosniff
last-modified
Mon, 27 Apr 2015 23:45:29 GMT
server
sffe
age
3362789
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10352
x-xss-protection
0
expires
Sat, 12 Jun 2021 13:36:08 GMT
xjAJXh38I15wypJXxuGMBogp9Q8gbYrhqGlRav_IXfk.woff2
fonts.gstatic.com/s/opensans/v13/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v13/xjAJXh38I15wypJXxuGMBogp9Q8gbYrhqGlRav_IXfk.woff2
Requested by
Host: 176.9.92.137
URL: http://176.9.92.137/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
714a7833e206f7badfb389684a5f9be4ca3460a74ae5607dcd34ca291f7dc26e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://c.nefisyemektarifleri.com/wp-content/themes/nefistema/style-min.css?ver=112407
Origin
http://176.9.92.137

Response headers

date
Fri, 12 Jun 2020 13:25:07 GMT
x-content-type-options
nosniff
last-modified
Mon, 27 Apr 2015 23:45:27 GMT
server
sffe
age
3363450
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10920
x-xss-protection
0
expires
Sat, 12 Jun 2021 13:25:07 GMT
xjAJXh38I15wypJXxuGMBqE8kM4xWR1_1bYURRojRGc.woff2
fonts.gstatic.com/s/opensans/v13/ 		8 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v13/xjAJXh38I15wypJXxuGMBqE8kM4xWR1_1bYURRojRGc.woff2
Requested by
Host: 176.9.92.137
URL: http://176.9.92.137/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9fdfcb86b2f16ee70e2f5592dfad1a679ad4b13097ae08ca32d595efa73d7db9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://c.nefisyemektarifleri.com/wp-content/themes/nefistema/style-min.css?ver=112407
Origin
http://176.9.92.137

Response headers

date
Tue, 09 Jun 2020 03:15:25 GMT
x-content-type-options
nosniff
last-modified
Mon, 27 Apr 2015 23:46:21 GMT
server
sffe
age
3659232
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8604
x-xss-protection
0
expires
Wed, 09 Jun 2021 03:15:25 GMT
u-WUoqrET9fUeobQW7jkRYX0hVgzZQUfRDuZrPvH3D8.woff2
fonts.gstatic.com/s/opensans/v13/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v13/u-WUoqrET9fUeobQW7jkRYX0hVgzZQUfRDuZrPvH3D8.woff2
Requested by
Host: 176.9.92.137
URL: http://176.9.92.137/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5e5b8e25541257e9ccea8199657b27ee53af841ce6d58b9baebc547ae48d28f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://c.nefisyemektarifleri.com/wp-content/themes/nefistema/style-min.css?ver=112407
Origin
http://176.9.92.137

Response headers

date
Fri, 12 Jun 2020 13:32:15 GMT
x-content-type-options
nosniff
last-modified
Mon, 27 Apr 2015 23:46:33 GMT
server
sffe
age
3363022
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8224
x-xss-protection
0
expires
Sat, 12 Jun 2021 13:32:15 GMT
widget_bg.png
mn.nytcdn.com/wp-content/themes/nefistema/images/bg/ 		91 B
459 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mn.nytcdn.com/wp-content/themes/nefistema/images/bg/widget_bg.png
Requested by
Host: 176.9.92.137
URL: http://176.9.92.137/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.3.2.119 , Turkey, ASN21245 (NETSA-AS, TR),
Reverse DNS
Software
MNCDN-2148 /
Resource Hash
73c9864c6fc5df6f35c9b03cc9eb1e8e72956efe1cbc004e0f44729b0d03cc3f

Request headers

Referer
https://c.nefisyemektarifleri.com/wp-content/themes/nefistema/style-min.css?ver=112407
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 21 Jul 2020 11:42:37 GMT
via
1.1 varnish
age
164
x-edge-location
DE-372
x-cache-status
Edge : HIT,
x-cache
X-HIT
status
200
content-length
91
x-bnc
local
last-modified
Tue, 07 Apr 2015 14:55:04 GMT
server
MNCDN-2148
etag
"5523efc8-5b"
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=97890000
x-r
0
accept-ranges
bytes
access-control-allow-headers
X-Requested-With
x-mserver
2200
widget_header_bg.png
mn.nytcdn.com/wp-content/themes/nefistema/images/bg/ 		91 B
457 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mn.nytcdn.com/wp-content/themes/nefistema/images/bg/widget_header_bg.png
Requested by
Host: 176.9.92.137
URL: http://176.9.92.137/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.3.2.119 , Turkey, ASN21245 (NETSA-AS, TR),
Reverse DNS
Software
MNCDN-2148 /
Resource Hash
c029284ad7c78a2e4fc922a7101c0746eb0404049656b51fafe9ca6666d026bf

Request headers

Referer
https://c.nefisyemektarifleri.com/wp-content/themes/nefistema/style-min.css?ver=112407
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 21 Jul 2020 11:42:37 GMT
via
1.1 varnish
age
1
x-edge-location
DE-372
x-cache-status
Edge : HIT,
x-cache
X-HIT
status
200
content-length
91
x-bnc
local
last-modified
Tue, 07 Apr 2015 14:55:04 GMT
server
MNCDN-2148
etag
"5523efc8-5b"
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=97890000
x-r
0
accept-ranges
bytes
access-control-allow-headers
X-Requested-With
x-mserver
2200
tarif_right_bg.png
mn.nytcdn.com/wp-content/themes/nefistema/images/bg/ 		91 B
457 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mn.nytcdn.com/wp-content/themes/nefistema/images/bg/tarif_right_bg.png
Requested by
Host: 176.9.92.137
URL: http://176.9.92.137/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.3.2.119 , Turkey, ASN21245 (NETSA-AS, TR),
Reverse DNS
Software
MNCDN-2148 /
Resource Hash
261d5f75bd2ea7330cbf381e921746b1ecf9d062216a23634d4ff388e0c3fe12

Request headers

Referer
https://c.nefisyemektarifleri.com/wp-content/themes/nefistema/style-min.css?ver=112407
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 21 Jul 2020 11:42:37 GMT
via
1.1 varnish
age
2
x-edge-location
DE-372
x-cache-status
Edge : HIT,
x-cache
X-HIT
status
200
content-length
91
x-bnc
local
last-modified
Tue, 07 Apr 2015 14:55:04 GMT
server
MNCDN-2148
etag
"5523efc8-5b"
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=97890000
x-r
0
accept-ranges
bytes
access-control-allow-headers
X-Requested-With
x-mserver
2200
widget_bg_current.png
mn.nytcdn.com/wp-content/themes/nefistema/images/bg/ 		91 B
458 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mn.nytcdn.com/wp-content/themes/nefistema/images/bg/widget_bg_current.png
Requested by
Host: 176.9.92.137
URL: http://176.9.92.137/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.3.2.119 , Turkey, ASN21245 (NETSA-AS, TR),
Reverse DNS
Software
MNCDN-2148 /
Resource Hash
44d66acc68e9f70e2694f74f0f21431eeba08158cd455045c6b6be4292c896f0

Request headers

Referer
https://c.nefisyemektarifleri.com/wp-content/themes/nefistema/style-min.css?ver=112407
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 21 Jul 2020 11:42:37 GMT
via
1.1 varnish
age
69
x-edge-location
DE-372
x-cache-status
Edge : HIT,
x-cache
X-HIT
status
200
content-length
91
x-bnc
local
last-modified
Tue, 07 Apr 2015 14:55:04 GMT
server
MNCDN-2148
etag
"5523efc8-5b"
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=97890000
x-r
0
accept-ranges
bytes
access-control-allow-headers
X-Requested-With
x-mserver
2200
pixel.gif
static.criteo.net/images/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: 176.9.92.137
URL: http://176.9.92.137/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 21 Jul 2020 11:42:37 GMT
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
etag
"493ea254-2b"
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Fri, 16 Jul 2021 11:42:37 GMT
pixel.gif
static.criteo.net/images/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: 176.9.92.137
URL: http://176.9.92.137/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 21 Jul 2020 11:42:37 GMT
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
etag
"493ea254-2b"
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Fri, 16 Jul 2021 11:42:37 GMT
cat_widget_bg.png
mn.nytcdn.com/wp-content/themes/nefistema/images/bg/ 		91 B
457 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mn.nytcdn.com/wp-content/themes/nefistema/images/bg/cat_widget_bg.png
Requested by
Host: 176.9.92.137
URL: http://176.9.92.137/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.3.2.119 , Turkey, ASN21245 (NETSA-AS, TR),
Reverse DNS
Software
MNCDN-2148 /
Resource Hash
2a0568297b4d132e1e66fc33f519a3a3d3a4eee719b9b83fabe7c1d3fa34dcbc

Request headers

Referer
https://c.nefisyemektarifleri.com/wp-content/themes/nefistema/style-min.css?ver=112407
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 21 Jul 2020 11:42:37 GMT
via
1.1 varnish
age
1
x-edge-location
DE-372
x-cache-status
Edge : HIT,
x-cache
X-HIT
status
200
content-length
91
x-bnc
local
last-modified
Tue, 07 Apr 2015 14:55:04 GMT
server
MNCDN-2148
etag
"5523efc8-5b"
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=97890000
x-r
0
accept-ranges
bytes
access-control-allow-headers
X-Requested-With
x-mserver
2200
wp-emoji-release.min.js
c.nefisyemektarifleri.com/wp-includes/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.nefisyemektarifleri.com/wp-includes/js/wp-emoji-release.min.js?ver=5.3.4
Requested by
Host: 176.9.92.137
URL: http://176.9.92.137/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:e66f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a351abc3f3b435497ddb8a55f09268d3e641dc22455deac06cf0181a4de52ee

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 21 Jul 2020 11:42:37 GMT
via
1.1 varnish
cf-cache-status
HIT
age
3443285
x-cache
X-HIT
status
200
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0412c7de48000016e676be3200000001
x-bnc
local
last-modified
Sat, 14 Mar 2020 21:36:28 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=97890000
x-r
0
cf-ray
5b64a8dd490d16e6-FRA
access-control-allow-headers
X-Requested-With
rating_over.png
static.nefisyemektarifleri.net/plugins/wp-postratings/images/stars(png)/ 		605 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.nefisyemektarifleri.net/plugins/wp-postratings/images/stars(png)/rating_over.png
Requested by
Host: 176.9.92.137
URL: http://176.9.92.137/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:c1c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8c45116e54a23e3e851b31c93d45ddd97a7817668ccd5d139c8f40053a709d4

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 21 Jul 2020 11:42:37 GMT
via
1.1 varnish
cf-cache-status
HIT
age
2894994
x-cache
X-HIT
status
200
content-length
605
cf-request-id
0412c7deaf0000dfe36234f200000001
x-bnc
local
last-modified
Sun, 10 Mar 2019 22:32:26 GMT
server
cloudflare
etag
"5c85907a-25d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=97890000
x-r
0
accept-ranges
bytes
cf-ray
5b64a8ddee59dfe3-FRA
access-control-allow-headers
X-Requested-With
nefis-kremasiyla-cikolata-parcali-pasta-1.jpg
i.nefisyemektarifleri.com/2020/07/20/ 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nefisyemektarifleri.com/2020/07/20/nefis-kremasiyla-cikolata-parcali-pasta-1.jpg
Requested by
Host: 176.9.92.137
URL: http://176.9.92.137/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:e66f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
483109897bbfaedefd401d860430ee3300626493e53dcf0a8bc545fe1290dfb7

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 21 Jul 2020 11:42:37 GMT
via
1.1 varnish
cf-cache-status
HIT
age
100314
cf-polished
origSize=43385, status=webp_bigger
x-cache
X-HIT
status
200
x-optim-disabled
true
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
42331
cf-request-id
0412c7decf000016e676be7200000001
x-bnc
photonkunefe
last-modified
Mon, 20 Jul 2020 07:39:03 GMT
server
cloudflare
photon
remote
etag
"648f898d84f90783"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=97890000
x-r
0
accept-ranges
bytes
cf-ray
5b64a8de1acc16e6-FRA
cf-bgj
imgq:100,h2pri
sut-receli.jpg
i.nefisyemektarifleri.com/2020/07/20/ 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nefisyemektarifleri.com/2020/07/20/sut-receli.jpg
Requested by
Host: 176.9.92.137
URL: http://176.9.92.137/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:e66f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4edc88905d624008e195c981b137de3c9b60073adcec5696d2126a014082d7e

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 21 Jul 2020 11:42:37 GMT
via
1.1 varnish
cf-cache-status
HIT
age
90230
cf-polished
origSize=63250, status=webp_bigger
x-cache
X-HIT
status
200
x-optim-disabled
true
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
60434
cf-request-id
0412c7ded0000016e676be8200000001
x-bnc
photon
last-modified
Mon, 20 Jul 2020 10:38:19 GMT
server
cloudflare
photon
local
etag
"320f303b5140c3b5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=97890000
x-r
0
accept-ranges
bytes
cf-ray
5b64a8de1acf16e6-FRA
cf-bgj
imgq:100,h2pri
pancar-tursulu-makarna-salatasi-320x213.jpg
i.nefisyemektarifleri.com/2020/07/20/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nefisyemektarifleri.com/2020/07/20/pancar-tursulu-makarna-salatasi-320x213.jpg
Requested by
Host: 176.9.92.137
URL: http://176.9.92.137/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:e66f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b14bfaba58d2340abd8549b91bbc10de1291a32b8839cc0c648ed31a620089a

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 21 Jul 2020 11:42:37 GMT
via
1.1 varnish
cf-cache-status
HIT
age
1
cf-polished
origSize=20065, status=webp_bigger
x-cache
X-HIT
status
200
x-optim-disabled
true
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19198
cf-request-id
0412c7ded1000016e676bea200000001
x-bnc
photonkunefe
last-modified
Tue, 21 Jul 2020 11:37:37 GMT
server
cloudflare
photon
remote
etag
"f231bbbf1c7284cf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=97890000
x-r
0
accept-ranges
bytes
cf-ray
5b64a8de1ad516e6-FRA
cf-bgj
imgq:100,h2pri
ege-guzeli-kurutulmus-domates-ve-yesil-zeytinli-cesni-320x213.jpg
i.nefisyemektarifleri.com/2020/07/20/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nefisyemektarifleri.com/2020/07/20/ege-guzeli-kurutulmus-domates-ve-yesil-zeytinli-cesni-320x213.jpg
Requested by
Host: 176.9.92.137
URL: http://176.9.92.137/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:e66f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
784733c218ed9da09c28e7a022c5de1de69ab0a48bd8382e6e75dae37dc3ec41

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 21 Jul 2020 11:42:37 GMT
via
1.1 varnish
cf-cache-status
HIT
age
101120
cf-polished
origSize=17414, status=webp_bigger
x-cache
X-HIT
status
200
x-optim-disabled
true
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16882
cf-request-id
0412c7ded2000016e676beb200000001
x-bnc
photonkunefe
last-modified
Mon, 20 Jul 2020 07:35:00 GMT
server
cloudflare
photon
remote
etag
"dde32cde103d2584"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=97890000
x-r
0
accept-ranges
bytes
cf-ray
5b64a8de1adb16e6-FRA
cf-bgj
imgq:100,h2pri
nohut-salatasi-320x213.jpg
i.nefisyemektarifleri.com/2020/07/20/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nefisyemektarifleri.com/2020/07/20/nohut-salatasi-320x213.jpg
Requested by
Host: 176.9.92.137
URL: http://176.9.92.137/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:e66f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6425c424e610cb43349aa555c085744ba567c91fd1f1bda975f13224aab27f0b

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 21 Jul 2020 11:42:37 GMT
via
1.1 varnish
cf-cache-status
HIT
age
101120
cf-polished
origSize=20289, status=webp_bigger
x-cache
X-HIT
status
200
x-optim-disabled
true
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19494
cf-request-id
0412c7ded4000016e676bec200000001
x-bnc
photonkunefe
last-modified
Mon, 20 Jul 2020 07:32:45 GMT
server
cloudflare
photon
remote
etag
"a974281c936c01f3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=97890000
x-r
0
accept-ranges
bytes
cf-ray
5b64a8de2ae316e6-FRA
cf-bgj
imgq:100,h2pri
hashasli-corek-320x213.jpg
i.nefisyemektarifleri.com/2020/07/20/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nefisyemektarifleri.com/2020/07/20/hashasli-corek-320x213.jpg
Requested by
Host: 176.9.92.137
URL: http://176.9.92.137/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:e66f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
345e2a5eca229ef4264ac9f1a96da025f926d90d8b50f8858b3629dd64b42508

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 21 Jul 2020 11:42:37 GMT
via
1.1 varnish
cf-cache-status
HIT
age
101043
cf-polished
origSize=20676, status=webp_bigger
x-cache
X-HIT
status
200
x-optim-disabled
true
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
20061
cf-request-id
0412c7dee0000016e676bee200000001
x-bnc
photonkunefe
last-modified
Mon, 20 Jul 2020 07:31:59 GMT
server
cloudflare
photon
remote
etag
"83f872900c6351aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=97890000
x-r
0
accept-ranges
bytes
cf-ray
5b64a8de3b0b16e6-FRA
cf-bgj
imgq:100,h2pri
islak-kurabiye-320x213.jpg
i.nefisyemektarifleri.com/2020/07/20/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nefisyemektarifleri.com/2020/07/20/islak-kurabiye-320x213.jpg
Requested by
Host: 176.9.92.137
URL: http://176.9.92.137/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:e66f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c6dd0c57b6fb75cda25a2cb611c97303472978d5af5c92537fa020d1d112f57

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 21 Jul 2020 11:42:37 GMT
via
1.1 varnish
cf-cache-status
HIT
age
101026
cf-polished
origSize=24985, status=webp_bigger
x-cache
X-HIT
status
200
x-optim-disabled
true
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
23865
cf-request-id
0412c7deea000016e676bef200000001
x-bnc
photonkunefe
last-modified
Mon, 20 Jul 2020 07:30:20 GMT
server
cloudflare
photon
remote
etag
"884e5b0bab7f135c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=97890000
x-r
0
accept-ranges
bytes
cf-ray
5b64a8de4b4116e6-FRA
cf-bgj
imgq:100,h2pri
cilekli-smoothie-320x213.jpg
i.nefisyemektarifleri.com/2020/07/20/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nefisyemektarifleri.com/2020/07/20/cilekli-smoothie-320x213.jpg
Requested by
Host: 176.9.92.137
URL: http://176.9.92.137/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:e66f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b33bbaf93eac4b167141f79f6bc46cf7feec35678d30e89415eb72ba060d28b

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 21 Jul 2020 11:42:37 GMT
via
1.1 varnish
cf-cache-status
HIT
age
101026
cf-polished
origSize=12692, status=webp_bigger
x-cache
X-HIT
status
200
x-optim-disabled
true
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12622
cf-request-id
0412c7deea000016e676bf0200000001
x-bnc
photonkunefe
last-modified
Mon, 20 Jul 2020 07:28:57 GMT
server
cloudflare
photon
remote
etag
"256e2ab2492b5590"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=97890000
x-r
0
accept-ranges
bytes
cf-ray
5b64a8de4b4416e6-FRA
cf-bgj
imgq:100,h2pri
limonlu-kek-320x213.jpg
i.nefisyemektarifleri.com/2020/07/20/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nefisyemektarifleri.com/2020/07/20/limonlu-kek-320x213.jpg
Requested by
Host: 176.9.92.137
URL: http://176.9.92.137/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:e66f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
528ef8aadc1beaa0c03edc1bf1cd551389facdd9e3688aabf8779ca0b4e9bbe3

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 21 Jul 2020 11:42:37 GMT
via
1.1 varnish
cf-cache-status
HIT
age
101025
cf-polished
origSize=25071, status=webp_bigger
x-cache
X-HIT
status
200
x-optim-disabled
true
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
23858
cf-request-id
0412c7deea000016e676bf1200000001
x-bnc
photonkunefe
last-modified
Mon, 20 Jul 2020 07:28:27 GMT
server
cloudflare
photon
remote
etag
"00bcf05af2395424"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=97890000
x-r
0
accept-ranges
bytes
cf-ray
5b64a8de4b4616e6-FRA
cf-bgj
imgq:100,h2pri
dondurmali-soguk-kahve-320x213.jpg
i.nefisyemektarifleri.com/2020/07/20/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nefisyemektarifleri.com/2020/07/20/dondurmali-soguk-kahve-320x213.jpg
Requested by
Host: 176.9.92.137
URL: http://176.9.92.137/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:e66f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e54d34403c133b352743e8e931d57561fb4bde61182196bd5186a8a27c6183d3

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 21 Jul 2020 11:42:37 GMT
via
1.1 varnish
cf-cache-status
HIT
age
101690
cf-polished
origSize=7242, status=webp_bigger
x-cache
X-HIT
status
200
x-optim-disabled
true
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7181
cf-request-id
0412c7deea000016e676bf2200000001
x-bnc
photonkunefe
last-modified
Mon, 20 Jul 2020 07:27:07 GMT
server
cloudflare
photon
remote
etag
"1da333e53670257b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=97890000
x-r
0
accept-ranges
bytes
cf-ray
5b64a8de4b4916e6-FRA
cf-bgj
imgq:100,h2pri
visneli-kek-320x213.jpg
i.nefisyemektarifleri.com/2020/07/20/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nefisyemektarifleri.com/2020/07/20/visneli-kek-320x213.jpg
Requested by
Host: 176.9.92.137
URL: http://176.9.92.137/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:e66f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee1b5685f7ade0659c8ef8b533daf4bab8ce173619b98a16286d411be3db1b6c

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 21 Jul 2020 11:42:37 GMT
via
1.1 varnish
cf-cache-status
HIT
age
101690
cf-polished
origSize=14577, status=webp_bigger
x-cache
X-HIT
status
200
x-optim-disabled
true
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14270
cf-request-id
0412c7deea000016e676bf3200000001
x-bnc
photon
last-modified
Mon, 20 Jul 2020 07:22:56 GMT
server
cloudflare
photon
local
etag
"8dd94cbffc9ab500"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=97890000
x-r
0
accept-ranges
bytes
cf-ray
5b64a8de4b4d16e6-FRA
cf-bgj
imgq:100,h2pri
kahveli-ve-muzlu-milkshake-1-320x213.jpg
i.nefisyemektarifleri.com/2020/07/20/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nefisyemektarifleri.com/2020/07/20/kahveli-ve-muzlu-milkshake-1-320x213.jpg
Requested by
Host: 176.9.92.137
URL: http://176.9.92.137/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:e66f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d112ec6d473dc6789d4650ffc8c2162d2bfd625c65963667feee3ac464e87755

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 21 Jul 2020 11:42:37 GMT
via
1.1 varnish
cf-cache-status
HIT
age
101690
cf-polished
origSize=12076, status=webp_bigger
x-cache
X-HIT
status
200
x-optim-disabled
true
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11726
cf-request-id
0412c7def2000016e676bf5200000001
x-bnc
photonkunefe
last-modified
Mon, 20 Jul 2020 07:22:56 GMT
server
cloudflare
photon
remote
etag
"25f70e40ce18cec5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=97890000
x-r
0
accept-ranges
bytes
cf-ray
5b64a8de5b6716e6-FRA
cf-bgj
imgq:100,h2pri
firin-sutlac-320x213.jpg
i.nefisyemektarifleri.com/2020/07/20/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nefisyemektarifleri.com/2020/07/20/firin-sutlac-320x213.jpg
Requested by
Host: 176.9.92.137
URL: http://176.9.92.137/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:e66f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c155e73382a609c3670999efd2a5031a2953ba056680a1c8124a493e1d56e03e

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 21 Jul 2020 11:42:37 GMT
via
1.1 varnish
cf-cache-status
HIT
age
101690
cf-polished
origSize=23090, status=webp_bigger
x-cache
X-HIT
status
200
x-optim-disabled
true
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
22001
cf-request-id
0412c7df0d000016e676bfa200000001
x-bnc
photon
last-modified
Mon, 20 Jul 2020 07:22:56 GMT
server
cloudflare
photon
local
etag
"e4a79cb95fa49874"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=97890000
x-r
0
accept-ranges
bytes
cf-ray
5b64a8de7bd416e6-FRA
cf-bgj
imgq:100,h2pri
js
www.googletagmanager.com/gtag/
Redirect Chain
  • http://www.googletagmanager.com/gtag/js?id=G-WGBDLK44E4&l=dataLayer&cx=c
  • https://www.googletagmanager.com/gtag/js?id=G-WGBDLK44E4&l=dataLayer&cx=c
119 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-WGBDLK44E4&l=dataLayer&cx=c
Requested by
Host: 176.9.92.137
URL: http://176.9.92.137/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
be45b9e75522fb8d43d58f24ed1269a7cb1db9326058301ef2c30b217082c543
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 21 Jul 2020 11:42:37 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46454
x-xss-protection
0
expires
Tue, 21 Jul 2020 11:42:37 GMT

Redirect headers

Location
https://www.googletagmanager.com/gtag/js?id=G-WGBDLK44E4&l=dataLayer&cx=c
Non-Authoritative-Reason
HSTS
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFXWLS3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 04 Jun 2020 23:38:14 GMT
server
Golfe2
age
2779
date
Tue, 21 Jul 2020 10:56:18 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18469
expires
Tue, 21 Jul 2020 12:56:18 GMT
cc_af.js
tags.crwdcntrl.net/c/14357/ 		37 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/c/14357/cc_af.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFXWLS3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.254.115 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
93daf4624cd99525cadf79bf6e4e57f48a95ffee2076dc468bdc6834a14f6782

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 21 Jul 2020 00:55:32 GMT
content-encoding
gzip
last-modified
Wed, 11 Mar 2020 06:22:34 GMT
server
AmazonS3
age
38826
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
status
200
cache-control
max-age: 86400
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
kB8dlz5dN2Vlj99Pg9QA3MO6mJj0PQL_u-iDjhe4jODFhfkxJja2pg==
via
1.1 2f0580a0593ad9d3fb82aee9226d8179.cloudfront.net (CloudFront)
2668.svg
s.w.org/images/core/emoji/12.0.0-1/svg/ 		2 KB
741 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.w.org/images/core/emoji/12.0.0-1/svg/2668.svg
Requested by
Host: 176.9.92.137
URL: http://176.9.92.137/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
0202f0901fac2f921d73cc1016166ed7974cc4301e7c64a04568555382861701
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc
HIT fra 1
date
Tue, 21 Jul 2020 11:42:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 08 Apr 2019 05:13:21 GMT
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
status
200
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
2763.svg
s.w.org/images/core/emoji/12.0.0-1/svg/ 		229 B
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.w.org/images/core/emoji/12.0.0-1/svg/2763.svg
Requested by
Host: 176.9.92.137
URL: http://176.9.92.137/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e9b43935ed448dca473a0f5614b01ef92bc2d3d2b938474dffc579f04e42bc26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc
HIT fra 1
date
Tue, 21 Jul 2020 11:42:37 GMT
x-content-type-options
nosniff
last-modified
Mon, 08 Apr 2019 05:13:21 GMT
server
nginx
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
status
200
cache-control
max-age=315360000
accept-ranges
bytes
content-length
229
expires
Thu, 31 Dec 2037 23:55:55 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		49 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=18464
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
03b0b59c315a3f33532088d516f901b9796cc627342740fa856f56dd9292b0d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 21 Jul 2020 11:42:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"577 / 70 of 1000 / last-modified: 1595282969"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16713
x-xss-protection
0
expires
Tue, 21 Jul 2020 11:42:38 GMT
pwt.js
ads.pubmatic.com/AdServer/js/pwt/159432/2452/ 		244 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ads.pubmatic.com/AdServer/js/pwt/159432/2452/pwt.js
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=18464
Protocol
HTTP/1.1
Server
92.122.252.114 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
eededc0d35904166aec066b178e6f024f98c6be4c5a1b7dc82da221b25808c0a

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 21 Jul 2020 11:42:37 GMT
Content-Encoding
gzip
Last-Modified
Fri, 10 Jul 2020 13:55:29 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"10a11fa-3cf34-5aa16b1a49e29"
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
public, max-age=32005
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
75395
Expires
Tue, 21 Jul 2020 20:36:02 GMT
pageview
ng.virgul.com/ 		34 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ng.virgul.com/pageview?c=site_geneli&mt=1595331757864&v=http%3A%2F%2F176.9.92.137%2F&r=nefisyemektarifleri:site_geneli&userId=&tp=&os=&call=noktaad.ads.vvad&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc0,hf1&info=&ref=
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=18464
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.9.7.3 /
Resource Hash
592b055e38f1c2bfbd1b925ce546b93990f31ea2f945a57d6d939eadfc55e997

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 21 Jul 2020 11:42:38 GMT
Content-Encoding
gzip
Server
openresty/1.9.7.3
P3P
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin
http://176.9.92.137
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript; charset=UTF-8
Content-Length
5006
Expires
Tue, 16 Apr 2013 10:49:40 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		117 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=18464
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
11037886dcca7f8822aa69fe62a5718cbd1b8577057948bb8647fc06164a0b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 21 Jul 2020 11:42:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
42342
x-xss-protection
0
server
cafe
etag
14020070618890364554
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 21 Jul 2020 11:42:37 GMT
5a1fd588e4b0ef73064d303f
ng.virgul.com/tck/imp/ 		0
480 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng.virgul.com/tck/imp/5a1fd588e4b0ef73064d303f?l=&t=special&r=2216@site_geneli@nefisyemektarifleri:site_geneli&userId=
Requested by
Host: 176.9.92.137
URL: http://176.9.92.137/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.9.7.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 21 Jul 2020 11:42:38 GMT
Server
openresty/1.9.7.3
P3P
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin
http://176.9.92.137
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Tue, 16 Apr 2013 10:49:40 GMT
publisher:getClientId
ampcid.google.com/v1/ 		74 B
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 21 Jul 2020 11:42:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
status
200
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
http://176.9.92.137
access-control-expose-headers
content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
94
x-xss-protection
0
collect
www.google-analytics.com/g/ 		0
73 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-WGBDLK44E4&gtm=2oe783&_p=781304305&sr=1600x1200&ul=en-us&cid=1445147702.1595331758&_s=1&dl=http%3A%2F%2F176.9.92.137%2F&dr=&dt=Nefis%20Yemek%20Tarifleri%20-%20Kolay%20ve%20Pratik%20Yemek%20Tarifleri&sid=1595331757&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1&up.user_login=false&up.post_type=Ana%20Sayfa
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WGBDLK44E4&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 21 Jul 2020 11:42:37 GMT
server
Golfe2
status
204
content-type
text/plain
access-control-allow-origin
http://176.9.92.137
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		109 B
168 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=176.9.92.137
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 21 Jul 2020 11:42:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
168 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=176.9.92.137
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 21 Jul 2020 11:42:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
publisher:getClientId
ampcid.google.de/v1/ 		3 B
489 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 21 Jul 2020 11:42:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
status
200
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
http://176.9.92.137
access-control-expose-headers
content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
23
x-xss-protection
0
prebid3.25.0.js
static.virgul.com/theme/mockups/outside/ 		317 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.virgul.com/theme/mockups/outside/prebid3.25.0.js
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=18464
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.9.7.3 /
Resource Hash
932f2b501cee670fc5a5ff2566926a652497d9b7194c3b15579a9c0c3baf0f69

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 21 Jul 2020 11:42:38 GMT
Content-Encoding
gzip
Last-Modified
Fri, 10 Jul 2020 09:21:18 GMT
Server
openresty/1.9.7.3
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Tue, 28 Jul 2020 11:42:38 GMT
collect
www.google-analytics.com/ 		35 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j83&a=781304305&t=pageview&_s=1&dl=http%3A%2F%2F176.9.92.137%2F&ul=en-us&de=UTF-8&dt=Nefis%20Yemek%20Tarifleri%20-%20Kolay%20ve%20Pratik%20Yemek%20Tarifleri&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgEABAAQC~&jid=1074135833&gjid=943552606&cid=1445147702.1595331758&tid=UA-258511-16&_gid=1508115909.1595331758&gtm=2wg783MFXWLS3&cg1=Ana%20Sayfa&cg5=Ana%20Sayfa&cd1=0&cd3=Ana%20Sayfa&cd6=Ana%20Sayfa&cd18=non-AdBlocker&cm2=1&z=1130909736
Requested by
Host: 176.9.92.137
URL: http://176.9.92.137/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Jul 2020 01:12:13 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
1074625
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j83&tid=UA-258511-16&cid=1445147702.1595331758&jid=1074135833&gjid=943552606&_gid=1508115909.1595331758&_u=YCDAgEABAAQC~&z=297497043
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-258511-16&cid=1445147702.1595331758&jid=1074135833&_v=j83&z=297497043
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-258511-16&cid=1445147702.1595331758&jid=1074135833&_v=j83&z=297497043&slf_rd=1&random=644532387
42 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-258511-16&cid=1445147702.1595331758&jid=1074135833&_v=j83&z=297497043&slf_rd=1&random=644532387
Requested by
Host: 176.9.92.137
URL: http://176.9.92.137/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Jul 2020 11:42:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 21 Jul 2020 11:42:38 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-258511-16&cid=1445147702.1595331758&jid=1074135833&_v=j83&z=297497043&slf_rd=1&random=644532387
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2F176.9.92.137%2F&domain=176.9.92.137&cw=1&pbt=1
  • https://mug.criteo.com/sid?cpp=1fMf13xUQ3h0NnFxUGFjVEJCSURnbTdhMldPRnFUTWtRZ3poV2pITDNvTysxTDhRNU42MnAzRFYrTTVXOEMzODZwd2xiY3hLb1ZVYXlWZ3A4eVMzOHQ2MEplTStvSElDVldHMncwckR1Vk9KbmQ5VVc2ZTdPOEVZZThPOH...
377 B
670 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=1fMf13xUQ3h0NnFxUGFjVEJCSURnbTdhMldPRnFUTWtRZ3poV2pITDNvTysxTDhRNU42MnAzRFYrTTVXOEMzODZwd2xiY3hLb1ZVYXlWZ3A4eVMzOHQ2MEplTStvSElDVldHMncwckR1Vk9KbmQ5VVc2ZTdPOEVZZThPOHZHQStkMjZGeE94ck1lRU5veE44R2hjNi9rbS8zVzNmamtvY2EzUjdiZlZ0SHBQSjlJeXZUeEtoLytrdGhKaW5mMndYNWlZZEQ5S1cwVEEyd1FubFN0L1RWb3JqYUYzV3BkNWdIQnZhUWRHV2g2NEpKcjNLSVFjSUUyTitNRDdnWkNiUy9MejVxfA&cppv=2
Requested by
Host: 176.9.92.137
URL: http://176.9.92.137/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
e5eae699776a7762ace7fc826793538e827c207c5d1d707f4d7668429c42d8b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Tue, 21 Jul 2020 11:42:37 GMT
status
200
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1124
content-length
377
expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
status
302
date
Tue, 21 Jul 2020 11:42:37 GMT
location
https://mug.criteo.com/sid?cpp=1fMf13xUQ3h0NnFxUGFjVEJCSURnbTdhMldPRnFUTWtRZ3poV2pITDNvTysxTDhRNU42MnAzRFYrTTVXOEMzODZwd2xiY3hLb1ZVYXlWZ3A4eVMzOHQ2MEplTStvSElDVldHMncwckR1Vk9KbmQ5VVc2ZTdPOEVZZThPOHZHQStkMjZGeE94ck1lRU5veE44R2hjNi9rbS8zVzNmamtvY2EzUjdiZlZ0SHBQSjlJeXZUeEtoLytrdGhKaW5mMndYNWlZZEQ5S1cwVEEyd1FubFN0L1RWb3JqYUYzV3BkNWdIQnZhUWRHV2g2NEpKcjNLSVFjSUUyTitNRDdnWkNiUy9MejVxfA&cppv=2
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
http://176.9.92.137
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
943
content-length
509
expires
0
pubads_impl_2020071601.js
securepubads.g.doubleclick.net/gpt/ 		253 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020071601.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a92639b8eb1f5bfc907f31827f7d16fe1291aaa13cfea4daa251375d3c2804a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 21 Jul 2020 11:42:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 16 Jul 2020 18:22:10 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
91596
x-xss-protection
0
expires
Tue, 21 Jul 2020 11:42:38 GMT
Cookie set 5e25888d6f82ad050a0138d8
ng2.virgul.com/ic/ Frame B8C6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ng2.virgul.com/ic/5e25888d6f82ad050a0138d8?scm=https&g=1&t=cpc_annotation&sdr=5000&tp=&r=153183@site_geneli@nefisyemektarifleri:site_geneli&l=&info=&os=&mt=1595331757864&userId=vnetce904a4a-b829-43fd-8f50-e15d9cab183d
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=18464
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.9.7.3 /
Resource Hash

Request headers

Host
ng2.virgul.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://176.9.92.137/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
pId=vnetce904a4a-b829-43fd-8f50-e15d9cab183d; ng_nefisyemektarifleri_site_geneli=1; sc_nefisyemektarifleri=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://176.9.92.137/

Response headers

Server
openresty/1.9.7.3
Date
Tue, 21 Jul 2020 11:42:38 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
323
Connection
keep-alive
P3P
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin
http://176.9.92.137
Access-Control-Allow-Credentials
true
Content-Encoding
gzip
Set-Cookie
pId=vnetce904a4a-b829-43fd-8f50-e15d9cab183d; Expires=Tue, 31 Dec 2199 23:59:59 GMT; Domain=.virgul.com; Path=/; Secure; SameSite=None
Expires
Tue, 16 Apr 2013 10:49:40 GMT
Cookie set 5e2588ac6f82ad050a013a2c
ng2.virgul.com/ic/ Frame 8C57 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ng2.virgul.com/ic/5e2588ac6f82ad050a013a2c?scm=https&g=1&t=cpc_annotation&sdr=5000&tp=&r=153188@site_geneli@nefisyemektarifleri:site_geneli&l=&info=&os=&mt=1595331757864&userId=vnetce904a4a-b829-43fd-8f50-e15d9cab183d
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=18464
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.9.7.3 /
Resource Hash

Request headers

Host
ng2.virgul.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://176.9.92.137/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
pId=vnetce904a4a-b829-43fd-8f50-e15d9cab183d; ng_nefisyemektarifleri_site_geneli=1; sc_nefisyemektarifleri=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://176.9.92.137/

Response headers

Server
openresty/1.9.7.3
Date
Tue, 21 Jul 2020 11:42:38 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
324
Connection
keep-alive
P3P
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin
http://176.9.92.137
Access-Control-Allow-Credentials
true
Content-Encoding
gzip
Set-Cookie
pId=vnetce904a4a-b829-43fd-8f50-e15d9cab183d; Expires=Tue, 31 Dec 2199 23:59:59 GMT; Domain=.virgul.com; Path=/; Secure; SameSite=None
Expires
Tue, 16 Apr 2013 10:49:40 GMT
Cookie set 5e2588a66f82ad050a0139ec
ng2.virgul.com/ic/ Frame 6312 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ng2.virgul.com/ic/5e2588a66f82ad050a0139ec?scm=https&g=1&t=cpc_annotation&sdr=5000&tp=&r=153191@site_geneli@nefisyemektarifleri:site_geneli&l=&info=&os=&mt=1595331757864&userId=vnetce904a4a-b829-43fd-8f50-e15d9cab183d
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=18464
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.9.7.3 /
Resource Hash

Request headers

Host
ng2.virgul.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://176.9.92.137/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
pId=vnetce904a4a-b829-43fd-8f50-e15d9cab183d; ng_nefisyemektarifleri_site_geneli=1; sc_nefisyemektarifleri=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://176.9.92.137/

Response headers

Server
openresty/1.9.7.3
Date
Tue, 21 Jul 2020 11:42:38 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
323
Connection
keep-alive
P3P
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin
http://176.9.92.137
Access-Control-Allow-Credentials
true
Content-Encoding
gzip
Set-Cookie
pId=vnetce904a4a-b829-43fd-8f50-e15d9cab183d; Expires=Tue, 31 Dec 2199 23:59:59 GMT; Domain=.virgul.com; Path=/; Secure; SameSite=None
Expires
Tue, 16 Apr 2013 10:49:40 GMT
Cookie set 5e2588ae6f82ad050a013a52
ng2.virgul.com/ic/ Frame CFC8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ng2.virgul.com/ic/5e2588ae6f82ad050a013a52?scm=https&g=1&t=cpc_annotation&sdr=5000&tp=&r=153187@site_geneli@nefisyemektarifleri:site_geneli&l=&info=&os=&mt=1595331757864&userId=vnetce904a4a-b829-43fd-8f50-e15d9cab183d
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=18464
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.9.7.3 /
Resource Hash

Request headers

Host
ng2.virgul.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://176.9.92.137/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
pId=vnetce904a4a-b829-43fd-8f50-e15d9cab183d; ng_nefisyemektarifleri_site_geneli=1; sc_nefisyemektarifleri=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://176.9.92.137/

Response headers

Server
openresty/1.9.7.3
Date
Tue, 21 Jul 2020 11:42:38 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
324
Connection
keep-alive
P3P
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin
http://176.9.92.137
Access-Control-Allow-Credentials
true
Content-Encoding
gzip
Set-Cookie
pId=vnetce904a4a-b829-43fd-8f50-e15d9cab183d; Expires=Tue, 31 Dec 2199 23:59:59 GMT; Domain=.virgul.com; Path=/; Secure; SameSite=None
Expires
Tue, 16 Apr 2013 10:49:40 GMT
Cookie set 5e2588ae6f82ad050a013a58
ng2.virgul.com/ic/ Frame 72D5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ng2.virgul.com/ic/5e2588ae6f82ad050a013a58?scm=https&g=1&t=cpc_annotation&sdr=5000&tp=&r=153184@site_geneli@nefisyemektarifleri:site_geneli&l=&info=&os=&mt=1595331757864&userId=vnetce904a4a-b829-43fd-8f50-e15d9cab183d
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=18464
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.9.7.3 /
Resource Hash

Request headers

Host
ng2.virgul.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://176.9.92.137/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
pId=vnetce904a4a-b829-43fd-8f50-e15d9cab183d; ng_nefisyemektarifleri_site_geneli=1; sc_nefisyemektarifleri=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://176.9.92.137/

Response headers

Server
openresty/1.9.7.3
Date
Tue, 21 Jul 2020 11:42:38 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
323
Connection
keep-alive
P3P
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin
http://176.9.92.137
Access-Control-Allow-Credentials
true
Content-Encoding
gzip
Set-Cookie
pId=vnetce904a4a-b829-43fd-8f50-e15d9cab183d; Expires=Tue, 31 Dec 2199 23:59:59 GMT; Domain=.virgul.com; Path=/; Secure; SameSite=None
Expires
Tue, 16 Apr 2013 10:49:40 GMT
Cookie set 5e2588ae6f82ad050a013a56
ng2.virgul.com/ic/ Frame 5870 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ng2.virgul.com/ic/5e2588ae6f82ad050a013a56?scm=https&g=1&t=cpc_annotation&sdr=5000&tp=&r=153185@site_geneli@nefisyemektarifleri:site_geneli&l=&info=&os=&mt=1595331757864&userId=vnetce904a4a-b829-43fd-8f50-e15d9cab183d
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=18464
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.9.7.3 /
Resource Hash

Request headers

Host
ng2.virgul.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://176.9.92.137/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
pId=vnetce904a4a-b829-43fd-8f50-e15d9cab183d; ng_nefisyemektarifleri_site_geneli=1; sc_nefisyemektarifleri=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://176.9.92.137/

Response headers

Server
openresty/1.9.7.3
Date
Tue, 21 Jul 2020 11:42:38 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
323
Connection
keep-alive
P3P
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin
http://176.9.92.137
Access-Control-Allow-Credentials
true
Content-Encoding
gzip
Set-Cookie
pId=vnetce904a4a-b829-43fd-8f50-e15d9cab183d; Expires=Tue, 31 Dec 2199 23:59:59 GMT; Domain=.virgul.com; Path=/; Secure; SameSite=None
Expires
Tue, 16 Apr 2013 10:49:40 GMT
tag.js
js.agkn.com/prod/v0/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://js.agkn.com/prod/v0/tag.js
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=18464
Protocol
HTTP/1.1
Server
2600:9000:214f:7000:15:efbc:e300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dc82de33871a9ed40a5379ed264dd0456d9bf58839286b913231648f527bc72b

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 21 Jul 2020 01:53:03 GMT
Via
1.1 6080b2713e502211e152f21f5c59c5a7.cloudfront.net (CloudFront)
Last-Modified
Tue, 22 Oct 2019 20:22:52 GMT
Server
AmazonS3
Age
35375
ETag
"f53f55cbab099be3a970b446a66c496a"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Connection
keep-alive
X-Amz-Cf-Pop
FRA53-C1
Accept-Ranges
bytes
Content-Length
3167
X-Amz-Cf-Id
ok5-DXpY-VmMKlYw2DsPbFc4Xtn65pmhlqyYmRi0FX9FopWIUo--SA==
localstore.js
script.4dex.io/ 		450 B
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid3.25.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8620 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ca8e213054d163276dedede01f9eaedf3daf414063621030719d3cbde1eca51

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 21 Jul 2020 11:42:38 GMT
content-encoding
br
cf-cache-status
HIT
age
92
status
200
x-amz-request-id
ACFF88AD41A2F183
x-amz-id-2
IQA2Bt6d7xgVchGrbOumB9Njp/qWufzP04E5aI4IPS1JC9DoybcJw4WvdJRtrJ14ZL1Ve9ua85Q=
last-modified
Wed, 24 Jun 2020 14:54:57 GMT
server
cloudflare
etag
W/"bfa52622781c173885812009122c3f7c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=1800
cf-request-id
0412c7e14d00003250ab9cf200000001
cf-ray
5b64a8e21f883250-FRA
nefisyemektarifleri.js
static.virgul.com/theme/mockups/sites/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.virgul.com/theme/mockups/sites/nefisyemektarifleri.js?dts=443147
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=18464
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.9.7.3 /
Resource Hash
283f7c75c46539e1f4ce67e992e870ed9ea49222022cf7d5598770c8f97718d1

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 21 Jul 2020 11:42:38 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 Jul 2020 17:10:07 GMT
Server
openresty/1.9.7.3
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Tue, 28 Jul 2020 11:42:38 GMT
Cookie set /
d.agkn.com/iframe/8613/ Frame D8C0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://d.agkn.com/iframe/8613/?che=733207952&gdpr=&gdpr_consent=&ref=&bpid=noktacommedya&c=%7B%22bpid%22%3A%22noktacommedya%22%2C%22loc%22%3A%22http%3A%2F%2F176.9.92.137%2F%22%2C%22gdpr%22%3A%22%22%2C%22gdpr_consent%22%3A%22%22%2C%22ref%22%3A%22-1%22%2C%22cid%22%3A%22-1%22%2C%22sid%22%3A%22nefisyemektarifleri%22%2C%22gen%22%3A%22-1%22%2C%22age%22%3A%22-1%22%2C%22cat%22%3A%22site_geneli%22%2C%22brd%22%3A%22-1%22%7D
Requested by
Host: js.agkn.com
URL: http://js.agkn.com/prod/v0/tag.js
Protocol
HTTP/1.1
Server
2600:9000:214f:9c00:19:fc2c:a140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash

Request headers

Host
d.agkn.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://176.9.92.137/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://176.9.92.137/

Response headers

Content-Type
text/html;charset=UTF-8
Content-Length
479
Connection
keep-alive
Cache-Control
no-cache, must-revalidate
Date
Tue, 21 Jul 2020 11:42:38 GMT
Expires
Sat, 01 Jan 2000 00:00:00 GMT
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
Server
Apache-Coyote/1.1
Set-Cookie
ab=0001%3Aco1X1JICmuDYhsgIqHXx9N8oatgLYrWP;Max-Age=31536000;domain=agkn.com;path=/ u=C|0AEAmqZEuJqmRLgAAAAAAAg1RAQCADVIBAIA;Max-Age=31536000;domain=agkn.com;path=/
X-Cache
Miss from cloudfront
Via
1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA53-C1
X-Amz-Cf-Id
z_qeAfsNfB1aCftUipLNLG1oftInJ6Oq62AtwMGt-9KVDP--i0m0Yw==
cdb
bidder.criteo.com/ 		0
141 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=92&profileId=184&cb=55433138532
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

status
204
date
Tue, 21 Jul 2020 11:42:38 GMT
access-control-allow-credentials
true
server
Finatra
access-control-allow-origin
http://176.9.92.137
timing-allow-origin
*
vary
Origin
bid
ap.lijit.com/rtb/ 		24 B
575 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_3.25.0
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid3.25.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx /
Resource Hash
3fa32e5b32dedd8b59975f984b83cafd22e4defe1d9c4c36f85444e3afaeb4d3

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 21 Jul 2020 11:42:38 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
http://176.9.92.137
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
44
auction
prebid-server.rubiconproject.com/openrtb2/ 		173 B
379 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid3.25.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.146.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
3eef9b77571d73d6c2b1d3306a5f3a38a4cfea802b7585f2d60106303751826d

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 21 Jul 2020 11:42:38 GMT
content-encoding
gzip
status
200
content-type
application/json
access-control-allow-origin
http://176.9.92.137
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
168
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13760&site_id=317916&zone_id=1679676&size_id=15&alt_size_ids=2%2C1%2C13%2C55%2C57&rf=http%3A%2F%2F176.9.92.137%2F&tk_flint=pbjs_lite_v3.25.0&x_source.tid=056ff9b8-b4ed-4153-9334-968ea354aeeb&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.8558961026803751
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid3.25.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.31 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
2a99c422ec7298e807fe4c96e313a916a0da2da57a1f53bb314c02f42724b111

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 21 Jul 2020 11:42:38 GMT
Content-Encoding
gzip
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
http://176.9.92.137
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
1459
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		259 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13760&site_id=317916&zone_id=1679912&size_id=15&alt_size_ids=9%2C8%2C10%2C14&rf=http%3A%2F%2F176.9.92.137%2F&tk_flint=pbjs_lite_v3.25.0&x_source.tid=4dfcc01b-9432-4c91-966c-14d050926238&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.892347232066532
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid3.25.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.31 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
b827e99524fde9405eb682910df1a3a66a261f55989907c2444de1a6ddebe1fb

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 21 Jul 2020 11:42:38 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
http://176.9.92.137
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
259
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		259 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13760&site_id=317916&zone_id=1679890&size_id=15&alt_size_ids=9%2C8%2C10%2C14&rf=http%3A%2F%2F176.9.92.137%2F&tk_flint=pbjs_lite_v3.25.0&x_source.tid=6f75dd00-ff19-422c-b578-3aeffe4ac31f&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.9104380414332216
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid3.25.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.31 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
b049ed41d9e6f934d259a8d26d1e5f988625aeec6101d4151a73efbd2732cd91

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 21 Jul 2020 11:42:38 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
http://176.9.92.137
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
259
Expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ 		0
113 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid3.25.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Tue, 21 Jul 2020 11:42:38 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-origin
http://176.9.92.137
adagio.js
script.4dex.io/ 		63 KB
19 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8620 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
272f0b94a4cc8f18c95a3b9519ff5e850ddb2b1c6c6cc27df4cc306a4886ae88

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 21 Jul 2020 11:42:38 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
age
2
status
200
x-amz-request-id
87C2761FD1AF3935
x-amz-id-2
KVk0U0k8KVbep5IbGZKirQ8TKMzOkVil5mJJL2o3N6VaGb1vNHTUxRT3+JtZo1Fzp08tGxQ9XXI=
last-modified
Wed, 24 Jun 2020 14:54:55 GMT
server
cloudflare
etag
W/"e271d40dcaf476981753ddafc272f0ba"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
cf-request-id
0412c7e1ac0000060903345200000001
cf-ray
5b64a8e2ad5c0609-FRA
firstevent
samsungturkey.demdex.net/
Redirect Chain
  • https://samsungturkey.demdex.net/event?c_source=desktop&c_url=http%3A%2F%2F176.9.92.137%2F&c_site=nefisyemektarifleri&c_title=Nefis%20Yemek%20Tarifleri%20-%20Kolay%20ve%20Pratik%20Yemek%20Tarifleri...
  • https://samsungturkey.demdex.net/firstevent?c_source=desktop&c_url=http%3A%2F%2F176.9.92.137%2F&c_site=nefisyemektarifleri&c_title=Nefis%20Yemek%20Tarifleri%20-%20Kolay%20ve%20Pratik%20Yemek%20Tari...
42 B
935 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://samsungturkey.demdex.net/firstevent?c_source=desktop&c_url=http%3A%2F%2F176.9.92.137%2F&c_site=nefisyemektarifleri&c_title=Nefis%20Yemek%20Tarifleri%20-%20Kolay%20ve%20Pratik%20Yemek%20Tarifleri&c_category=kategori&c_subcategory=&c_day=tuesday&c_time=lunch
Requested by
Host: 176.9.92.137
URL: http://176.9.92.137/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.174.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

DCS
dcs-prod-irl1-v075-011ea5b64.edge-irl1.demdex.com 5.74.0.20200706134429 5ms (+1ms)
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-TID
2Eq2+njIQNM=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
4CVcMUiqTBg=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://samsungturkey.demdex.net/firstevent?c_source=desktop&c_url=http%3A%2F%2F176.9.92.137%2F&c_site=nefisyemektarifleri&c_title=Nefis%20Yemek%20Tarifleri%20-%20Kolay%20ve%20Pratik%20Yemek%20Tarifleri&c_category=kategori&c_subcategory=&c_day=tuesday&c_time=lunch
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ulser-diyeti-listesi-saglikli-beslenme-ipuclari-4-120x80.jpg
i.nefisyemektarifleri.com/2020/07/17/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nefisyemektarifleri.com/2020/07/17/ulser-diyeti-listesi-saglikli-beslenme-ipuclari-4-120x80.jpg
Requested by
Host: 176.9.92.137
URL: http://176.9.92.137/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:e66f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22279ec44983aa3c90c39b383d8cf4a1ae51c3f972876c31d7f7b07acf486c27

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 21 Jul 2020 11:42:38 GMT
via
1.1 varnish
cf-cache-status
HIT
age
337259
cf-polished
origSize=2929, status=webp_bigger
x-cache
X-HIT
status
200
x-optim-disabled
true
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2868
cf-request-id
0412c7e1d3000016e67681b200000001
x-bnc
photon
last-modified
Fri, 17 Jul 2020 13:59:32 GMT
server
cloudflare
photon
local
etag
"16480201f11eebc0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=97890000
x-r
0
accept-ranges
bytes
cf-ray
5b64a8e2ee5016e6-FRA
cf-bgj
imgq:100,h2pri
yulaf-samaninin-az-bilinen-7-faydasi-120x80.jpg
i.nefisyemektarifleri.com/2020/07/17/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nefisyemektarifleri.com/2020/07/17/yulaf-samaninin-az-bilinen-7-faydasi-120x80.jpg
Requested by
Host: 176.9.92.137
URL: http://176.9.92.137/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:e66f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee3e991a3e333cac4fe2d267f84da1e49b010a148bb60f59d0612b71132259d9

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 21 Jul 2020 11:42:38 GMT
via
1.1 varnish
cf-cache-status
HIT
age
343975
cf-polished
origSize=2960, status=webp_bigger
x-cache
X-HIT
status
200
x-optim-disabled
true
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2899
cf-request-id
0412c7e1d4000016e67681c200000001
x-bnc
photonkunefe
last-modified
Fri, 17 Jul 2020 11:59:31 GMT
server
cloudflare
photon
remote
etag
"f7dcc5ea53e93ba2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=97890000
x-r
0
accept-ranges
bytes
cf-ray
5b64a8e2ee5516e6-FRA
cf-bgj
imgq:100,h2pri
kilo-alamiyorum-diyenlere-en-hizli-15-kesin-cozum-5-120x80.jpg
i.nefisyemektarifleri.com/2020/07/17/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nefisyemektarifleri.com/2020/07/17/kilo-alamiyorum-diyenlere-en-hizli-15-kesin-cozum-5-120x80.jpg
Requested by
Host: 176.9.92.137
URL: http://176.9.92.137/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:e66f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40a1ccc2209fae7059733697388929db1a280a479dd6c5bf58914c3cdb8f3959

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 21 Jul 2020 11:42:38 GMT
via
1.1 varnish
cf-cache-status
HIT
age
351707
cf-polished
origSize=4984, status=webp_bigger
x-cache
X-HIT
status
200
x-optim-disabled
true
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4923
cf-request-id
0412c7e1d4000016e67681d200000001
x-bnc
photon
last-modified
Fri, 17 Jul 2020 09:59:25 GMT
server
cloudflare
photon
local
etag
"34150842b5ac4bf9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=97890000
x-r
0
accept-ranges
bytes
cf-ray
5b64a8e2ee5816e6-FRA
cf-bgj
imgq:100,h2pri
hodan-yagi-cilde-iyi-gelen-5-faydasi-120x80.jpg
i.nefisyemektarifleri.com/2020/07/16/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nefisyemektarifleri.com/2020/07/16/hodan-yagi-cilde-iyi-gelen-5-faydasi-120x80.jpg
Requested by
Host: 176.9.92.137
URL: http://176.9.92.137/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:e66f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17329bf74aaad9e7c6fcf6aa52a684d35c0bd64a5b7721da6a55087b62475da2

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 21 Jul 2020 11:42:38 GMT
via
1.1 varnish
cf-cache-status
HIT
age
430985
cf-polished
origSize=2287, status=webp_bigger
x-cache
X-HIT
status
200
x-optim-disabled
true
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2226
cf-request-id
0412c7e1d4000016e67681e200000001
x-bnc
photon
last-modified
Thu, 16 Jul 2020 11:59:28 GMT
server
cloudflare
photon
local
etag
"575c6b16fcb37075"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=97890000
x-r
0
accept-ranges
bytes
cf-ray
5b64a8e2ee5916e6-FRA
cf-bgj
imgq:100,h2pri
ads
securepubads.g.doubleclick.net/gampad/ 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1786267436779091&correlator=1029426900959622&output=ldjh&impl=fif&adsid=NT&eid=21065517%2C21065725&vrg=2020071601&guci=1.2.0.0.2.2.0.0&sc=0&sfv=1-0-37&ecs=20200721&iu_parts=21728129623%2Cweb_nyt_anasayfa_icerik_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C250x250%7C200x200%7C160x160%7C300x100&fluid=height&eri=1&cust_params=category%3Dsite_geneli%26viewable%3D2%26site%3Dnefisyemektarifleri%26mt%3D1595331757864%26pager%3D1%2540site_geneli%2540nefisyemektarifleri%253Asite_geneli%26url%3D%252Fhttp%253A%252F%252F176.9.92.137%252F%26targetCtr%3D0%26targetCr%3D0%26Mobile%3Dfalse%26webmAd%3D1%26overlay%3D1%26datasave%3D0&cookie_enabled=1&bc=23&abxe=1&lmt=1595230862&dt=1595331758954&dlt=1595331756923&idt=1499&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=3650327829&ucis=1&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2F176.9.92.137%2F&dssz=47&icsg=4398594424832&mso=2048&std=0&vis=1&scr_x=0&scr_y=0&psz=294x-1&msz=294x-1&ga_vid=1445147702.1595331758&ga_sid=1595331759&ga_hid=781304305&fws=132&ohw=314
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020071601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3482e4cf3b58ee296d51a04a522050936080c5b1e2ae7516b6199ae68297ece7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 21 Jul 2020 11:42:39 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2635
x-xss-protection
0
google-lineitem-id
4942593729
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138258797963
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://176.9.92.137
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
5108c0169a02a2d0abaed8431efbdce9.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://5108c0169a02a2d0abaed8431efbdce9.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020071601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020071601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
ads
securepubads.g.doubleclick.net/gampad/ 		18 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1786267436779091&correlator=4429102531864134&output=ldjh&impl=fif&adsid=NT&eid=21065517%2C21065725&vrg=2020071601&guci=1.2.0.0.2.2.0.0&sc=0&sfv=1-0-37&ecs=20200721&iu_parts=21728129623%2Cweb_nyt_sidebar_300x600&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x600%7C160x600%7C120x600&fluid=height&eri=1&cust_params=category%3Dsite_geneli%26viewable%3D2%26site%3Dnefisyemektarifleri%26mt%3D1595331757864%26pager%3D1%2540site_geneli%2540nefisyemektarifleri%253Asite_geneli%26url%3D%252Fhttp%253A%252F%252F176.9.92.137%252F%26targetCtr%3D0%26targetCr%3D0%26Mobile%3Dfalse%26webmAd%3D1%26overlay%3D1%26datasave%3D0&cookie_enabled=1&bc=23&abxe=1&lmt=1595230862&dt=1595331758988&dlt=1595331756923&idt=1499&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=1938460470&ucis=2&ifi=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2F176.9.92.137%2F&dssz=47&icsg=4398594424832&mso=2048&std=0&vis=1&scr_x=0&scr_y=0&psz=322x0&msz=322x600&ga_vid=1445147702.1595331758&ga_sid=1595331759&ga_hid=781304305&fws=128&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020071601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
14b45225007de174dfacdaa3345b4b7e444c01d8a0704d314e4968d0b99c90d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 21 Jul 2020 11:42:39 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5262
x-xss-protection
0
google-lineitem-id
5425140233
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138317317632
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://176.9.92.137
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		465 B
438 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1786267436779091&correlator=373363026415985&output=ldjh&impl=fif&adsid=NT&eid=21065517%2C21065725&vrg=2020071601&guci=1.2.0.0.2.2.0.0&sc=0&sfv=1-0-37&ecs=20200721&iu_parts=21728129623%2Cweb_nyt_yeni_tarifler_son_eklenen_videolar_arasi_468x60&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C468x60%7C615x60%7C320x50%7C300x50%7C120x60%7C216x54%7C600x200&fluid=height&eri=1&cust_params=category%3Dsite_geneli%26viewable%3D2%26site%3Dnefisyemektarifleri%26mt%3D1595331757864%26pager%3D1%2540site_geneli%2540nefisyemektarifleri%253Asite_geneli%26url%3D%252Fhttp%253A%252F%252F176.9.92.137%252F%26targetCtr%3D0%26targetCr%3D0%26Mobile%3Dfalse%26webmAd%3D1%26overlay%3D1%26datasave%3D0&cookie_enabled=1&bc=23&abxe=1&lmt=1595230862&dt=1595331759026&dlt=1595331756923&idt=1499&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=4294517102&ucis=3&ifi=3&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2F176.9.92.137%2F&dssz=47&icsg=4398594424832&mso=2048&std=0&vis=1&scr_x=0&scr_y=0&psz=630x0&msz=970x60&ga_vid=1445147702.1595331758&ga_sid=1595331759&ga_hid=781304305&fws=128&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020071601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e1a1764084b3db3393a9f7b5a4b66ece9030e1db623f93114e3f44484a79b99c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 21 Jul 2020 11:42:39 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
262
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://176.9.92.137
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1786267436779091&correlator=1949656112509100&output=ldjh&impl=fif&adsid=NT&eid=21065517%2C21065725&vrg=2020071601&guci=1.2.0.0.2.2.0.0&sc=0&sfv=1-0-37&ecs=20200721&iu_parts=21728129623%2Cweb_nyt_right_tower&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C160x600%7C120x600%7C120x240&fluid=height&eri=1&cust_params=category%3Dsite_geneli%26viewable%3D2%26site%3Dnefisyemektarifleri%26mt%3D1595331757864%26pager%3D1%2540site_geneli%2540nefisyemektarifleri%253Asite_geneli%26url%3D%252Fhttp%253A%252F%252F176.9.92.137%252F%26targetCtr%3D0%26targetCr%3D0%26Mobile%3Dfalse%26webmAd%3D1%26overlay%3D1%26datasave%3D0&cookie_enabled=1&bc=23&abxe=1&lmt=1595230862&dt=1595331759033&dlt=1595331756923&idt=1499&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=3212345396&ucis=4&ifi=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2F176.9.92.137%2F&dssz=47&icsg=4398594424832&mso=2048&std=0&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=1445147702.1595331758&ga_sid=1595331759&ga_hid=781304305&fws=640&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020071601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a982f0acb3a93c0b3044df5d1f5d1d70d48b6fc212b3f9d3136958f517ee4266
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 21 Jul 2020 11:42:39 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2601
x-xss-protection
0
google-lineitem-id
4942600503
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138259004053
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://176.9.92.137
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1786267436779091&correlator=3892158232432385&output=ldjh&impl=fif&adsid=NT&eid=21065517%2C21065725&vrg=2020071601&guci=1.2.0.0.2.2.0.0&sc=0&sfv=1-0-37&ecs=20200721&iu_parts=21728129623%2Cweb_nyt_masthead&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C970x90%7C728x250%7C728x90%7C728x50%7C600x200&prev_scp=hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D728x90%26hb_pb%3D0.19%26hb_adid%3D1899e8ad3568b45%26hb_bidder%3Drubicon%26hb_format_rubicon%3Dbanner%26hb_source_rubicon%3Dclient%26hb_size_rubicon%3D728x90%26hb_pb_rubicon%3D0.19%26hb_adid_rubicon%3D1899e8ad3568b45%26hb_bidder_rubicon%3Drubicon%26hg_pb%3D0.19&eri=1&cust_params=category%3Dsite_geneli%26viewable%3D2%26site%3Dnefisyemektarifleri%26mt%3D1595331757864%26pager%3D1%2540site_geneli%2540nefisyemektarifleri%253Asite_geneli%26url%3D%252Fhttp%253A%252F%252F176.9.92.137%252F%26targetCtr%3D0%26targetCr%3D0%26Mobile%3Dfalse%26webmAd%3D1%26overlay%3D1%26datasave%3D0&cookie_enabled=1&bc=23&abxe=1&lmt=1595230862&dt=1595331759064&dlt=1595331756923&idt=1499&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=888613117&ucis=5&ifi=5&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2F176.9.92.137%2F&dssz=47&icsg=4398594424832&mso=2048&std=0&vis=1&scr_x=0&scr_y=0&psz=1600x0&msz=1600x270&ga_vid=1445147702.1595331758&ga_sid=1595331759&ga_hid=781304305&fws=128&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020071601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e31c5832975e667d176e1834b851a4e473463717dba0f01a56bc9bade5db54df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 21 Jul 2020 11:42:39 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2455
x-xss-protection
0
google-lineitem-id
5286071689
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138301715301
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://176.9.92.137
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1786267436779091&correlator=4241360875903649&output=ldjh&impl=fif&adsid=NT&eid=21065517%2C21065725&vrg=2020071601&guci=1.2.0.0.2.2.0.0&sc=0&sfv=1-0-37&ecs=20200721&iu_parts=21728129623%2Cweb_nyt_left_tower&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C160x600%7C120x600%7C120x240&fluid=height&eri=1&cust_params=category%3Dsite_geneli%26viewable%3D2%26site%3Dnefisyemektarifleri%26mt%3D1595331757864%26pager%3D1%2540site_geneli%2540nefisyemektarifleri%253Asite_geneli%26url%3D%252Fhttp%253A%252F%252F176.9.92.137%252F%26targetCtr%3D0%26targetCr%3D0%26Mobile%3Dfalse%26webmAd%3D1%26overlay%3D1%26datasave%3D0&cookie_enabled=1&bc=23&abxe=1&lmt=1595230862&dt=1595331759080&dlt=1595331756923&idt=1499&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=3244870483&ucis=6&ifi=6&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2F176.9.92.137%2F&dssz=47&icsg=4398594424832&mso=2048&std=0&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=1445147702.1595331758&ga_sid=1595331759&ga_hid=781304305&fws=640&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020071601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8b190353d4e4c82b22033d9f512f789ca73092e756ba4ab8ad744d68e84ffc46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 21 Jul 2020 11:42:39 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2607
x-xss-protection
0
google-lineitem-id
4942600503
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138259004053
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://176.9.92.137
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 7535 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020071601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-37/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://176.9.92.137/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://176.9.92.137/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
timing-allow-origin
*
content-length
2973
date
Tue, 21 Jul 2020 11:03:57 GMT
expires
Wed, 21 Jul 2021 11:03:57 GMT
last-modified
Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
2322
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020071601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9647158f17a3e482e4a64041911cf731dd19fac2630f5bd5c0338d12e7462d23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 21 Jul 2020 11:42:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1595244815033837"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
27216
x-xss-protection
0
expires
Tue, 21 Jul 2020 11:42:39 GMT
amp4ads-v0.js
cdn.ampproject.org/rtv/012007102309000/ Frame 8A0E 		206 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012007102309000/amp4ads-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020071601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1d719a7b7ef17ad476a644a196c6130ed955f5ab06f7bac34632f44d4772bfe5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
3251
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57400
x-xss-protection
0
server
sffe
date
Tue, 21 Jul 2020 10:48:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"83969d63ffc70a02"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 21 Jul 2021 10:48:28 GMT
amp-analytics-0.1.js
cdn.ampproject.org/rtv/012007102309000/v0/ Frame 8A0E 		96 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012007102309000/v0/amp-analytics-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020071601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de2181a33594f9109e9e48ecf4d5431585340ad5d9a3ba7ab57939f5afe90d32
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
2802
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29729
x-xss-protection
0
server
sffe
date
Tue, 21 Jul 2020 10:55:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"b208119f1c2c4cc7"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 21 Jul 2021 10:55:57 GMT
truncated
/ Frame 8A0E 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2cbaa837767f90684082c8646e641a9a025a3b895fa392b51934a704acbb66db

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
15135225676971641896
tpc.googlesyndication.com/simgad/ Frame 8A0E 		60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/15135225676971641896
Requested by
Host: 176.9.92.137
URL: http://176.9.92.137/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
19ddce3a802a242aa950f7c8fc170566498c8f72d666c29e93e25caaeab7be14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 17 Jul 2020 12:05:51 GMT
x-content-type-options
nosniff
age
344208
x-dns-prefetch-control
off
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61760
x-xss-protection
0
last-modified
Fri, 17 Jul 2020 11:57:03 GMT
server
sffe
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 17 Jul 2021 12:05:51 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 8A0E 		0
313 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssek5hDDfceULE8QOB3EmqzA8DogfD-cPS2wr6pHIceWlgmzyFuK-zlJHX9OhNjI6P_E6rF12FiS1tPjWVjAiUNUw5G6i1_6XoY6k-9GRFSvwTjMiePRIbw5Dqc1xj2G9lCGUXololhssgxVA3eHQtGesKDsokxnpyLC0chFjk24nh43cC4kMkWgYHF3LB6RpPFjtwAcFmyLvSz_J5hS2NDku9jpWNKBDlH6CtXb4aw-S6ma9e4_c52K6TzLHOY0IBzZnvJettk4oCBaro1XsUALo3hyeK_L_OqFL2L&sai=AMfl-YSjbdAQnul4wdV9-kCUkdmJ_yOSFIQUJszS-4xANOCS8aO2GiFKFpMZKtiHQpP5D3FC3-a9qhKYbU6zZ8QBDHK4XP7T3PauvpzbnTtxRUHiTn-Huc4d3G-Dumb8CtmI&sig=Cg0ArKJSzJj9M9Q3yTUdEAE&adurl=
Requested by
Host: 176.9.92.137
URL: http://176.9.92.137/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 21 Jul 2020 11:42:39 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 21 Jul 2020 11:42:39 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame C9BD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020071601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-37/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://176.9.92.137/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://176.9.92.137/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
timing-allow-origin
*
content-length
2973
date
Tue, 21 Jul 2020 11:03:57 GMT
expires
Wed, 21 Jul 2021 11:03:57 GMT
last-modified
Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
2322
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
securepubads.g.doubleclick.net/pcs/ Frame AC40 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssZvyBR_MjHqylCE5Uf1HH_LtGE4aIynRJdZ2JqFhwWv_Py8ids-mGH3IAv-rEASV1SMliLcZsJHWmhV1YwzJswIkRvs1Cdm1zXVrWE8MgMm46qHSDuyPNwWfdp14DlVRHW6kekyrOm2p5MOk7213TfQdzoYlOo8ivGm-0m-OLk_iGHC7OBOCK-vaHm9IhnPVav5EfXY8a1lfUJS89T-fN-6wUCsxV3QGoHVILnR4ssXjd_AJQMVLraFCKC_v_0YK8e0ENaYiwj4Gg&sai=AMfl-YSBjVmTHikNEnYI0vlN9iHtcip9b3goczQiizUWBKEO4vd_kuzvth9OorYrRLmGc1TkYT5dxv3ZaALKFxVqVqKBJCZjlmJxqxgJ8adgYQ&sig=Cg0ArKJSzNtrc2sX7j89EAE&urlfix=1&adurl=
Requested by
Host: 176.9.92.137
URL: http://176.9.92.137/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 21 Jul 2020 11:42:39 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 21 Jul 2020 11:42:39 GMT
/
track.adform.net/adfscript/ Frame AC40 		20 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=37071191;rtbwp=7C80B05F78AC1AA0;rtbdata=Anqjj2BazSN8rUhd3LTVNV0sWdyCBB5ewJizBbTtnCLBHEjRJZQSSbrMZoyhImrtOSdrykVRA-_PriehbPoGy7culqmsd9xWWkmAZQbia6AwxdqB9EPCNfZCi5GD3YWzylmy_USDajZBOi1QZ3PfwpHcYHfidYYY3MmUyzKdGpBatUv8XmC_ZcAHCgunmjigpoL6pZRaLPEHguav5NGT62sRFU61vd67I5WxZzDQfg6riYlAKSyhS775Oz-Jutmv0;OOBClickTrack=http://beacon-nf.rubiconproject.com/beacon/v2/t/0/431a6dd2-c2cb-44fd-9f8d-67f3a0368cab/
Requested by
Host: 176.9.92.137
URL: http://176.9.92.137/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
108427078f07752635b4f5954f2b42ad60737031c9da67c42cccd9b293ec628a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Jul 2020 11:42:39 GMT
content-encoding
gzip
server
nginx
status
200
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
9797
expires
-1
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame AC40 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020071601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
86805f44e219c56d9347426133aae1bdde36713969e4a3e13437993db92872c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 21 Jul 2020 11:42:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1595244815033837"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
28380
x-xss-protection
0
expires
Tue, 21 Jul 2020 11:42:39 GMT
431a6dd2-c2cb-44fd-9f8d-67f3a0368cab
beacon-eu-ams3.rubiconproject.com/beacon/d/ Frame AC40 		43 B
268 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-eu-ams3.rubiconproject.com/beacon/d/431a6dd2-c2cb-44fd-9f8d-67f3a0368cab?oo=0&accountId=13760&siteId=317916&zoneId=1679676&sizeId=2&e=6A1E40E384DA563B1D20EA78424382B8A59563515D970D02DC2D62F99B39E43B9019C62116A0ACD0C4F46C54ACECC427954C2C6DA26453284720B0637393E00D2F4B8E69E9E3507A056D13E1897680C50C7FDFE56FF90D66A0F9D5DC281E068B61DD1396F772C0EF75AF1277563713195444AF581F0015A770453A0FF81FFB34199362B438DBD45C24C2CEC90EE38BAA04FCE2A38EDC966517484A0970FD32C227AEA01E2AB469AF08C004759439AA723096421E9D82789EE9DD0B2EFF2D298C40D6CF5B4BF9795B70A7B67C3DEC07A6
Requested by
Host: 176.9.92.137
URL: http://176.9.92.137/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.67 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
Rubicon Project /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 21 Jul 2020 11:42:38 GMT
Cache-Control
private, max-age=0, no-cache
Server
Rubicon Project
Content-Type
image/webp
Content-Length
43
Expires
01 Jan 1970 10:00:00 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 8B56 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020071601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-37/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://176.9.92.137/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://176.9.92.137/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
timing-allow-origin
*
content-length
2973
date
Tue, 21 Jul 2020 11:03:57 GMT
expires
Wed, 21 Jul 2021 11:03:57 GMT
last-modified
Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
2322
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bootstrap.js
s1.adform.net/stoat/620/s1.adform.net/ Frame AC40 		33 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=37071191;rtbwp=7C80B05F78AC1AA0;rtbdata=Anqjj2BazSN8rUhd3LTVNV0sWdyCBB5ewJizBbTtnCLBHEjRJZQSSbrMZoyhImrtOSdrykVRA-_PriehbPoGy7culqmsd9xWWkmAZQbia6AwxdqB9EPCNfZCi5GD3YWzylmy_USDajZBOi1QZ3PfwpHcYHfidYYY3MmUyzKdGpBatUv8XmC_ZcAHCgunmjigpoL6pZRaLPEHguav5NGT62sRFU61vd67I5WxZzDQfg6riYlAKSyhS775Oz-Jutmv0;OOBClickTrack=http://beacon-nf.rubiconproject.com/beacon/v2/t/0/431a6dd2-c2cb-44fd-9f8d-67f3a0368cab/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
bf6f96985d9f9ab3332721601ff06191bfb8630e60fcf414cdde0cdf4e5eb811

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 21 Jul 2020 11:42:39 GMT
content-encoding
gzip
last-modified
Thu, 09 Jul 2020 14:30:32 GMT
server
nginx
status
200
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Wed, 22 Jul 2020 14:46:53 GMT
15135225676971641896
tpc.googlesyndication.com/simgad/ Frame 8A0E 		60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/15135225676971641896
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012007102309000/amp4ads-v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
19ddce3a802a242aa950f7c8fc170566498c8f72d666c29e93e25caaeab7be14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 17 Jul 2020 12:05:51 GMT
x-content-type-options
nosniff
age
344208
x-dns-prefetch-control
off
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61760
x-xss-protection
0
last-modified
Fri, 17 Jul 2020 11:57:03 GMT
server
sffe
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 17 Jul 2021 12:05:51 GMT
adview
ng2.virgul.com/ 		120 B
661 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ng2.virgul.com/adview?a=55f019d0e4b032db9d4c3c0a&st=1&r=2216
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=18464
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.9.7.3 /
Resource Hash
d9fd0aeda423bd39a36871759ef7b17dab3d51e5981cd5839103f990b8b9ef60

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 21 Jul 2020 11:42:39 GMT
Content-Encoding
gzip
Server
openresty/1.9.7.3
P3P
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin
http://176.9.92.137
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
115
Expires
Tue, 16 Apr 2013 10:49:40 GMT
/
track.adform.net/wpf/v2/Fla44j1c.lY5BNvcKyAdMUDFBpBeA0fUm7qKFz0Xnj3wMvsD7z5meTuCUMz_WMXWMYGzXJJIneGffLMC7EZ3QHPBirTYKUowRslzRQqwSM2ieQTNHkdn.MqgXK_Pmtd0SHp815LyjaY2.rINj.rINM6uJ6o6e0T.5yjaY1WMsiZRP... Frame AC40 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/wpf/v2/Fla44j1c.lY5BNvcKyAdMUDFBpBeA0fUm7qKFz0Xnj3wMvsD7z5meTuCUMz_WMXWMYGzXJJIneGffLMC7EZ3QHPBirTYKUowRslzRQqwSM2ieQTNHkdn.MqgXK_Pmtd0SHp815LyjaY2.rINj.rINM6uJ6o6e0T.5yjaY1WMsiZRPrwXC_JEkNgvlE4yy2XElgebiYMpztNKscKsoUs_43wuZPup_nH2t05oaYAhrcpMxE6DBUr5xj6Kkveara3g9Rk4xf7_OLgiPFMtrs1OeyjaY1LJ5UQEgenIAUMnGWpwoNSUC56MnGWVQdgFCoq1av5HZgdioeJrAR0odm_dhrxbuJjkWxv5iJ3A0KAGYi4Y.0Y.KI3dmXb9WK2iwfw9buTrjNpp0iJ3A0KFgBFY5BNlrAp5BNlVn_hs1Y5CCsGrilSHlF4XVA4.L9.gJ0Nc1lF1f4.90PgJ.e_elFCUC68mlFCUC68mlF8KSKXV4.hL9.LxU..9Jx/adfserve/?CC=1&bn=37071191;rtbwp=7C80B05F78AC1AA0;rtbdata=Anqjj2BazSN8rUhd3LTVNV0sWdyCBB5ewJizBbTtnCLBHEjRJZQSSbrMZoyhImrtOSdrykVRA-_PriehbPoGy7culqmsd9xWWkmAZQbia6AwxdqB9EPCNfZCi5GD3YWzylmy_USDajZBOi1QZ3PfwpHcYHfidYYY3MmUyzKdGpBatUv8XmC_ZcAHCgunmjigpoL6pZRaLPEHguav5NGT62sRFU61vd67I5WxZzDQfg6riYlAKSyhS775Oz-Jutmv0;oobclicktrack=http%3a%2f%2fbeacon-nf.rubiconproject.com%2fbeacon%2fv2%2ft%2f0%2f431a6dd2-c2cb-44fd-9f8d-67f3a0368cab%2f;js=1;adfxid=1x;8767;set=en-US|en-US|1600X1200|0|750|100|24|8|3|7|0|0;fd=0|2&CREFURL=http%3A%2F%2F176.9.92.137%2F
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
0967326db6565438e24f8882af8c9a1b40e1bf52c6722a15a4a8b3abfacd7c08
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Jul 2020 11:42:39 GMT
content-encoding
gzip
server
nginx
status
200
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
2602
expires
-1
view
securepubads.g.doubleclick.net/pcs/ Frame 8A0E 		0
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvF2IlW3NSrcbnjw6_0vhW2c4aM1amtZsgXfITSryG1lZWSMNiYQaVB6E0UZkiX73l20qHeAto4ouSWnxODFp4ZHkyu2C1L3hcFR3TkCyRigoAlaR3UCphatNjsb30pFX3GSJS6fYj5m6rqWJpFeaPYICqFyYa3hQAaG1J0pYcONiWqyvQXZ70BwxtZ1iFCISVwpcsCmkm4JXp_bNsF0FH0aWpgSrl-t66yMebRK_S6X5Ph5W82goEHBTGKJXxJXoSft3WpPCshORipfwlAv6_k&sai=AMfl-YQoxmM5VCNrzPxzV87DoBieB_2WymRktnLISSOa3i3M1HDsylgZHknHs3YQhMIC03ID_U5r5d9iRFmTylHdy52Ug6-0bwgfrCOd63zmFKWRIF1m3OygXcTQzoU5dtV4&sig=Cg0ArKJSzI2SUfONx6QXEAE&adurl=
Requested by
Host: 176.9.92.137
URL: http://176.9.92.137/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 21 Jul 2020 11:42:39 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
B21830396.231455012;dc_pre=CLiYgPeh3uoCFcmAgwcd9G0IOQ;dc_trk_aid=429325705;dc_trk_cid=124426746;pb=value;ord=62381;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
ad.doubleclick.net/ddm/trackimp/N126614.1945103AUDIENCENETWORK0/ Frame AC40
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N126614.1945103AUDIENCENETWORK0/B21830396.231455012;dc_trk_aid=429325705;dc_trk_cid=124426746;pb=value;ord=62381;dc_lat=;dc_rdid=;tag_for_child_directed_trea...
  • https://ad.doubleclick.net/ddm/trackimp/N126614.1945103AUDIENCENETWORK0/B21830396.231455012;dc_pre=CLiYgPeh3uoCFcmAgwcd9G0IOQ;dc_trk_aid=429325705;dc_trk_cid=124426746;pb=value;ord=62381;dc_lat=;dc...
42 B
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N126614.1945103AUDIENCENETWORK0/B21830396.231455012;dc_pre=CLiYgPeh3uoCFcmAgwcd9G0IOQ;dc_trk_aid=429325705;dc_trk_cid=124426746;pb=value;ord=62381;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
Requested by
Host: 176.9.92.137
URL: http://176.9.92.137/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.21.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Jul 2020 11:42:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 21 Jul 2020 11:42:40 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
302
content-type
text/html; charset=UTF-8
location
https://ad.doubleclick.net/ddm/trackimp/N126614.1945103AUDIENCENETWORK0/B21830396.231455012;dc_pre=CLiYgPeh3uoCFcmAgwcd9G0IOQ;dc_trk_aid=429325705;dc_trk_cid=124426746;pb=value;ord=62381;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame 6307 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=pl
Requested by
Host: 176.9.92.137
URL: http://176.9.92.137/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.230.142 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://176.9.92.137/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://176.9.92.137/

Response headers

Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified
Fri, 29 May 2020 23:03:21 GMT
Content-Encoding
gzip
Content-Length
9233
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=83988
Expires
Wed, 22 Jul 2020 11:02:28 GMT
Date
Tue, 21 Jul 2020 11:42:40 GMT
Connection
keep-alive
Vary
Accept-Encoding
truncated
/ Frame AC40 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3a907b8daed5306599f0e2de0a6e60255b0eeafc2437985c214714548dc2d0b8

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
rid
match.adsrvr.org/track/ 		0
0
Standard
s1.adform.net/stoat/620/s1.adform.net/load/v/0.0.190/e/.wSBgiD/i/vCAv.IAAAAFAAA/r:AdConstructor:contents/ImageTag:types/ Frame AC40 		85 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/620/s1.adform.net/load/v/0.0.190/e/.wSBgiD/i/vCAv.IAAAAFAAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
689df56042ee0762a9fd4aec128f6e6f97740678ba21d06b7bc523ae89aed018

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 21 Jul 2020 11:42:40 GMT
content-encoding
gzip
last-modified
Thu, 09 Jul 2020 14:30:32 GMT
server
nginx
status
200
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Wed, 22 Jul 2020 15:05:55 GMT
/
track.adform.net/csimpr/ Frame AC40 		35 B
457 B 		Other
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=37071191&csi=4jIKt9IbLpilLdrQtF1L9TxmDUhYUO-z_KNDl8hEUNw7QBUW9FNNcfvRiDt8eAf4CyzzGaTuIHviR3xC_s34CurHU619YUFbg67zctjt7CrgMgIwS67Djg2
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 21 Jul 2020 11:42:40 GMT
server
nginx
status
200
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
http://176.9.92.137
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
39189006.jpg
s1.adform.net/Banners/39189006/ Frame AC40 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/39189006/39189006.jpg?bv=3
Requested by
Host: 176.9.92.137
URL: http://176.9.92.137/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
d80363ccb12fc49592cdc1ae7c5cc0fccceda20737119bd1e8878c192edc1c8d
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 21 Jul 2020 11:42:40 GMT
last-modified
Thu, 09 Jul 2020 14:43:42 GMT
server
nginx
status
200
etag
"5f072d1e-4b27"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/jpeg
content-length
19239
5e25888d6f82ad050a0138d8
ng.virgul.com/tck/i_vb1/ 		0
332 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng.virgul.com/tck/i_vb1/5e25888d6f82ad050a0138d8?l=&r=153183@site_geneli@nefisyemektarifleri:site_geneli&cs=1595331760426
Requested by
Host: 176.9.92.137
URL: http://176.9.92.137/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.9.7.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 21 Jul 2020 11:42:40 GMT
Server
openresty/1.9.7.3
P3P
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin
http://176.9.92.137
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Tue, 16 Apr 2013 10:49:40 GMT
5e2588ae6f82ad050a013a52
ng.virgul.com/tck/i_vb1/ 		0
332 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng.virgul.com/tck/i_vb1/5e2588ae6f82ad050a013a52?l=&r=153187@site_geneli@nefisyemektarifleri:site_geneli&cs=1595331760427
Requested by
Host: 176.9.92.137
URL: http://176.9.92.137/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.9.7.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 21 Jul 2020 11:42:40 GMT
Server
openresty/1.9.7.3
P3P
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin
http://176.9.92.137
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Tue, 16 Apr 2013 10:49:40 GMT
5e2588ae6f82ad050a013a58
ng.virgul.com/tck/i_vb1/ 		0
332 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng.virgul.com/tck/i_vb1/5e2588ae6f82ad050a013a58?l=&r=153184@site_geneli@nefisyemektarifleri:site_geneli&cs=1595331760428
Requested by
Host: 176.9.92.137
URL: http://176.9.92.137/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.9.7.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 21 Jul 2020 11:42:40 GMT
Server
openresty/1.9.7.3
P3P
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin
http://176.9.92.137
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Tue, 16 Apr 2013 10:49:40 GMT
5e2588ae6f82ad050a013a56
ng.virgul.com/tck/i_vb1/ 		0
332 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng.virgul.com/tck/i_vb1/5e2588ae6f82ad050a013a56?l=&r=153185@site_geneli@nefisyemektarifleri:site_geneli&cs=1595331760428
Requested by
Host: 176.9.92.137
URL: http://176.9.92.137/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.9.7.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 21 Jul 2020 11:42:40 GMT
Server
openresty/1.9.7.3
P3P
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin
http://176.9.92.137
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Tue, 16 Apr 2013 10:49:40 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame AC40 		0
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvJYJYBeaQTH4agL1zcPEp-kTW74BqQRXZXPXJ3cYlM0vjUJRR1AbUlnLJcPwLn1Mnguwgmrv965DQYlTOn4HATI4PbPWGDmZcNOWPzq9cR1z4139KoNF8S2YPrUQATSAuQtmOy2_4zk1sl8bBgsJ86v0PoRnK9TEXNgkan30sQd6cykv0gtQ2foxiROzsIyzYP7bsJ6BEapZ-1RZgTOE3phYDakwS62ADiWeYYijVzyzTE3b9sDFo10FV_p9YJRw56nCRbs5YlBptPYQ&sai=AMfl-YQyc9WFBkyMkOvQA4VCFL0eFRpML2ZEr1VmubwQBo2WkYQ5csshpH0LIj2M3WOa-oXaEoyTAq-t9WuFJYn7QGTqfzJ2c-6taDQVxud9cQ&sig=Cg0ArKJSzEbLN0_p0GlKEAE&urlfix=1&adurl=
Requested by
Host: 176.9.92.137
URL: http://176.9.92.137/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 21 Jul 2020 11:42:40 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
rt=ifr
bcp.crwdcntrl.net/5/ct=y/c=14357/rand=896071899/pv=y/ Frame 0871
Redirect Chain
  • https://bcp.crwdcntrl.net/5/c=14357/rand=896071899/pv=y/rt=ifr
  • https://bcp.crwdcntrl.net/5/ct=y/c=14357/rand=896071899/pv=y/rt=ifr
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/5/ct=y/c=14357/rand=896071899/pv=y/rt=ifr
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/c/14357/cc_af.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.146.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

:method
GET
:authority
bcp.crwdcntrl.net
:scheme
https
:path
/5/ct=y/c=14357/rand=896071899/pv=y/rt=ifr
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://176.9.92.137/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
_cc_cc=ctst
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://176.9.92.137/

Response headers

status
200
date
Tue, 21 Jul 2020 11:42:40 GMT
content-type
text/html;charset=UTF-8
content-length
677
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control
no-cache
pragma
no-cache
expires
0
x-server
10.45.29.202
set-cookie
_cc_dc=1;Path=/;Domain=crwdcntrl.net;Expires=Sat, 17-Apr-2021 11:04:00 GMT;SameSite=None;Secure _cc_id=51114f7fbd85cbcbe802bca23a091072;Path=/;Domain=crwdcntrl.net;Expires=Sat, 17-Apr-2021 11:04:00 GMT;SameSite=None;Secure _cc_cc="ACZ4nGNQMDU0NDRJM09LSrEwTU5KTkq1MDBKSk40Mk40sDQ0MDdiAIJ4sSsbGOCA6%2FLzO7KMUwsY%2FjMyMpw7eogZxn7%2F2RLGvHTqERuMPe3hZxUY%2B%2FF5dRizbcNTbhj778YpLDD24cVz4OwLSGwA8HE12g%3D%3D";Version=1;Path=/;Domain=crwdcntrl.net;Expires=Sat, 17-Apr-2021 11:04:00 GMT;Max-Age=23328000;SameSite=None;Secure _cc_aud="ABR4nGNgYGCIF7uygQEGmBjYH7qBGBzbdwFJAEhABKM%3D";Version=1;Path=/;Domain=crwdcntrl.net;Expires=Sat, 17-Apr-2021 11:04:00 GMT;Max-Age=23328000;SameSite=None;Secure
access-control-allow-origin
*

Redirect headers

status
302
date
Tue, 21 Jul 2020 11:42:40 GMT
content-length
0
location
https://bcp.crwdcntrl.net/5/ct=y/c=14357/rand=896071899/pv=y/rt=ifr
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control
no-cache
pragma
no-cache
expires
0
x-server
10.45.25.54
set-cookie
_cc_cc=ctst;Path=/;Domain=crwdcntrl.net;SameSite=None;Secure
sodar
pagead2.googlesyndication.com/getconfig/ 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020071601&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020071601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eaf9b9cf92359e85d9957dfa47f615eac6f350bc8cca8e7292740d42c9ea0515
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 21 Jul 2020 11:42:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
5714
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020071601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 21 Jul 2020 11:42:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1591403518460474"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5540
x-xss-protection
0
expires
Tue, 21 Jul 2020 11:42:40 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame 4327 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/210/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://176.9.92.137/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://176.9.92.137/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
4590
date
Tue, 21 Jul 2020 11:00:59 GMT
expires
Wed, 21 Jul 2021 11:00:59 GMT
last-modified
Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
2501
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
csm
bidder.criteo.com/ 		0
141 B 		Other
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm?ptv=92&profileId=184
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

status
204
date
Tue, 21 Jul 2020 11:42:40 GMT
access-control-allow-credentials
true
server
Finatra
access-control-allow-origin
http://176.9.92.137
timing-allow-origin
*
vary
Origin
activeview
pagead2.googlesyndication.com/pcs/ Frame 8A0E 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjste7c7bLR3U4dwt81HMZYHQboAsHgMS-3c-joHOzP4U0UNlPyw64pDBdt1wMqTM4ZtSSXsG7N-ZUee1GkHL_8zjsGoCNRUHMgsCtGdg3XY&sig=Cg0ArKJSzHhqKSOxwOhBEAE&id=ampim&o=974,493&d=300,600&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=263&tls=1263&g=100&h=100&tt=1263&r=v&avms=ampa&adk=1938460470
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Jul 2020 11:42:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gpt_2020071601&jk=1786267436779091&bg=!3t2l3cVY1PcL_9eRnKECAAAA1FIAAAAmCgAYb3iVr0lcDd-nOGwq_ZN_PvCf7NS9SIjbmQGCOMt1EQgg6z1OCk2cYHmUgYs3Z46713KWF69pfmGn6Cpe1d6ZA853yDZvBKcEhOV-nwR4EVHmRfeFjRGdirxtilI_PVYyi8i-TBZRF5kTVgkUSWo85ihfn4xc9pmvkmme5mJIUgVQnWtqNk7HlIkDryKQEwjGdH1n75Wj0gMuSxp03ftNAU8vc4sqO63xNT8weTKbKM5HrrduNg2MbBpSeNMycCxdUBAaSB_o-LLGcK9wphy4xghLA-IGaM6Ja3EgAlWzZZ-TJusTty_r271jvXBpj1jHj9hl_nlygOaFfdTAGWHrS3IWEx8W5NS7-k5O44gRIHSFhqYJyNJWLpqpG0FQeKt8vr5qYnJE5c_hwH4Zg_eG9tKPEfjIRlAakkJ0EfUzc9NLklHX7CMUamZK-TsP0q0okuiYekZapfqT3_HYI2hlPAkjmtDBxs_yNZ2FbQG8qXhm64Re7ZTAVorJZD3utJXrj49yd8bzMb_6KyHzWZYUpII8LJeFaecwcVafAwQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Jul 2020 11:42:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
5e25888d6f82ad050a0138d8
ng.virgul.com/tck/i_vb2/ 		0
332 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng.virgul.com/tck/i_vb2/5e25888d6f82ad050a0138d8?l=&r=153183@site_geneli@nefisyemektarifleri:site_geneli&cs=1595331761429
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.9.7.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 21 Jul 2020 11:42:41 GMT
Server
openresty/1.9.7.3
P3P
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin
http://176.9.92.137
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Tue, 16 Apr 2013 10:49:40 GMT
5e2588ae6f82ad050a013a52
ng.virgul.com/tck/i_vb2/ 		0
332 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng.virgul.com/tck/i_vb2/5e2588ae6f82ad050a013a52?l=&r=153187@site_geneli@nefisyemektarifleri:site_geneli&cs=1595331761429
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.9.7.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 21 Jul 2020 11:42:41 GMT
Server
openresty/1.9.7.3
P3P
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin
http://176.9.92.137
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Tue, 16 Apr 2013 10:49:40 GMT
5e2588ae6f82ad050a013a58
ng.virgul.com/tck/i_vb2/ 		0
332 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng.virgul.com/tck/i_vb2/5e2588ae6f82ad050a013a58?l=&r=153184@site_geneli@nefisyemektarifleri:site_geneli&cs=1595331761429
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.9.7.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 21 Jul 2020 11:42:41 GMT
Server
openresty/1.9.7.3
P3P
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin
http://176.9.92.137
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Tue, 16 Apr 2013 10:49:40 GMT
5e2588ae6f82ad050a013a56
ng.virgul.com/tck/i_vb2/ 		0
332 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng.virgul.com/tck/i_vb2/5e2588ae6f82ad050a013a56?l=&r=153185@site_geneli@nefisyemektarifleri:site_geneli&cs=1595331761429
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.9.7.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 21 Jul 2020 11:42:41 GMT
Server
openresty/1.9.7.3
P3P
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin
http://176.9.92.137
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Tue, 16 Apr 2013 10:49:40 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame AC40 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss-7Pu5KNmsVD0ipHE_uiXBlhqNs6GwqN6xGerXbM8XlVml32LY9845ljU-brKPXeDCCTCIa2o4aohTLLsI5lVYUCPeol33a27rBL659U4&sig=Cg0ArKJSzOzDs3K2toQuEAE&adk=888613117&tt=-1&bs=1600%2C1200&mtos=0,1022,1022,1022,1022&tos=0,1022,0,0,0&p=303,436,397,1164&mcvt=1022&rs=3&ht=0&tfs=484&tls=1506&mc=0.95&lte=0.95&bas=0&bac=0&met=mue&avms=nio&exg=1&md=2&btr=0&cpmav=0&lm=2&rst=1595331759372&dlt&rpt=817&isd=0&msd=0&ext&xdi=0&ps=1600%2C4260&ss=1600%2C1200&pt=-1&bin=4&deb=1-0-0-11-13-10-10-0-0-0&tvt=1494&is=728%2C90&iframe_loc=http%3A%2F%2F176.9.92.137%2F&r=v&id=osdim&vs=4&uc=11&upc=1&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=0x0&itpl=19&v=20200720
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Jul 2020 11:42:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
track.adform.net/serving/unload/ Frame AC40 		35 B
466 B 		Other
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=-5013701607940725581@@37071191,8391090727167864512,100|1116|0|0|0|0|0|0|0||38|0|31|df7f4eaab164705ab9522222a8af75a3712517d4_1|||1|0|0|KOjObXmL1PaBfdgfkDzX9tigDLEnZoLCZ6P6dC81t6W7TKwo6QB96dgcAQVrBWbgK0h1jmVXMkM1|||11|0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 21 Jul 2020 11:42:41 GMT
server
nginx
status
200
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
http://176.9.92.137
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/Serving/Event/ Frame AC40 		35 B
303 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.adform.net/Serving/Event/?bn=37071191&event=178&time=2&baid=39189006&name=Viewable%20impressions&imprid=8391090727167864512&icid=-5013701607940725581&eData=4jIKt9IbLphNn_lv3McOqTP1t_rBznXBjCfiuQyGD_Uoj4SFDoRbILqzpS_GUF24o_ZS0_uUO1FCbfMJu6bHrw2&rtbdata=Anqjj2BazSN8rUhd3LTVNV0sWdyCBB5ewJizBbTtnCLBHEjRJZQSSbrMZoyhImrtOSdrykVRA-_PriehbPoGy7culqmsd9xWWkmAZQbia6AwxdqB9EPCNfZCi5GD3YWzylmy_USDajZBOi1QZ3PfwpHcYHfidYYY3MmUyzKdGpBatUv8XmC_ZcAHCgunmjigpoL6pZRaLPEHguav5NGT62sRFU61vd67I5WxZzDQfg6riYlAKSyhS775Oz-Jutmv0&rtbwp=7C80B05F78AC1AA0&rnd=457245783
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Jul 2020 11:42:41 GMT
server
nginx
status
200
strict-transport-security
max-age=31536000; includeSubDomains
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
expires
-1
fbevents.js
connect.facebook.net/en_US/ 		134 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: 176.9.92.137
URL: http://176.9.92.137/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f630c6ea4e44c35a93c0ee2950e68857311d9500d6025abe4a5db3ecaf270e3c
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
34220
x-xss-protection
0
pragma
public
x-fb-debug
3axJ/ne2k/xLBbCMoyuCBoKa630w9MvWCHGsRHYsagsL/A5WMRPDSNx2oVysfVN3cI0vdbdx8J9wva72h5OWmA==
x-fb-trip-id
2011651281
x-frame-options
DENY
date
Tue, 21 Jul 2020 11:42:41 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
1877570159153553
connect.facebook.net/signals/config/ 		522 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1877570159153553?v=2.9.22&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7c0d73e789db4fc72ba21c14b5f17e318f0fe46030dc70fd952f0f4324d80d0c
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
134557
x-xss-protection
0
pragma
public
x-fb-debug
KF0cz96E+KZeZtiObTvYRtQfKjxKf/er/jcyns030uEeciydZ4OVvDDpX0hOXJ6czyKG7Bt5UnE/NQEuGCK7aA==
x-fb-trip-id
2011651281
x-frame-options
DENY
date
Tue, 21 Jul 2020 11:42:41 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame 8C9D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid3.25.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.230.142 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://176.9.92.137/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://176.9.92.137/

Response headers

Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified
Fri, 29 May 2020 23:03:21 GMT
Content-Encoding
gzip
Content-Length
9233
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=83987
Expires
Wed, 22 Jul 2020 11:02:28 GMT
Date
Tue, 21 Jul 2020 11:42:41 GMT
Connection
keep-alive
Vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 2C9F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid3.25.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.122.252.114 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://176.9.92.137/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://176.9.92.137/

Response headers

Last-Modified
Tue, 14 Apr 2020 10:27:52 GMT
ETag
"13006b6-a4bb-5a33da6f1a023"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
15243
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=97651
Expires
Wed, 22 Jul 2020 14:50:13 GMT
Date
Tue, 21 Jul 2020 11:42:42 GMT
Connection
keep-alive
Vary
Accept-Encoding
/
www.facebook.com/tr/ 		44 B
262 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1877570159153553&ev=PageView&dl=http%3A%2F%2F176.9.92.137%2F&rl=&if=false&ts=1595331761993&sw=1600&sh=1200&v=2.9.22&r=stable&ec=0&o=30&it=1595331761829&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 21 Jul 2020 11:42:41 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Tue, 21 Jul 2020 11:42:41 GMT
5e25888d6f82ad050a0138d8
ng.virgul.com/tck/i_vb3/ 		0
332 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng.virgul.com/tck/i_vb3/5e25888d6f82ad050a0138d8?l=&r=153183@site_geneli@nefisyemektarifleri:site_geneli&cs=1595331762430
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.9.7.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 21 Jul 2020 11:42:42 GMT
Server
openresty/1.9.7.3
P3P
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin
http://176.9.92.137
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Tue, 16 Apr 2013 10:49:40 GMT
5e2588ae6f82ad050a013a52
ng.virgul.com/tck/i_vb3/ 		0
332 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng.virgul.com/tck/i_vb3/5e2588ae6f82ad050a013a52?l=&r=153187@site_geneli@nefisyemektarifleri:site_geneli&cs=1595331762430
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.9.7.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 21 Jul 2020 11:42:42 GMT
Server
openresty/1.9.7.3
P3P
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin
http://176.9.92.137
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Tue, 16 Apr 2013 10:49:40 GMT
5e2588ae6f82ad050a013a58
ng.virgul.com/tck/i_vb3/ 		0
332 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng.virgul.com/tck/i_vb3/5e2588ae6f82ad050a013a58?l=&r=153184@site_geneli@nefisyemektarifleri:site_geneli&cs=1595331762430
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.9.7.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 21 Jul 2020 11:42:42 GMT
Server
openresty/1.9.7.3
P3P
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin
http://176.9.92.137
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Tue, 16 Apr 2013 10:49:40 GMT
5e2588ae6f82ad050a013a56
ng.virgul.com/tck/i_vb3/ 		0
332 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng.virgul.com/tck/i_vb3/5e2588ae6f82ad050a013a56?l=&r=153185@site_geneli@nefisyemektarifleri:site_geneli&cs=1595331762431
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.9.7.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 21 Jul 2020 11:42:42 GMT
Server
openresty/1.9.7.3
P3P
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin
http://176.9.92.137
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Tue, 16 Apr 2013 10:49:40 GMT
/
www.facebook.com/tr/ 		44 B
263 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1877570159153553&ev=Microdata&dl=http%3A%2F%2F176.9.92.137%2F&rl=&if=false&ts=1595331762497&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Nefis%20Yemek%20Tarifleri%20-%20Kolay%20ve%20Pratik%20Yemek%20Tarifleri%22%2C%22meta%3Adescription%22%3A%22Tamam%C4%B1%20denenmi%C5%9F%20ve%20foto%C4%9Fraflanm%C4%B1%C5%9F%20olan%20yemek%20tariflerinin%20bulundu%C4%9Fu%20Nefis%20Yemek%20Tarifleri%20T%C3%BCrkiye%27nin%20en%20%C3%A7ok%20okunan%20yemek%20tarifleri%20sitesi.%22%2C%22meta%3Akeywords%22%3A%22Nefis%20Yemek%20Tarifleri%2C%20yemek%20tarifleri%2C%20yemektarifleri%2C%20resimli%20yemek%20tarifleri%2C%20nefis%20ev%20yemekleri%2C%20resimli%20yemekler%2C%20kolay%20yemek%20tarifleri%22%7D&cd[OpenGraph]=%7B%22og%3Asite_name%22%3A%22Nefis%20Yemek%20Tarifleri%22%2C%22article%3Apublisher%22%3A%22https%3A%2F%2Fwww.facebook.com%2FNefisYT%2F%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Organization%22%2C%22name%22%3A%22Nefis%20Yemek%20Tarifleri%22%2C%22url%22%3A%22https%3A%2F%2Fwww.nefisyemektarifleri.com%2F%22%2C%22logo%22%3A%22https%3A%2F%2Fcdn.nefisyemektarifleri.net%2Fwp-content%2Fthemes%2Fnefistema%2Fimages%2Flogo.png%22%2C%22sameAs%22%3A%5B%22https%3A%2F%2Fwww.facebook.com%2FNefisYT%22%2C%22https%3A%2F%2Ftwitter.com%2Fnefisyt%22%2C%22https%3A%2F%2Fwww.instagram.com%2Fnefisyemektarifleri%2F%22%2C%22https%3A%2F%2Fwww.youtube.com%2Fuser%2FNefisYemekTarifleri%22%2C%22https%3A%2F%2Ftr.pinterest.com%2Fnefisyt%2F%22%2C%22https%3A%2F%2Fwww.linkedin.com%2Fcompany%2Fnefis-yemek-tarifleri%22%5D%7D%5D&sw=1600&sh=1200&v=2.9.22&r=stable&ec=1&o=30&it=1595331761829&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 21 Jul 2020 11:42:42 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Tue, 21 Jul 2020 11:42:42 GMT
5e25888d6f82ad050a0138d8
ng.virgul.com/tck/i_vb4/ 		0
332 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng.virgul.com/tck/i_vb4/5e25888d6f82ad050a0138d8?l=&r=153183@site_geneli@nefisyemektarifleri:site_geneli&cs=1595331763432
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.9.7.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 21 Jul 2020 11:42:43 GMT
Server
openresty/1.9.7.3
P3P
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin
http://176.9.92.137
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Tue, 16 Apr 2013 10:49:40 GMT
5e2588ae6f82ad050a013a52
ng.virgul.com/tck/i_vb4/ 		0
332 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng.virgul.com/tck/i_vb4/5e2588ae6f82ad050a013a52?l=&r=153187@site_geneli@nefisyemektarifleri:site_geneli&cs=1595331763433
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.9.7.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 21 Jul 2020 11:42:43 GMT
Server
openresty/1.9.7.3
P3P
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin
http://176.9.92.137
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Tue, 16 Apr 2013 10:49:40 GMT
5e2588ae6f82ad050a013a58
ng.virgul.com/tck/i_vb4/ 		0
332 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng.virgul.com/tck/i_vb4/5e2588ae6f82ad050a013a58?l=&r=153184@site_geneli@nefisyemektarifleri:site_geneli&cs=1595331763434
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.9.7.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 21 Jul 2020 11:42:43 GMT
Server
openresty/1.9.7.3
P3P
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin
http://176.9.92.137
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Tue, 16 Apr 2013 10:49:40 GMT
5e2588ae6f82ad050a013a56
ng.virgul.com/tck/i_vb4/ 		0
332 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng.virgul.com/tck/i_vb4/5e2588ae6f82ad050a013a56?l=&r=153185@site_geneli@nefisyemektarifleri:site_geneli&cs=1595331763434
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.9.7.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 21 Jul 2020 11:42:43 GMT
Server
openresty/1.9.7.3
P3P
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin
http://176.9.92.137
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Tue, 16 Apr 2013 10:49:40 GMT
/
track.adform.net/serving/unload/ Frame AC40 		35 B
466 B 		Other
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=-5013701607940725581@@37071191,8391090727167864512,100|4715|0|0|0|0|0|0|0||161|0|31|df7f4eaab164705ab9522222a8af75a3712517d4_1|||1|0|0|KOjObXmL1PaBfdgfkDzX9tigDLEnZoLCZ6P6dC81t6W7TKwo6QB96dgcAQVrBWbgK0h1jmVXMkM1|||01|0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
http://176.9.92.137/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 21 Jul 2020 11:42:45 GMT
server
nginx
status
200
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
http://176.9.92.137
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
match.adsrvr.org
URL
http://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json

Verdicts & Comments Add Verdict or Comment

278 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| nythomeurl boolean| nyt_user_firstname boolean| nyt_load_user_videos_from_ext string| nyt_push_target string| ajaxurl object| noktaScript object| noktaad object| dataLayer function| gtm_trigger_virtual_data function| CriteoAdblock object| Criteo object| criteo_pubtag object| _wpemojiSettings function| fbAsyncInit function| jfb_js_login_callback undefined| $ function| jQuery function| enlerSecimDegisti function| enlerChangerTiklandi function| bugunTiklandi function| buHaftaTiklandi function| buAyTiklandi function| buYilTiklandi function| tarihTiklandi function| enCokOkunanTarifler function| enCokDeftereEklenenler function| enCokYorumlananlar function| nytTopBarLogoAnimate function| adMastHeadClosed function| sendEventToAnalytics function| closeVeriUyari function| is_nyt_app function| init function| nyt_do_single_post_auto_load function| load_and_show_related_posts function| load_and_show_related_blogs function| load_and_show_comments function| nyt_do_sticky_ad function| do_sticky_masthead function| activityImageClicked function| activityOverlayImgClicked function| loadingOverlayClick object| _validFileExtensions function| nytFBLogin function| meLinksMenuTiklandi function| activityOverlay function| needsLoginPopup function| showUserPhoto function| showPrevUserPhoto function| showNextUserPhoto function| showUserImageDiv function| createUserImagePopupDiv function| nyt_lazy_load_image function| img_create function| lgfFbGirisTiklandi function| lgfUyeGirisTiklandi function| inputClicked function| mgalink function| bodyClicked function| mansetSagaKay function| mansetSolaKay function| takipciyeGoreYazarlarSagaKay function| takipciyeGoreYazarlarSolaKay function| tarifSayisinaGoreYazarlarSagaKay function| tarifSayisinaGoreYazarlarSolaKay function| nytDivSlider function| formTextClick function| benzerTarifler function| yazarinDigerTarifleri function| ytdOrBt function| kategorilerClicked function| uyeGirisLinkClicked function| mansetDevamYukle function| sidebarYazarlarmiz function| sidebarTarifDefteri function| nyt_favorite_animate function| nyt_favorite_animate_new function| wpfp_after_ajax function| kategoriyeTiklandi function| kategoriAltKategoriTiklandi function| close_modal function| _get_collection function| show_mobile_kullanici_foto function| loadContentWithAjax function| trim12 function| open_popup function| loadingOverlay function| malzemeleriGizleGoster function| postRecipe function| nytFormTooltip object| ratingsL10n object| ratings_mouseover_image function| nyt_bp_flash_msg function| is_local_storage_supported function| show_abuse_popup string| nyt_domain function| maybe_show_notification_popup function| guid function| nyt_cookie_domain object| ak_js object| commentForm object| replyRowContainer undefined| children object| jQuery112405970592423939609 object| trendingContent object| populerkeywords object| BP_DTheme object| google_tag_manager boolean| nyt_show_ads object| google_tag_data string| GoogleAnalyticsObject function| ga object| twemoji object| wp string| hdn boolean| useIntersectionObserver object| disabledRefreshZones boolean| showingPage string| virgulRedirect boolean| userTookAction string| virgulRefreshFunc boolean| pageHasAdBlock boolean| chSiFfoLoaded object| betterAds boolean| fullscreenAdStarted object| virgulStopperTimer object| virgulInactiveTimer function| showPageChk function| scrChange function| stopVirgulRefresh function| callInactiveAds object| googletag object| gads object| node object| newscri string| noktaLogMode object| abdf function| addPrebidJs function| isElVisible function| getElVisibility object| adVis object| adMVis function| elVisibilityCheck function| loadPlayerAds function| virgulUserClicked function| showVirgulSplash function| showVirgulFullscreen function| removePageskin function| displayPageskin function| checkAndSendViewabilityReq function| visibilityCheck function| adblockCheck function| skipAd function| closeRoadBlock function| addBuster function| loadNoktaBusterEvents string| eventMethod object| newstyle object| ruleAdd object| xb object| cssruleelm object| cssRules object| pbjs object| PWT undefined| noktaAutoCheckZones string| noktaSite function| setUpAgknTag object| obsrvArr number| bchck string| csr object| gaplugins object| gaGlobal function| onYouTubeIframeAPIReady object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken boolean| google_plmetrics object| google_reactive_ads_global_state boolean| _gfp_a_ object| adsbygoogle object| LOTCC_14357 object| LOTCC object| gaData function| owpbjsChunk object| owpbjs object| _pbjsGlobals object| __core-js_shared__ object| OWT object| closure_memoize_cache_ object| virgulAdIntervals object| virgulPageAds object| noktaGSlts object| noktaDfpSlots object| noktaCuSlts object| noktaDisabledGids object| nogrt boolean| ngcr boolean| hasCrite function| refreshGoogle function| needVirgulRefresh function| displayGoogleAd object| checkDomainsForCriteo object| noktaHeaderBidding object| virgulGoogleDisplayed object| noktaHeaderBiddingSettings boolean| virgulEnableSingleRequest boolean| noktaScriptLoaded function| pbjsChunk function| JSEncrypt object| ADAGIO function| agknTagBuilder object| _agknTag string| _agknTagName object| _agknEchoTag number| _isAgknTagSet function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter boolean| sendGoogleRefreshStarted boolean| dfpCodePushed function| checkTower function| nytSlotCheck function| gel function| gcl function| gtl function| addDiv function| postDisplayPageskin function| removeNoktaPageskin function| initCustomNoktaAds boolean| playerStickyClosed number| mobilePlayerWidth number| mobilePlayerHeight function| addDataCollector function| removeStickyPlayer function| noktaPlayerStickyPlayer boolean| isVirgulMobile boolean| hasVirgulPageskin boolean| initCustomNoktaAdsInited number| isOutstreamstreamPlayer boolean| stickyPlayerClosed boolean| playerIsSticky boolean| stickyButtonShowed function| removeBannerDiv number| extraTowerHight function| sidebarShow object| sas object| apntag object| _ADAGIO string| mm number| u number| __google_ad_urls_id number| google_unique_id object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired object| ampInaboxIframes object| ampInaboxPendingMessages object| msgData function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| comingAds object| Adform boolean| __adform_onload function| ADFReload function| ADFCall function| ADFcall object| GoogleGcLKhOms object| google_image_requests function| fbq function| _fbq

2 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: IDE
Value: AHWqTUm-cHfpMB2aA3VXUBQOT4ukMXD3vdRHzwiwfQbWsr6tFi-LIztwzZ5HCWCc
.virgul.com/ Name: pId
Value: vnetfd11e9e1-c169-4c52-9d89-feb9c520aec7

20 Console Messages

Source Level URL
Text
console-api log URL: https://static.criteo.net/js/ld/publishertag.js(Line 1)
Message:
%cPubTag color: #fff; background: #ff8f1c; display: inline-block; padding: 1px 4px; border-radius: 3px; ERROR: can't display acceptable ad : the container "crt-1515271" is not visible
console-api log URL: https://c.nefisyemektarifleri.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.11.0(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1
console-api debug URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=18464(Line 1)
Message:
Identity hub inited
console-api warning URL: http://ads.pubmatic.com/AdServer/js/pwt/159432/2452/pwt.js(Line 1)
Message:
fun-hooks: referenced 'registerAdserver' but it was never created
console-api debug URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=18464(Line 1)
Message:
387 ms: Nokta ads loaded.
console-api debug URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=18464(Line 1)
Message:
388 ms: 153183 zone ad is placing to data-nokta-zone attribute=> 153183
console-api debug URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=18464(Line 1)
Message:
391 ms: 153183 is placed.
console-api debug URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=18464(Line 1)
Message:
391 ms: 153188 zone ad is placing to data-nokta-zone attribute=> 153188
console-api debug URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=18464(Line 1)
Message:
400 ms: 153188 is placed.
console-api debug URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=18464(Line 1)
Message:
400 ms: 153191 zone ad is placing to data-nokta-zone attribute=> 153191
console-api debug URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=18464(Line 1)
Message:
408 ms: 153191 is placed.
console-api debug URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=18464(Line 1)
Message:
408 ms: 153187 zone ad is placing to data-nokta-zone attribute=> 153187
console-api debug URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=18464(Line 1)
Message:
410 ms: 153187 is placed.
console-api debug URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=18464(Line 1)
Message:
415 ms: 153184 zone ad is placing to data-nokta-zone attribute=> 153184
console-api debug URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=18464(Line 1)
Message:
418 ms: 153184 is placed.
console-api debug URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=18464(Line 1)
Message:
418 ms: 153185 zone ad is placing to data-nokta-zone attribute=> 153185
console-api debug URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=18464(Line 1)
Message:
424 ms: 153185 is placed.
console-api warning URL: https://static.virgul.com/theme/mockups/outside/prebid3.25.0.js(Line 3)
Message:
fun-hooks: referenced 'registerAdserver' but it was never created
console-api info URL: https://cdn.ampproject.org/rtv/012007102309000/amp4ads-v0.js(Line 419)
Message:
Powered by AMP ⚡ HTML – Version 2007102309000 http://176.9.92.137/
console-api warning URL: https://cdn.ampproject.org/rtv/012007102309000/amp4ads-v0.js(Line 21)
Message:
[amp-analytics/transport] Response unparseable or failed to send image request https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvF2IlW3NSrcbnjw6_0vhW2c4aM1amtZsgXfITSryG1lZWSMNiYQaVB6E0UZkiX73l20qHeAto4ouSWnxODFp4ZHkyu2C1L3hcFR3TkCyRigoAlaR3UCphatNjsb30pFX3GSJS6fYj5m6rqWJpFeaPYICqFyYa3hQAaG1J0pYcONiWqyvQXZ70BwxtZ1iFCISVwpcsCmkm4JXp_bNsF0FH0aWpgSrl-t66yMebRK_S6X5Ph5W82goEHBTGKJXxJXoSft3WpPCshORipfwlAv6_k&sai=AMfl-YQoxmM5VCNrzPxzV87DoBieB_2WymRktnLISSOa3i3M1HDsylgZHknHs3YQhMIC03ID_U5r5d9iRFmTylHdy52Ug6-0bwgfrCOd63zmFKWRIF1m3OygXcTQzoU5dtV4&sig=Cg0ArKJSzI2SUfONx6QXEAE&adurl=

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5108c0169a02a2d0abaed8431efbdce9.safeframe.googlesyndication.com
ad.doubleclick.net
ads.pubmatic.com
adservice.google.com
adservice.google.de
ampcid.google.com
ampcid.google.de
ap.lijit.com
bcp.crwdcntrl.net
beacon-eu-ams3.rubiconproject.com
bidder.criteo.com
c.nefisyemektarifleri.com
cdn.ampproject.org
connect.facebook.net
d.agkn.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.gstatic.com
gum.criteo.com
hbopenbid.pubmatic.com
i.nefisyemektarifleri.com
js.agkn.com
match.adsrvr.org
mn.nytcdn.com
mug.criteo.com
ng.virgul.com
ng2.virgul.com
pagead2.googlesyndication.com
prebid-server.rubiconproject.com
s.w.org
s1.adform.net
samsungturkey.demdex.net
script.4dex.io
securepubads.g.doubleclick.net
static.criteo.net
static.nefisyemektarifleri.net
static.virgul.com
stats.g.doubleclick.net
tags.crwdcntrl.net
tpc.googlesyndication.com
track.adform.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
match.adsrvr.org
104.111.230.142
13.35.254.115
172.217.21.198
176.9.92.137
178.250.2.131
178.250.2.146
185.64.189.112
185.7.176.221
185.7.176.223
192.0.77.48
213.19.162.31
213.19.162.67
216.52.2.48
216.58.208.34
2600:9000:214f:7000:15:efbc:e300:93a1
2600:9000:214f:9c00:19:fc2c:a140:93a1
2606:4700:10::6814:e66f
2606:4700:3032::ac43:c1c0
2606:4700:e2::ac40:8620
2a00:1450:4001:800::2004
2a00:1450:4001:802::2001
2a00:1450:4001:814::200e
2a00:1450:4001:818::2001
2a00:1450:4001:819::2001
2a00:1450:4001:819::200e
2a00:1450:4001:81b::2002
2a00:1450:4001:81d::2003
2a00:1450:4001:821::2003
2a00:1450:4001:821::2008
2a00:1450:4001:821::200e
2a00:1450:400c:c00::9c
2a02:2638:1::13
2a02:2638:1::3
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
31.3.2.119
37.157.6.234
37.157.6.246
52.211.146.59
52.58.146.181
54.154.174.199
92.122.252.114
0202f0901fac2f921d73cc1016166ed7974cc4301e7c64a04568555382861701
03b0b59c315a3f33532088d516f901b9796cc627342740fa856f56dd9292b0d0
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
06d77b2acaee76b08f69fce135dca0db0d5b6dc8d9102334c88b98fb831b20d6
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
0967326db6565438e24f8882af8c9a1b40e1bf52c6722a15a4a8b3abfacd7c08
0b14bfaba58d2340abd8549b91bbc10de1291a32b8839cc0c648ed31a620089a
10662d594e623f0caf8c42148d6f98e4caf9e6c1566ccd3eef75909787743a6a
108427078f07752635b4f5954f2b42ad60737031c9da67c42cccd9b293ec628a
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11037886dcca7f8822aa69fe62a5718cbd1b8577057948bb8647fc06164a0b40
14b45225007de174dfacdaa3345b4b7e444c01d8a0704d314e4968d0b99c90d8
160a52632666d0c48a001d812b10401b6d6d8d88f0ffbd49c9f9bc58d95715b7
17329bf74aaad9e7c6fcf6aa52a684d35c0bd64a5b7721da6a55087b62475da2
19ddce3a802a242aa950f7c8fc170566498c8f72d666c29e93e25caaeab7be14
1a351abc3f3b435497ddb8a55f09268d3e641dc22455deac06cf0181a4de52ee
1c09d2be2d709bc3e5a3c556696aebb1bf254d937ac4e7b1e72f6ae518ca15cc
1d719a7b7ef17ad476a644a196c6130ed955f5ab06f7bac34632f44d4772bfe5
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
22279ec44983aa3c90c39b383d8cf4a1ae51c3f972876c31d7f7b07acf486c27
261d5f75bd2ea7330cbf381e921746b1ecf9d062216a23634d4ff388e0c3fe12
26897ba4be6ae4605c3d445dba771e5e229fd66a3bbeb72cbc15a417cd31fed5
272f0b94a4cc8f18c95a3b9519ff5e850ddb2b1c6c6cc27df4cc306a4886ae88
283f7c75c46539e1f4ce67e992e870ed9ea49222022cf7d5598770c8f97718d1
2a0568297b4d132e1e66fc33f519a3a3d3a4eee719b9b83fabe7c1d3fa34dcbc
2a99c422ec7298e807fe4c96e313a916a0da2da57a1f53bb314c02f42724b111
2cbaa837767f90684082c8646e641a9a025a3b895fa392b51934a704acbb66db
345e2a5eca229ef4264ac9f1a96da025f926d90d8b50f8858b3629dd64b42508
3482e4cf3b58ee296d51a04a522050936080c5b1e2ae7516b6199ae68297ece7
3920a2264135d609d3031e5f4b9b0a1c8b39fed08cc60036eb6583603aaf914b
3a907b8daed5306599f0e2de0a6e60255b0eeafc2437985c214714548dc2d0b8
3c6dd0c57b6fb75cda25a2cb611c97303472978d5af5c92537fa020d1d112f57
3eef9b77571d73d6c2b1d3306a5f3a38a4cfea802b7585f2d60106303751826d
3fa32e5b32dedd8b59975f984b83cafd22e4defe1d9c4c36f85444e3afaeb4d3
40a1ccc2209fae7059733697388929db1a280a479dd6c5bf58914c3cdb8f3959
44d66acc68e9f70e2694f74f0f21431eeba08158cd455045c6b6be4292c896f0
483109897bbfaedefd401d860430ee3300626493e53dcf0a8bc545fe1290dfb7
488371624e2b23b5e2243c8a40fe23c82cfe992f6c7052421c66e982e68b2fec
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4e6ed12228e776748b0d101a72a45a3843a5ecf19873a1467483d2e202852441
4f535d5ad52240b624fb581075f1702ebc4a1014b9402c6931f893bc9d822b22
4fdf7ecc271dfe1b62737be233be9880363a6395831bdb1bee4fb0306ddbe1b4
513d6ea74b29baab297d105452e6aecc77ebf7b0403697432664e7e0080febd6
528ef8aadc1beaa0c03edc1bf1cd551389facdd9e3688aabf8779ca0b4e9bbe3
58bccf1d72601c43106ef30ca2955b5cf82cfbca6020fb5d4344c67cefd873a8
592b055e38f1c2bfbd1b925ce546b93990f31ea2f945a57d6d939eadfc55e997
5e5b8e25541257e9ccea8199657b27ee53af841ce6d58b9baebc547ae48d28f3
6425c424e610cb43349aa555c085744ba567c91fd1f1bda975f13224aab27f0b
689df56042ee0762a9fd4aec128f6e6f97740678ba21d06b7bc523ae89aed018
69e0d9e5288b3807279fbc567aaf9b4d140e3e2d78f3e0728251fc5b8fd303e8
6b33bbaf93eac4b167141f79f6bc46cf7feec35678d30e89415eb72ba060d28b
714a7833e206f7badfb389684a5f9be4ca3460a74ae5607dcd34ca291f7dc26e
732d5765c33eff81c7825dcc5e8cd1eda32dc04f39da7cae66accf9580b1e3a7
73c9864c6fc5df6f35c9b03cc9eb1e8e72956efe1cbc004e0f44729b0d03cc3f
75aec09e5467d9d0f2f4158809f3e9ed23f71e9340f8df415d6139b9ff4c30de
784733c218ed9da09c28e7a022c5de1de69ab0a48bd8382e6e75dae37dc3ec41
7c0d73e789db4fc72ba21c14b5f17e318f0fe46030dc70fd952f0f4324d80d0c
8092a6f926c93052c0a491c68242410a34e6254248c58c4e02697729b581d0b2
82fa4edcb8f458a88938a6f360b66b41c12fd95f98d53d6d4016d58687b68a3d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86805f44e219c56d9347426133aae1bdde36713969e4a3e13437993db92872c7
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
88c55fbec08c4264b185f51a619b15f3010cbc3329532cd0b997df67b73f54b9
8b190353d4e4c82b22033d9f512f789ca73092e756ba4ab8ad744d68e84ffc46
932f2b501cee670fc5a5ff2566926a652497d9b7194c3b15579a9c0c3baf0f69
93daf4624cd99525cadf79bf6e4e57f48a95ffee2076dc468bdc6834a14f6782
9647158f17a3e482e4a64041911cf731dd19fac2630f5bd5c0338d12e7462d23
97a4f7fb7aafec5f72a69ef4ccce75b46fe77eee5623b95766e0eca1cbee4f2d
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9ca8e213054d163276dedede01f9eaedf3daf414063621030719d3cbde1eca51
9fdfcb86b2f16ee70e2f5592dfad1a679ad4b13097ae08ca32d595efa73d7db9
a92639b8eb1f5bfc907f31827f7d16fe1291aaa13cfea4daa251375d3c2804a4
a982f0acb3a93c0b3044df5d1f5d1d70d48b6fc212b3f9d3136958f517ee4266
b049ed41d9e6f934d259a8d26d1e5f988625aeec6101d4151a73efbd2732cd91
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4edc88905d624008e195c981b137de3c9b60073adcec5696d2126a014082d7e
b827e99524fde9405eb682910df1a3a66a261f55989907c2444de1a6ddebe1fb
bc2cb0c9a660884fd7cae62a1580fa40a40d2c76cd5947d9e5e013aafd7367a0
be45b9e75522fb8d43d58f24ed1269a7cb1db9326058301ef2c30b217082c543
bf6f96985d9f9ab3332721601ff06191bfb8630e60fcf414cdde0cdf4e5eb811
c029284ad7c78a2e4fc922a7101c0746eb0404049656b51fafe9ca6666d026bf
c155e73382a609c3670999efd2a5031a2953ba056680a1c8124a493e1d56e03e
c499a2895e59b7744a80f33f7b66618f1064176517a2482a2d88d96e55447e43
c97a58eaacad7f6e1a1b0b6a92987b68301be2df6399f3c34104170b069e8af7
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cf8fb06163cf8a726373ac8f00b3a23b4a02de1c6ed045bc4b84071421f2d1f2
d0397051fc31d1382bc5b1809f1a3c8e067bfd69e26f64eb3a62952c5526086a
d112ec6d473dc6789d4650ffc8c2162d2bfd625c65963667feee3ac464e87755
d21cb16f026aed82cbf5581001161ea1fb52b619bf50048ac587aab5b939e6e0
d7c9b72b83effd2a37450d5431f9a732620ebfb73244a5b2d80a716e33ba2ca9
d80363ccb12fc49592cdc1ae7c5cc0fccceda20737119bd1e8878c192edc1c8d
d8eb0f5543923bdfbb83d9b787939792ad6b569281cfc77797b28bdb8d30c1d7
d9fd0aeda423bd39a36871759ef7b17dab3d51e5981cd5839103f990b8b9ef60
db087f4cf06a580ec8564077755aeecaaeba86fb0632317ca2102a885d5063f9
dc82de33871a9ed40a5379ed264dd0456d9bf58839286b913231648f527bc72b
dd3f0aa44cebd94ff82613261f00653e3cd3f6fe1d91a63b7bc928202e16e16c
de2181a33594f9109e9e48ecf4d5431585340ad5d9a3ba7ab57939f5afe90d32
dfdcb66ce83376872be3d63cee3155a7737b92b9b89d9a5385ac12a597604ed1
e1a1764084b3db3393a9f7b5a4b66ece9030e1db623f93114e3f44484a79b99c
e31c5832975e667d176e1834b851a4e473463717dba0f01a56bc9bade5db54df
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e54d34403c133b352743e8e931d57561fb4bde61182196bd5186a8a27c6183d3
e5eae699776a7762ace7fc826793538e827c207c5d1d707f4d7668429c42d8b1
e7fd45eaeaf58c2d9dfe0d899469a85a572fd8516215329b4331210616776d5f
e8c45116e54a23e3e851b31c93d45ddd97a7817668ccd5d139c8f40053a709d4
e9b43935ed448dca473a0f5614b01ef92bc2d3d2b938474dffc579f04e42bc26
eaf9b9cf92359e85d9957dfa47f615eac6f350bc8cca8e7292740d42c9ea0515
eb37376455a1993425a374c474385b86482f2f2f61ac930e0bb7bd216dd46cf0
ee1b5685f7ade0659c8ef8b533daf4bab8ce173619b98a16286d411be3db1b6c
ee3e991a3e333cac4fe2d267f84da1e49b010a148bb60f59d0612b71132259d9
eededc0d35904166aec066b178e6f024f98c6be4c5a1b7dc82da221b25808c0a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f630c6ea4e44c35a93c0ee2950e68857311d9500d6025abe4a5db3ecaf270e3c
f8489fba8a5561cc5f15c866f42cd94eb07b1ac4d713f66c352689fe78558469
fc4ebde1f9367375f085b5435123e08526fa12b3d7cd90a2615b3b22e7dfbf29
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955