pcloak.blob.core.windows.net Open in urlscan Pro
20.60.220.36 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://pcloak.blob.core.windows.net/web/6x67420x0229.html?fbclid=PAAaae-SdJFaTCe2X2Rz0YQJeaF_cmcYz8_lmUJJDaLttsAGULWuQIAYEIFUc_aem_A...
Submission: On July 09 via api (July 9th 2023, 12:40:59 am UTC) from TR — Scanned from DE

Summary HTTP 270 Redirects Behaviour Indicators

Summary

This website contacted 52 IPs in 10 countries across 45 domains to perform 270 HTTP transactions. The main IP is 20.60.220.36, located in Tappahannock, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is pcloak.blob.core.windows.net.
TLS certificate: Issued by Microsoft RSA TLS CA 02 on March 22nd 2023. Valid for: a year.

This is the only time pcloak.blob.core.windows.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	20.60.220.36 20.60.220.36	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	77.245.159.14 77.245.159.14	42868 (NIOBEBILI...) (NIOBEBILISIMHIZMETLERI)
4	2606:4700:10:... 2606:4700:10::6814:e66f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	31.3.2.88 31.3.2.88	21245 (MEDIANOVA...) (MEDIANOVA-CDN)
1 38	185.7.176.222 185.7.176.222	42910 (PREMIERDC...) (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH)
2	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:38::178	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
3	108.138.1.25 108.138.1.25	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	108.138.9.235 108.138.9.235	16509 (AMAZON-02) (AMAZON-02)
1	35.241.45.217 35.241.45.217	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
4	18.66.147.114 18.66.147.114	16509 (AMAZON-02) (AMAZON-02)
3	185.7.176.221 185.7.176.221	42910 (PREMIERDC...) (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH)
1	34.102.243.38 34.102.243.38	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	160.16.238.49 160.16.238.49	() ()
5	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
2 34	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
8	2607:f8b0:400... 2607:f8b0:4008:814::2003	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
2	173.194.76.156 173.194.76.156	15169 (GOOGLE) (GOOGLE)
2 2	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:401... 2a00:1450:401e:28::7	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
1 8	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2006	15169 (GOOGLE) (GOOGLE)
1	185.7.176.4 185.7.176.4	42910 (PREMIERDC...) (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH)
5	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:225... 2600:9000:2251:6800:3:4706:a6c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:249... 2600:9000:2491:9000:1b:f040:3600:93a1	16509 (AMAZON-02) (AMAZON-02)
1	154.58.197.185 154.58.197.185	174 (COGENT-174) (COGENT-174)
2 4	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
3 26	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 4	35.156.133.126 35.156.133.126	16509 (AMAZON-02) (AMAZON-02)
2 2	213.155.156.168 213.155.156.168	1299 (TWELVE99 ...) (TWELVE99 Arelion)
2 2	37.157.2.229 37.157.2.229	198622 (ADFORM) (ADFORM)
3 3	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1 1	35.204.158.49 35.204.158.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
2 2	216.52.2.16 216.52.2.16	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
3 3	2600:9000:205... 2600:9000:2057:6a00:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
3 4	51.89.9.253 51.89.9.253	16276 (OVH) (OVH)
2	2a00:1450:400... 2a00:1450:4001:29::7	15169 (GOOGLE) (GOOGLE)
1	2a02:fa8:8806... 2a02:fa8:8806:20::2040	() ()
2 2	3.120.19.26 3.120.19.26	16509 (AMAZON-02) (AMAZON-02)
1 1	2a05:d018:d29... 2a05:d018:d29:3605:dd30:da7f:d6fe:8bcf	() ()
1 1	69.173.144.138 69.173.144.138	() ()
1 1	185.29.134.248 185.29.134.248	() ()
1 1	151.101.2.49 151.101.2.49	() ()
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
1	185.7.176.223 185.7.176.223	() ()
1	52.29.25.103 52.29.25.103	() ()
270	52

4 20.60.220.36 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

pcloak.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.245.159.14 (Turkey)

ASN42868 (NIOBEBILISIMHIZMETLERI, TR)
PTR: stilgar.wlsrv.com

www.cloakan.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:10::6814:e66f (United States)

ASN13335 (CLOUDFLARENET, US)

www.nefisyemektarifleri.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i2.nefisyemektarifleri.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.nefisyemektarifleri.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

mn.nytcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.3.2.88 (Frankfurt am Main, Germany)

ASN21245 (MEDIANOVA-CDN, TR)

i.nefisyemektarifleri.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 185.7.176.222 (Turkey) 1 redirects

ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR)

static.virgul.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ng.virgul.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ng2.virgul.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
logger.virgul.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
istr.izlesene.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.1.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-1-25.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.9.235 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-9-235.fra56.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.45.217 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 217.45.241.35.bc.googleusercontent.com

pghub.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.66.147.114 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-114.fra60.r.cloudfront.net

bitbeat7.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.7.176.221 (Turkey)

ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR)

c1.imgiz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.243.38 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 38.243.102.34.bc.googleusercontent.com

feed.pghub.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 160.16.238.49 (None, )

ASN- ()

placehold.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4008:814::2003 (Riverview, United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.194.76.156 (United States)

ASN15169 (GOOGLE, US)
PTR: ws-in-f156.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200e (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:401e:28::7 (Ireland)

ASN15169 (GOOGLE, US)

r2---sn-4g5ednsr.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.7.176.4 (Turkey)

ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR)

panel.izlesene.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2251:6800:3:4706:a6c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cti.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2491:9000:1b:f040:3600:93a1 (United States)

ASN16509 (AMAZON-02, US)

ads.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 154.58.197.185 (Indonesia)

ASN174 (COGENT-174, US)
PTR: staticip-hv4m185.hispavista.com

t.hspvst.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:678:cb4:bbbb::11 (United Kingdom) 2 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 172.217.18.2 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:18ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.156.133.126 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-133-126.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.168 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.2.229 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.80.39.216 (Canada) 3 redirects

ASN27381 (CASALE-MEDIA, CA)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.158.49 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.16 (United States) 2 redirects

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2057:6a00:1b:5138:8a40:93a1 (United States) 3 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 51.89.9.253 (London, United Kingdom) 3 redirects

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:29::7 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r2---sn-4g5ednkl.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:20::2040 (None, )

ASN- ()

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.120.19.26 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-19-26.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3605:dd30:da7f:d6fe:8bcf (None, ) 1 redirects

ASN- ()

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (None, ) 1 redirects

ASN- ()

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.134.248 (None, ) 1 redirects

ASN- ()

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.49 (None, ) 1 redirects

ASN- ()

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.7.176.223 (None, )

ASN- ()

istr-n23.nktcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.29.25.103 (None, )

ASN- ()

i.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
61	googlesyndication.com 2 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 135 e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 160	668 KB
49	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 216 googleads.g.doubleclick.net — Cisco Umbrella Rank: 57 bid.g.doubleclick.net — Cisco Umbrella Rank: 810 cm.g.doubleclick.net — Cisco Umbrella Rank: 254 pubads.g.doubleclick.net	363 KB
37	virgul.com static.virgul.com — Cisco Umbrella Rank: 81866 ng.virgul.com — Cisco Umbrella Rank: 65490 ng2.virgul.com — Cisco Umbrella Rank: 74231 logger.virgul.com	248 KB
22	gstatic.com csi.gstatic.com fonts.gstatic.com www.gstatic.com encrypted-tbn2.gstatic.com	301 KB
14	google.com 1 redirects ampcid.google.com — Cisco Umbrella Rank: 2261 adservice.google.com — Cisco Umbrella Rank: 113 www.google.com — Cisco Umbrella Rank: 10	2 KB
12	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 88 imasdk.googleapis.com — Cisco Umbrella Rank: 500	730 KB
10	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 391	218 KB
10	nytcdn.com mn.nytcdn.com — Cisco Umbrella Rank: 431099	186 KB
7	2mdn.net 2 redirects gcdn.2mdn.net — Cisco Umbrella Rank: 1112 r2---sn-4g5ednsr.c.2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 325 r2---sn-4g5ednkl.c.2mdn.net — Cisco Umbrella Rank: 608189	4 MB
6	nefisyemektarifleri.com www.nefisyemektarifleri.com — Cisco Umbrella Rank: 320439 i.nefisyemektarifleri.com — Cisco Umbrella Rank: 406978 i2.nefisyemektarifleri.com — Cisco Umbrella Rank: 498374 c.nefisyemektarifleri.com	156 KB
5	w55c.net 2 redirects cti.w55c.net — Cisco Umbrella Rank: 4192 ads.w55c.net — Cisco Umbrella Rank: 12943 pm.w55c.net — Cisco Umbrella Rank: 1044 i.w55c.net	43 KB
4	onetag-sys.com 3 redirects onetag-sys.com — Cisco Umbrella Rank: 857	1 KB
4	bidswitch.net 4 redirects x.bidswitch.net — Cisco Umbrella Rank: 359	2 KB
4	turn.com 2 redirects ad.turn.com — Cisco Umbrella Rank: 1067 r.turn.com	2 KB
4	bitbeat7.com bitbeat7.com — Cisco Umbrella Rank: 445250	36 KB
4	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 353 aax.amazon-adsystem.com — Cisco Umbrella Rank: 438	62 KB
4	windows.net pcloak.blob.core.windows.net	3 KB
3	smaato.net 3 redirects s.ad.smaato.net — Cisco Umbrella Rank: 822	1 KB
3	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 383	793 B
3	casalemedia.com 3 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 485	3 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 205	169 KB
3	imgiz.com c1.imgiz.com — Cisco Umbrella Rank: 136022	259 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	274 B
2	lijit.com 2 redirects ap.lijit.com — Cisco Umbrella Rank: 782	1 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 633	1 KB
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 5037	647 B
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 893 s.tribalfusion.com	1 KB
2	izlesene.com 1 redirects panel.izlesene.com — Cisco Umbrella Rank: 982144 istr.izlesene.com	1 KB
2	placehold.jp placehold.jp	4 KB
2	pghub.io pghub.io — Cisco Umbrella Rank: 2090 feed.pghub.io — Cisco Umbrella Rank: 2360	6 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 173	156 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	158 KB
2	cloakan.co www.cloakan.co	742 B
1	nktcdn.com istr-n23.nktcdn.com
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 8041	554 B
1	everesttech.net 1 redirects sync-tm.everesttech.net	539 B
1	mathtag.com 1 redirects sync.mathtag.com	727 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com	463 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com	714 B
1	dotomi.com dclk-match.dotomi.com	104 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 982	245 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 981	714 B
1	hspvst.com t.hspvst.com — Cisco Umbrella Rank: 188023	920 B
1	google.de ampcid.google.de — Cisco Umbrella Rank: 52173	377 B
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 63	21 KB
270	45

	Domain	Requested by
34	tpc.googlesyndication.com	2 redirects e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com imasdk.googleapis.com tpc.googlesyndication.com securepubads.g.doubleclick.net www.nefisyemektarifleri.com
26	cm.g.doubleclick.net	3 redirects e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
21	pagead2.googlesyndication.com	static.virgul.com pagead2.googlesyndication.com e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com pcloak.blob.core.windows.net www.googletagservices.com
16	securepubads.g.doubleclick.net	static.virgul.com securepubads.g.doubleclick.net www.nefisyemektarifleri.com e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
13	ng.virgul.com	static.virgul.com www.nefisyemektarifleri.com ng2.virgul.com
10	logger.virgul.com	c1.imgiz.com
10	cdn.ampproject.org	securepubads.g.doubleclick.net
10	mn.nytcdn.com	www.nefisyemektarifleri.com mn.nytcdn.com
9	fonts.gstatic.com	fonts.googleapis.com
8	www.google.com	1 redirects www.nefisyemektarifleri.com tpc.googlesyndication.com e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
8	csi.gstatic.com	imasdk.googleapis.com
7	imasdk.googleapis.com	e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com c1.imgiz.com imasdk.googleapis.com
7	ng2.virgul.com	static.virgul.com www.nefisyemektarifleri.com
7	static.virgul.com	www.nefisyemektarifleri.com static.virgul.com pcloak.blob.core.windows.net
6	e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
5	fonts.googleapis.com	e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com securepubads.g.doubleclick.net
5	adservice.google.com	securepubads.g.doubleclick.net imasdk.googleapis.com
4	onetag-sys.com	3 redirects e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
4	x.bidswitch.net	4 redirects
4	bitbeat7.com	ng2.virgul.com www.nefisyemektarifleri.com bitbeat7.com
4	pcloak.blob.core.windows.net	pcloak.blob.core.windows.net
3	s.ad.smaato.net	3 redirects
3	match.adsrvr.org	e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
3	ssum-sec.casalemedia.com	3 redirects
3	encrypted-tbn2.gstatic.com	e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
3	www.googletagservices.com	e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
3	c1.imgiz.com	static.virgul.com c1.imgiz.com
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.nefisyemektarifleri.com
3	c.amazon-adsystem.com	static.virgul.com c.amazon-adsystem.com
3	www.facebook.com	www.nefisyemektarifleri.com
2	pubads.g.doubleclick.net	imasdk.googleapis.com
2	pm.w55c.net	2 redirects
2	r2---sn-4g5ednkl.c.2mdn.net	e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
2	ap.lijit.com	2 redirects
2	c1.adform.net	2 redirects
2	d5p.de17a.com	2 redirects
2	r.turn.com	e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
2	ad.turn.com	2 redirects
2	www.gstatic.com	e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
2	r2---sn-4g5ednsr.c.2mdn.net
2	gcdn.2mdn.net	2 redirects
2	bid.g.doubleclick.net	imasdk.googleapis.com
2	placehold.jp	www.nefisyemektarifleri.com bitbeat7.com
2	connect.facebook.net	pcloak.blob.core.windows.net connect.facebook.net
2	c.nefisyemektarifleri.com	www.nefisyemektarifleri.com
2	www.googletagmanager.com	www.nefisyemektarifleri.com www.googletagmanager.com
2	i.nefisyemektarifleri.com	www.nefisyemektarifleri.com
2	www.cloakan.co	pcloak.blob.core.windows.net
1	i.w55c.net	e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
1	istr-n23.nktcdn.com
1	istr.izlesene.com	1 redirects
1	ads.travelaudience.com	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	sync.mathtag.com	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	dclk-match.dotomi.com	e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
1	rtb.openx.net	e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
1	um.simpli.fi	1 redirects
1	s.tribalfusion.com	e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
1	a.tribalfusion.com	1 redirects
1	t.hspvst.com	e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
1	ads.w55c.net	e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
1	cti.w55c.net	e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
1	panel.izlesene.com	c1.imgiz.com
1	s0.2mdn.net	imasdk.googleapis.com
1	feed.pghub.io	pghub.io
1	pghub.io	static.virgul.com
1	aax.amazon-adsystem.com	c.amazon-adsystem.com
1	ampcid.google.de	www.google-analytics.com
1	ampcid.google.com	www.google-analytics.com
1	www.google-analytics.com	www.googletagmanager.com
1	i2.nefisyemektarifleri.com	www.nefisyemektarifleri.com
1	www.nefisyemektarifleri.com	www.cloakan.co
270	74

This site contains no links.

Subject Issuer	Validity	Valid
*.blob.core.windows.net Microsoft RSA TLS CA 02	`2023-03-22` - `2024-03-22`	a year	crt.sh
cpanel.cloakan.co R3	`2023-07-03` - `2023-10-01`	3 months	crt.sh
*.nefisyemektarifleri.com Thawte RSA CA 2018	`2022-06-24` - `2023-07-25`	a year	crt.sh
nytcdn.com E1	`2023-05-17` - `2023-08-15`	3 months	crt.sh
*.virgul.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-24` - `2023-09-28`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-04-17` - `2023-07-16`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
*.pghub.io DigiCert TLS RSA SHA256 2020 CA1	`2023-02-09` - `2024-02-08`	a year	crt.sh
bitbeat7.com Amazon RSA 2048 M01	`2023-02-28` - `2023-12-02`	9 months	crt.sh
*.imgiz.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-27` - `2023-09-09`	a year	crt.sh
placehold.jp R3	`2023-07-01` - `2023-09-29`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2023-06-20` - `2023-08-29`	2 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.izlesene.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-05` - `2024-08-04`	a year	crt.sh
*.w55c.net Amazon RSA 2048 M02	`2023-05-29` - `2024-06-25`	a year	crt.sh
*.hspvst.com Gandi Standard SSL CA 2	`2022-12-12` - `2023-12-09`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh

This page contains 30 frames:

Primary Page: https://pcloak.blob.core.windows.net/web/6x67420x0229.html?fbclid=PAAaae-SdJFaTCe2X2Rz0YQJeaF_cmcYz8_lmUJJDaLttsAGULWuQIAYEIFUc_aem_AWqMemsf4qpLbeZbkZhrgOzXLw4pKQpSKaow2V3Sax-iHPbhThvsND2Me74HsU0i7CvE1WRhY0ku0e2hAZgH8ddB
Frame ID: FCE51E4371B19731E3356CDCDB89F9E9
Requests: 6 HTTP requests in this frame

Frame: https://www.nefisyemektarifleri.com/etsiz-nohut-yemegi-248941/
Frame ID: 9F38A78715FA06AA33203F22CD1F4BF9
Requests: 89 HTTP requests in this frame

Frame: https://static.virgul.com/theme/mockups/outside/str.html?v=2
Frame ID: 493202EFF82DCCFF0EA6FCBA23E4D887
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230705/r20190131/zrt_lookup.html
Frame ID: 14D27553E5DA87F469904E4ABE93162F
Requests: 1 HTTP requests in this frame

Frame: https://ng2.virgul.com/ic/5e73154be4b0016313fa90d5?g=1&t=cpc_annotation&r=154248@site_geneli@nefisyemektarifleri:site_geneli&l=&info=&mt=1688863256324&userId=vnet13e653e2-9c07-45f2-b274-9cafc9d81d31&ext=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgpnyt%3D1%26video%3D1%26rec%3Dbakliyat-yemekleri%26rec_ing%3Ddomates+sal%C3%A7as%C4%B1%40karabiber%40kuru+so%C4%9Fan%40nohut%40pul+biber%40s%C4%B1v%C4%B1+ya%C4%9F%40sivri+biber%40su%40tuz%26nyt_cat%3Dpost
Frame ID: 063432A3F60258047313F82F88A4BC12
Requests: 2 HTTP requests in this frame

Frame: https://ng2.virgul.com/adview?a=5e73154be4b0016313fa90d5&r=154248@site_geneli@nefisyemektarifleri:site_geneli&l=&ext=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgpnyt%3D1%26video%3D1%26rec%3Dbakliyat-yemekleri%26rec_ing%3Ddomates+sal%C3%A7as%C4%B1%40karabiber%40kuru+so%C4%9Fan%40nohut%40pul+biber%40s%C4%B1v%C4%B1+ya%C4%9F%40sivri+biber%40su%40tuz%26nyt_cat%3Dpost&info=&cs=1688863256559&mt=1688863256324&userId=vnet13e653e2-9c07-45f2-b274-9cafc9d81d31&vmn=5e73154be4b0016313fa90d5___15424862886202
Frame ID: 0CCF2FF2C41C0D22E7301260F08921B5
Requests: 4 HTTP requests in this frame

Frame: https://ng2.virgul.com/ic/5e73154be4b0016313fa90d5?g=1&t=cpc_annotation&r=154248@site_geneli@nefisyemektarifleri:site_geneli&l=&info=&mt=1688863256324&userId=vnet13e653e2-9c07-45f2-b274-9cafc9d81d31&ext=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgpnyt%3D1%26video%3D1%26rec%3Dbakliyat-yemekleri%26rec_ing%3Ddomates+sal%C3%A7as%C4%B1%40karabiber%40kuru+so%C4%9Fan%40nohut%40pul+biber%40s%C4%B1v%C4%B1+ya%C4%9F%40sivri+biber%40su%40tuz%26nyt_cat%3Dpost
Frame ID: 37126EA6BCFA3371E44D6C6D3253DA54
Requests: 2 HTTP requests in this frame

Frame: https://ng2.virgul.com/adview?a=5e73154be4b0016313fa90d5&r=154248@site_geneli@nefisyemektarifleri:site_geneli&l=&ext=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgpnyt%3D1%26video%3D1%26rec%3Dbakliyat-yemekleri%26rec_ing%3Ddomates+sal%C3%A7as%C4%B1%40karabiber%40kuru+so%C4%9Fan%40nohut%40pul+biber%40s%C4%B1v%C4%B1+ya%C4%9F%40sivri+biber%40su%40tuz%26nyt_cat%3Dpost&info=&cs=1688863256559&mt=1688863256324&userId=vnet13e653e2-9c07-45f2-b274-9cafc9d81d31&vmn=5e73154be4b0016313fa90d5___154248628862022
Frame ID: 92DFF0E4B6E3EA959979D306FD013A58
Requests: 4 HTTP requests in this frame

Frame: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 94BFF5B28A712E1EFE0714926765974F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3279755397&plat=1%3A512%2C2%3A512%2C3%3A512%2C4%3A512%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1081856%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688863256512&bpp=4&bdt=864&idt=219&shv=r20230705&mjsv=m202306290101&ptt=9&saldr=aa&nras=1&correlator=4770005594451&frm=24&ife=1&pv=2&ga_vid=21520935.1688863256&ga_sid=1688863257&ga_hid=2011909801&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1843544316&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759837%2C44759875%2C31075643%2C44785292%2C44788442%2C44796479&oid=2&pvsid=1674499439926752&tmod=1383711997&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.w36ovlukm9ku&fsb=1&dtd=234
Frame ID: 6EA5B34415DF4410D9204484AD41C513
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 421D6D9859E85572F7AF3CBEFE9590D9
Requests: 1 HTTP requests in this frame

Frame: https://feed.pghub.io/tag?referrer_url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&page_url=https%3A%2F%2Fwww.nefisyemektarifleri.com%2Fetsiz-nohut-yemegi-248941%2F&owner=P%26G&bp_id=noktacommedya&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js&data=%7B%22category%22%3A%22site_geneli%22%7D
Frame ID: A22469F127D09C40628D7410F0A65D5D
Requests: 1 HTTP requests in this frame

Frame: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 069941CF92EEF35EDFAF78BB99519F52
Requests: 19 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 391D1DE11C0BAC754CE15D72DBE0DB36
Requests: 3 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012306202201000/amp4ads-v0.mjs
Frame ID: BFDEF5CE3C34D76DBBABD6CB7E18EF8F
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9235271ED0AA6AB4D543FE461A6E1143
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: ABA8937D37CBD57EE886B42386543036
Requests: 2 HTTP requests in this frame

Frame: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 0A34ECAE0B3C8D00B275D0FAC290906E
Requests: 15 HTTP requests in this frame

Frame: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: FBE73678448A1F6D22A156E7BCE66A45
Requests: 19 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012306202201000/amp4ads-v0.mjs
Frame ID: 25287B8296158E1444A7A115ADC319A1
Requests: 15 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.579.0_en.html
Frame ID: 1E023EF735D4FA924FE2D0ACA0149CC0
Requests: 6 HTTP requests in this frame

Frame: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 544D494F279A2759C3C5F8202AE84191
Requests: 12 HTTP requests in this frame

Frame: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 5FBDBD2596DBDACADE519F4B36551910
Requests: 18 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: AB46A7EE43C03782B57D7778B965E80E
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1C5C9AB8BA78DFDF77205ACF6448E820
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3319F4F1FACA5A5E02761D6A9D727DA8
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 55D499C133B9EFEB32176C9C70D7F0A1
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 6D9014AFC90E941152ABB773A72156E9
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/oBMhIGozJCmZhanrY2s6Nzm7GdNkvCqEaGjKud4M6yI.js
Frame ID: 4E561FB8A38645E67D8716E202178467
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/oBMhIGozJCmZhanrY2s6Nzm7GdNkvCqEaGjKud4M6yI.js
Frame ID: C37E1AC3EF4FA94A4B6BCF123E6FAC66
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

270
Requests

89 %
HTTPS

52 %
IPv6

45
Domains

74
Subdomains

52
IPs

10
Countries

7698 kB
Transfer

15175 kB
Size

25
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 95

https://gcdn.2mdn.net/videoplayback/id/f8fd2e94061f0d97/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1720399257/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/1C17E21E8DE19869B8DAFA761E468B01A61E9B2A.6020D3B6018AAF2191E25BACB48E332290DFDF5F/key/ck2/file/file.mp4 HTTP 302
https://r2---sn-4g5ednsr.c.2mdn.net/videoplayback/id/f8fd2e94061f0d97/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1720399257/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/76AAA79C0BE562E47AE9304AB1B046EE6C927448.4905A3BFEFD13B0C9CABFEB849D004F357A7FE7B/key/cms1/cms_redirect/yes/mh/xb/mip/2001:1b60:2:240:3247::4/mm/42/mn/sn-4g5ednsr/ms/onc/mt/1688862767/mv/m/mvi/2/pl/29/file/file.mp4

Request Chain 158

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDbhv_nVhCkBhjJATIIT-U8H3K8tRU HTTP 301
https://tpc.googlesyndication.com/simgad/4339031254341182387

Request Chain 162

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 183

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr3ZqF_gEQgAgYgAgyCFFyRh2Ouq9r HTTP 301
https://tpc.googlesyndication.com/simgad/624907996767536446

Request Chain 185

https://ad.turn.com/r/cs?pid=3&google_gid=CAESECKn35cMYf8JYXjOf0PLlxQ&google_cver=1&google_push=AaAOQGErkTGGyxGFg0Cq3uh8aTwKgkzZ338koaV05B3_qWkpYEg6z4YzgpVLLBc0SmkqkXgueT5Phbesnl2m6DG52Q9rL6SBzdV_XQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjMyNjM0NzA4NDY3ODkwNzMyNw==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEMjbXoz9-86AYTSKejmloB4&google_cver=1

Request Chain 186

https://a.tribalfusion.com/i.match?p=b6&u=CAESEGGdlEMF2zmppLirPelB5X8&google_cver=1&google_push=AaAOQGHMFJvDCMKV6EF7fhkrkEN4LVRChFNQ2vovrQFQxyVJodF4H0usJGQAddrzXp0Xjyn1VSoqLZ5X20u7xF6sfJc7w49kXeJUjQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGHMFJvDCMKV6EF7fhkrkEN4LVRChFNQ2vovrQFQxyVJodF4H0usJGQAddrzXp0Xjyn1VSoqLZ5X20u7xF6sfJc7w49kXeJUjQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGGdlEMF2zmppLirPelB5X8&google_cver=1&google_push=AaAOQGHMFJvDCMKV6EF7fhkrkEN4LVRChFNQ2vovrQFQxyVJodF4H0usJGQAddrzXp0Xjyn1VSoqLZ5X20u7xF6sfJc7w49kXeJUjQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGHMFJvDCMKV6EF7fhkrkEN4LVRChFNQ2vovrQFQxyVJodF4H0usJGQAddrzXp0Xjyn1VSoqLZ5X20u7xF6sfJc7w49kXeJUjQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 187

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEBqqGiI99hcJugtxCk2O4kw&google_cver=1&google_push=AaAOQGG9FGj1WEZxX3XwgA_YpmYboMviQqFvs6fQH6JJN_p-RCmQvfriClrnNHLKIXETf0lIGEq7NnjOMgpGCmhsHGMiC72erGLH HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEBqqGiI99hcJugtxCk2O4kw&google_cver=1&google_push=AaAOQGG9FGj1WEZxX3XwgA_YpmYboMviQqFvs6fQH6JJN_p-RCmQvfriClrnNHLKIXETf0lIGEq7NnjOMgpGCmhsHGMiC72erGLH HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGG9FGj1WEZxX3XwgA_YpmYboMviQqFvs6fQH6JJN_p-RCmQvfriClrnNHLKIXETf0lIGEq7NnjOMgpGCmhsHGMiC72erGLH&google_hm=dnpdsTAxQ4yBWMl3hhESow==

Request Chain 188

https://d5p.de17a.com/cookies/google?google_gid=CAESEEVSr6T6MIj2Zk6HWpoBKeQ&google_cver=1&google_push=AaAOQGHeeX-SKV9K8G1way2PVudTv3sQ0yAa7HPcCa9hiNNEDUc5meW86GpslcAdiL2tXOWhMQq0HGK7aFqAt3az7LuVn_-rN-LX HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEEVSr6T6MIj2Zk6HWpoBKeQ&google_cver=1&google_push=AaAOQGHeeX-SKV9K8G1way2PVudTv3sQ0yAa7HPcCa9hiNNEDUc5meW86GpslcAdiL2tXOWhMQq0HGK7aFqAt3az7LuVn_-rN-LX HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AaAOQGHeeX-SKV9K8G1way2PVudTv3sQ0yAa7HPcCa9hiNNEDUc5meW86GpslcAdiL2tXOWhMQq0HGK7aFqAt3az7LuVn_-rN-LX

Request Chain 189

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEDgfYwLl8qF4WlhPSEYjtr8&google_cver=1&google_push=AaAOQGGG0LaDXtlPIelnKTPSc5CaoDoCCVQj-AO1tqTfpNmwjIGLpTxRfRSeMK_7wvr8lAAXZqQD-bYDZW7FhZL44uWUaiJuNLJisw HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEDgfYwLl8qF4WlhPSEYjtr8&google_cver=1&google_push=AaAOQGGG0LaDXtlPIelnKTPSc5CaoDoCCVQj-AO1tqTfpNmwjIGLpTxRfRSeMK_7wvr8lAAXZqQD-bYDZW7FhZL44uWUaiJuNLJisw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzIyODQ5ODc3NDUyODI1Nzc3NQ&google_push=AaAOQGGG0LaDXtlPIelnKTPSc5CaoDoCCVQj-AO1tqTfpNmwjIGLpTxRfRSeMK_7wvr8lAAXZqQD-bYDZW7FhZL44uWUaiJuNLJisw

Request Chain 190

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFdfDnXUETVfhe1aspsSmZE&google_cver=1&google_push=AaAOQGHXH6seXeir7rz2Cr0sS0OeBqBbTjJOTPgDYDOgfaMmmApCpsN3o6MNveWF_NH9l5o_1i3tY7WWtGcQC5GQ8dBgq_GlfMrZTA HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEFdfDnXUETVfhe1aspsSmZE&google_push=AaAOQGHXH6seXeir7rz2Cr0sS0OeBqBbTjJOTPgDYDOgfaMmmApCpsN3o6MNveWF_NH9l5o_1i3tY7WWtGcQC5GQ8dBgq_GlfMrZTA&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFdfDnXUETVfhe1aspsSmZE&google_hm=ZKoCGm7EqBWujoB1wBvybQAACFIAAAIB&google_nid=index&google_push=AaAOQGHXH6seXeir7rz2Cr0sS0OeBqBbTjJOTPgDYDOgfaMmmApCpsN3o6MNveWF_NH9l5o_1i3tY7WWtGcQC5GQ8dBgq_GlfMrZTA

Request Chain 191

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEMPoXEVKm88so2era_Y2UsQ&google_cver=1&google_push=AaAOQGGetc5arpvQXb6kEqDx_gHbwrqY6utXXkxkkqVsiqUZiKcmTv5-jjnHLDaUF8krTQLhT9LeN-Rlf1wPwfzHRxml91FYAGWzSbw HTTP 302
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEMPoXEVKm88so2era_Y2UsQ&google_cver=1&google_push=AaAOQGGetc5arpvQXb6kEqDx_gHbwrqY6utXXkxkkqVsiqUZiKcmTv5-jjnHLDaUF8krTQLhT9LeN-Rlf1wPwfzHRxml91FYAGWzSbw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=767a5db1-3031-438c-8158-c977861112a3&%%GOOGLE_PUSH_PAIR%%

Request Chain 199

https://um.simpli.fi/gp_match?google_gid=CAESEIMkUauYK5WHjJxYOMsMgWQ&google_cver=1&google_push=AaAOQGGMwoDphmlrFSH3H7ibpz-Um_47rdoi7l3GlmPnG3erykvTvkK4kQb5JoxVdel-z7buC5LrywZWIyhmHqJdVmmLa-9bazaP HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8AC69B0BFDB4484A9CA87824C94F5FD9&google_push=AaAOQGGMwoDphmlrFSH3H7ibpz-Um_47rdoi7l3GlmPnG3erykvTvkK4kQb5JoxVdel-z7buC5LrywZWIyhmHqJdVmmLa-9bazaP

Request Chain 202

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEDueeD5JQChLYnL5GBOeBOw&google_cver=1&google_push=AaAOQGHWgwHo8B3xh316EY9vJ5KLY4XnA6ziU4AE0e7oFs3uPYwF80S8960U1MmSGgSHRCE1r0W0tsD5KVq1t26eoKX2s9GmzPf2 HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEDueeD5JQChLYnL5GBOeBOw&google_cver=1&google_push=AaAOQGHWgwHo8B3xh316EY9vJ5KLY4XnA6ziU4AE0e7oFs3uPYwF80S8960U1MmSGgSHRCE1r0W0tsD5KVq1t26eoKX2s9GmzPf2&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AaAOQGHWgwHo8B3xh316EY9vJ5KLY4XnA6ziU4AE0e7oFs3uPYwF80S8960U1MmSGgSHRCE1r0W0tsD5KVq1t26eoKX2s9GmzPf2&google_hm=G8vIrGZHn5eb0xpRQ2OusBnI

Request Chain 203

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEOFZpmLqc-rUhhkatBOWudo&google_cver=1&google_push=AaAOQGG-1zxgtg_dH4JmMTF3Ns_1WvYXmoQLRHtmEsCzmeoiftGRJA1rba7NJHwJMgxSPrcd8PNBCtUr-rRn46bHzRjVB796LRJy HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AaAOQGG-1zxgtg_dH4JmMTF3Ns_1WvYXmoQLRHtmEsCzmeoiftGRJA1rba7NJHwJMgxSPrcd8PNBCtUr-rRn46bHzRjVB796LRJy

Request Chain 204

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESELZB60JUOlQmP7-2G5DyBpo&google_cver=1&google_push=AaAOQGGgpeU3fo_ntSDpNbY2-V_6gfh-CXPHtrW7QrUnjSCGcgPgQdfPjTH6k6gmmxQkl-kjkyWG5tsJueJIZwRjAysuHHhvtX6N HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGGgpeU3fo_ntSDpNbY2-V_6gfh-CXPHtrW7QrUnjSCGcgPgQdfPjTH6k6gmmxQkl-kjkyWG5tsJueJIZwRjAysuHHhvtX6N

Request Chain 205

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESELZB60JUOlQmP7-2G5DyBpo&google_cver=1&google_push=AaAOQGHbJ0Yeo3y4HLc8rw7RmZsCEVALR5s1BNMOKIkSJPade3_c7KBVSHPPpBRnyTLJFYN1op3pJJH4nfe1BS2BpadrVzfQ1BLC HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGHbJ0Yeo3y4HLc8rw7RmZsCEVALR5s1BNMOKIkSJPade3_c7KBVSHPPpBRnyTLJFYN1op3pJJH4nfe1BS2BpadrVzfQ1BLC HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 216

https://gcdn.2mdn.net/videoplayback/id/16b003e62bbfefe1/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1720399258/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/B047B784E9F1B0130FDB7986DB31C4965C0DBA2D.14D21768D6ECE4B279621DDD62754D8A1F077513/key/ck2/file/file.mp4 HTTP 302
https://r2---sn-4g5ednkl.c.2mdn.net/videoplayback/id/16b003e62bbfefe1/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1720399258/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/73E5C1F91CABE889A241EA85D38B2544B98008C7.0A7966AE84D73A10C313F38624C9D383448886B7/key/cms1/cms_redirect/yes/mh/2p/mip/2001:1b60:2:240:3247::4/mm/42/mn/sn-4g5ednkl/ms/onc/mt/1688862767/mv/m/mvi/2/pl/29/file/file.mp4

Request Chain 220

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEG5RiDiaBBrux9t3ppXidzs&google_cver=1&google_push=AaAOQGHY_gfrxtGQel1or98Cy5z22zfpp552B71ZXF9n0e1jv465T8ZQlNyl2NDc5PbryRX11xMDC22BqwaCE_0ronLJhUEDvAEvWQ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEG5RiDiaBBrux9t3ppXidzs&google_cver=1&google_push=AaAOQGHY_gfrxtGQel1or98Cy5z22zfpp552B71ZXF9n0e1jv465T8ZQlNyl2NDc5PbryRX11xMDC22BqwaCE_0ronLJhUEDvAEvWQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=M3RWTnEyRUoxUWlpdFk1&google_gid=CAESEG5RiDiaBBrux9t3ppXidzs&google_cver=1&google_push=AaAOQGHY_gfrxtGQel1or98Cy5z22zfpp552B71ZXF9n0e1jv465T8ZQlNyl2NDc5PbryRX11xMDC22BqwaCE_0ronLJhUEDvAEvWQ

Request Chain 222

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEKIYD1N8VjDE5a3KxmteFss&google_cver=1&google_push=AaAOQGG8QqQAz_2Xk0qRyZ2Ctoz5VRkra9mLIFFBTxdKo7m1NnVF_i0oqL07L95C6_2aHp31O5BGTovPqaVtR-3hXi_EjYFsLhFNMw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGG8QqQAz_2Xk0qRyZ2Ctoz5VRkra9mLIFFBTxdKo7m1NnVF_i0oqL07L95C6_2aHp31O5BGTovPqaVtR-3hXi_EjYFsLhFNMw&google_hm=eS1pbTJyV1RoRTJwR2xGanN4dTZIbm85dTVQZEpUMlNENH5B

Request Chain 223

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFCbK4RBujg5xrTGp3ZYeSo&google_cver=1&google_push=AaAOQGE6cKhwJfPTpTMo0lIdC0E2QwfHbVO8Y1vKfbLAdbDdnJvtbp9w8nNSanK0_RZtUkoOoKKHK72HjtSSl__Oj5g0dWB7FaOcYQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEpVUEtVREktMjAtRkhOTA==&google_push=AaAOQGE6cKhwJfPTpTMo0lIdC0E2QwfHbVO8Y1vKfbLAdbDdnJvtbp9w8nNSanK0_RZtUkoOoKKHK72HjtSSl__Oj5g0dWB7FaOcYQ

Request Chain 224

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECHk7ZEUDBTlBX5ZYz58CYA&google_cver=1&google_push=AaAOQGH7OF1nqOxMGMqhvH748qlEA2mj1PKOco9K_WVlkfL2AtPp0CH8LiRw67F6sZSEpgQlFKFyXRNbHefHL28ChTnREa5R8InTzw HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECHk7ZEUDBTlBX5ZYz58CYA&google_hm=ZKoCGm7EqBWujoB1wBvybQAACFIAAAIB&google_nid=index&google_push=AaAOQGH7OF1nqOxMGMqhvH748qlEA2mj1PKOco9K_WVlkfL2AtPp0CH8LiRw67F6sZSEpgQlFKFyXRNbHefHL28ChTnREa5R8InTzw

Request Chain 225

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEF38f6l7AH8OqWuL6Tetkyg&google_cver=1&google_push=AaAOQGGHwGWtTnflkpO53Tormp1kxidcVI8DPWgAZVOLxvoPSDVHoIZbW2Ft6tuoDTzFOsZR58weUsAhDyI0pmhPJM9JzaTs5zaoEA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AaAOQGGHwGWtTnflkpO53Tormp1kxidcVI8DPWgAZVOLxvoPSDVHoIZbW2Ft6tuoDTzFOsZR58weUsAhDyI0pmhPJM9JzaTs5zaoEA

Request Chain 227

https://ad.turn.com/r/cs?pid=3&google_gid=CAESELjz65Qx9MjueUoo2c3UIbY&google_cver=1&google_push=AaAOQGE_AsP-OL0Lo26XebErVtZFtgIbK-1TL1DxaQSEZXGbi2fUTsHHHPP4YuLWoq-LeufLKmGBDg6IB_ezL_E7YZ68Od5tOQ0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjMyNjM0NzA4NDY3ODkwNzMyNw==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEMjbXoz9-86AYTSKejmloB4&google_cver=1

Request Chain 228

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEEdJ9b9qpqwmN6W-QZLcXUk&google_cver=1&google_push=AaAOQGEALAfZ2mkPeFa8ujM7Pr2Nd0SoNQFsIsdhBod3QDlmSQGLAC-znunJBKL44RnP1nY362ITPaRwDUWUN-CS1qEUvvBt_A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGEALAfZ2mkPeFa8ujM7Pr2Nd0SoNQFsIsdhBod3QDlmSQGLAC-znunJBKL44RnP1nY362ITPaRwDUWUN-CS1qEUvvBt_A

Request Chain 229

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEMX-9ADTD10RecIL9NE3jjY&google_cver=1&google_push=AaAOQGH6_dRd2bUhRsSemKqwJ_6Q4zcBd4p0wPvEt4mxisxPm8OYAO7_vYRR0P1tGwSs9U2APHN4d8Boe-o4j5_duVmpn3gESy0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEMX-9ADTD10RecIL9NE3jjY&google_push=AaAOQGH6_dRd2bUhRsSemKqwJ_6Q4zcBd4p0wPvEt4mxisxPm8OYAO7_vYRR0P1tGwSs9U2APHN4d8Boe-o4j5_duVmpn3gESy0

Request Chain 231

https://ads.travelaudience.com/google_pixel?google_gid=CAESEI7BlYUEtBR-LjT1h7gKQ2o&google_cver=1&google_push=AaAOQGFfcvo-GmTkfsCQbBy_Gm84Bfdy2wJ4AyYK_dATIB5hyjQyAIn1NwIEuZNVv4btOtXKCcLFp7Rg5cCzN2FQYvMZOkPxXps HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=orfTL8dsRHOdMwcbXN_etw2&google_push=AaAOQGFfcvo-GmTkfsCQbBy_Gm84Bfdy2wJ4AyYK_dATIB5hyjQyAIn1NwIEuZNVv4btOtXKCcLFp7Rg5cCzN2FQYvMZOkPxXps

Request Chain 232

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEDA2xx_FF42NYhEvlkXzn5U&google_cver=1&google_push=AaAOQGFzs0d1XojH1ikBmQrUEZqQZMVlcfLfb-I9e-qdGRuwceKbV7RxjMaOMUqv0Gn-2zBsQLEBQB5cdi32k6SW-Bif0gM9D0Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AaAOQGFzs0d1XojH1ikBmQrUEZqQZMVlcfLfb-I9e-qdGRuwceKbV7RxjMaOMUqv0Gn-2zBsQLEBQB5cdi32k6SW-Bif0gM9D0Y

Request Chain 233

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEFeVT_lHM7cFH3iwNfxmV9A&google_cver=1&google_push=AaAOQGHTIQAtlim5an7cKMKAgqEHsTDMce6JIj7Tylgru4OzJ0Apl05XxP3_boIJhrpudezLy0_q-cNdGYiLi9aIn3vPtWaG-Sk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGHTIQAtlim5an7cKMKAgqEHsTDMce6JIj7Tylgru4OzJ0Apl05XxP3_boIJhrpudezLy0_q-cNdGYiLi9aIn3vPtWaG-Sk

Request Chain 240

https://istr.izlesene.com/data/videos/10710/10710800-480_2-170k.mp4?token=dX0k2OY4L6QJI8xioHu-zA&ts=1688953258&playername=npm_nefisyemektarifleri HTTP 302
https://istr-n23.nktcdn.com/data/videos/10710/10710800-480_2-170k.mp4?playername=npm_nefisyemektarifleri&token=EdsKSMic4FFFdMMAAn0-Cw&ts=1688949658

270 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request 6x67420x0229.html Show response
pcloak.blob.core.windows.net/web/ 1 KB
2 KB 463ms
117ms Document
text/html 20.60.220.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://pcloak.blob.core.windows.net/web/6x67420x0229.html?fbclid=PAAaae-SdJFaTCe2X2Rz0YQJeaF_cmcYz8_lmUJJDaLttsAGULWuQIAYEIFUc_aem_AWqMemsf4qpLbeZbkZhrgOzXLw4pKQpSKaow2V3Sax-iHPbhThvsND2Me74HsU0i7CvE1WRhY0ku0e2hAZgH8ddB
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: add347e23d6d68d50f456f663e081078bf03026f868ca4aa31e6b0f8f5354e01

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Length: 1321
Content-MD5: 4ybI82/2lfG6TucYWk+Hdw==
Content-Type: text/html
Date: Sun, 09 Jul 2023 00:40:53 GMT
ETag: 0x8DB5ED054FF7A83
Last-Modified: Sat, 27 May 2023 16:35:07 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 003e1333-001e-005c-2bfe-b11755000000
x-ms-version: 2009-09-19

GET
H/1.1 404
The specified blob does not exist. jquery.min.js
pcloak.blob.core.windows.net/web/ 0
0 110ms
109ms Script
application/xml 20.60.220.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://pcloak.blob.core.windows.net/web/jquery.min.js
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x67420x0229.html?fbclid=PAAaae-SdJFaTCe2X2Rz0YQJeaF_cmcYz8_lmUJJDaLttsAGULWuQIAYEIFUc_aem_AWqMemsf4qpLbeZbkZhrgOzXLw4pKQpSKaow2V3Sax-iHPbhThvsND2Me74HsU0i7CvE1WRhY0ku0e2hAZgH8ddB
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcloak.blob.core.windows.net/web/6x67420x0229.html?fbclid=PAAaae-SdJFaTCe2X2Rz0YQJeaF_cmcYz8_lmUJJDaLttsAGULWuQIAYEIFUc_aem_AWqMemsf4qpLbeZbkZhrgOzXLw4pKQpSKaow2V3Sax-iHPbhThvsND2Me74HsU0i7CvE1WRhY0ku0e2hAZgH8ddB
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-request-id: 003e1392-001e-005c-80fe-b11755000000
Date: Sun, 09 Jul 2023 00:40:53 GMT
x-ms-version: 2009-09-19
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-Length: 215
Content-Type: application/xml

GET
H/1.1 200
OK cloakan.js Show response
pcloak.blob.core.windows.net/web/ 308 B
717 B 330ms
107ms Script
text/javascript 20.60.220.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://pcloak.blob.core.windows.net/web/cloakan.js
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x67420x0229.html?fbclid=PAAaae-SdJFaTCe2X2Rz0YQJeaF_cmcYz8_lmUJJDaLttsAGULWuQIAYEIFUc_aem_AWqMemsf4qpLbeZbkZhrgOzXLw4pKQpSKaow2V3Sax-iHPbhThvsND2Me74HsU0i7CvE1WRhY0ku0e2hAZgH8ddB
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 4651fd93f167c3620b534c30bc23ae2a2e7cf742621d8e6d12553c09c388284a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcloak.blob.core.windows.net/web/6x67420x0229.html?fbclid=PAAaae-SdJFaTCe2X2Rz0YQJeaF_cmcYz8_lmUJJDaLttsAGULWuQIAYEIFUc_aem_AWqMemsf4qpLbeZbkZhrgOzXLw4pKQpSKaow2V3Sax-iHPbhThvsND2Me74HsU0i7CvE1WRhY0ku0e2hAZgH8ddB
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sun, 09 Jul 2023 00:40:53 GMT
Last-Modified: Mon, 13 Jun 2022 14:36:49 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: zPiKctHo6j8i1UGOFPpInw==
ETag: 0x8DA4D4A263C11C2
Content-Type: text/javascript
x-ms-request-id: 003e1427-001e-005c-0afe-b11755000000
x-ms-version: 2009-09-19
Content-Length: 308

GET
H/1.1 200
OK style.css
pcloak.blob.core.windows.net/web/ 166 B
568 B 222ms
112ms Stylesheet
text/css 20.60.220.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://pcloak.blob.core.windows.net/web/style.css
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x67420x0229.html?fbclid=PAAaae-SdJFaTCe2X2Rz0YQJeaF_cmcYz8_lmUJJDaLttsAGULWuQIAYEIFUc_aem_AWqMemsf4qpLbeZbkZhrgOzXLw4pKQpSKaow2V3Sax-iHPbhThvsND2Me74HsU0i7CvE1WRhY0ku0e2hAZgH8ddB
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: cf906196a7c1414e11983955e101a051d55a864f2bc9fd52a453d952d92fd9b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcloak.blob.core.windows.net/web/6x67420x0229.html?fbclid=PAAaae-SdJFaTCe2X2Rz0YQJeaF_cmcYz8_lmUJJDaLttsAGULWuQIAYEIFUc_aem_AWqMemsf4qpLbeZbkZhrgOzXLw4pKQpSKaow2V3Sax-iHPbhThvsND2Me74HsU0i7CvE1WRhY0ku0e2hAZgH8ddB
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sun, 09 Jul 2023 00:40:53 GMT
Last-Modified: Mon, 13 Jun 2022 14:36:49 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: 9ruAIrm4XHnQO3/sM8J0AQ==
ETag: 0x8DA4D4A26527CA0
Content-Type: text/css
x-ms-request-id: 003e13de-001e-005c-46fe-b11755000000
x-ms-version: 2009-09-19
Content-Length: 166

GET
H2 200 px.php Show response
www.cloakan.co/ 55 B
321 B 435ms
196ms XHR
text/html 77.245.159.14
NIOBEBILISIMHIZME...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cloakan.co/px.php?id=6x67420x0229
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x67420x0229.html?fbclid=PAAaae-SdJFaTCe2X2Rz0YQJeaF_cmcYz8_lmUJJDaLttsAGULWuQIAYEIFUc_aem_AWqMemsf4qpLbeZbkZhrgOzXLw4pKQpSKaow2V3Sax-iHPbhThvsND2Me74HsU0i7CvE1WRhY0ku0e2hAZgH8ddB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.245.159.14 , Turkey, ASN42868 (NIOBEBILISIMHIZMETLERI, TR),
Reverse DNS: stilgar.wlsrv.com
Software: LiteSpeed / PHP/7.3.33
Resource Hash: a9f55a9e4658a9960455f9485c446ea9874f2590ae283801311d84e908536cc2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcloak.blob.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 00:40:54 GMT
content-encoding: br
server: LiteSpeed
x-powered-by: PHP/7.3.33
vary: Accept-Encoding,User-Agent
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length: 45

GET
H2 200 nv.php Show response
www.cloakan.co/ 275 B
421 B 432ms
263ms Script
text/html 77.245.159.14
NIOBEBILISIMHIZME...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cloakan.co/nv.php?id=6x67420x0229-m
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/cloakan.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.245.159.14 , Turkey, ASN42868 (NIOBEBILISIMHIZMETLERI, TR),
Reverse DNS: stilgar.wlsrv.com
Software: LiteSpeed / PHP/7.3.33
Resource Hash: 64bba7358df0b70cff3572ee3e5a2eee51ae741c86167cd529bc7af0e15682a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcloak.blob.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 00:40:55 GMT
content-encoding: br
server: LiteSpeed
x-powered-by: PHP/7.3.33
vary: Accept-Encoding,User-Agent
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length: 147

GET
H2 200 / Show response
www.nefisyemektarifleri.com/etsiz-nohut-yemegi-248941/ Frame 9F38 290 KB
44 KB 152ms
72ms Document
text/html 2606:4700:10::6814:e66f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nefisyemektarifleri.com/etsiz-nohut-yemegi-248941/

Requested by

Host: www.cloakan.co
URL: https://www.cloakan.co/nv.php?id=6x67420x0229-m

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:e66f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53df9c53aafbe70bf85c288f1baa06c1464fbe7e8d4b3feb4f2e91fd4018e58b

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pcloak.blob.core.windows.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 4681
cf-cache-status: DYNAMIC
cf-ray: 7e3c84b37bdfbba9-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 09 Jul 2023 00:40:55 GMT
last-modified: Sat, 08 Jul 2023 23:22:53 GMT
server: cloudflare
x-amp: no
x-cache: HIT
x-device: nmobile
x-xss-protection: 1; mode=block

GET
H2 200 icon-set.ttf
mn.nytcdn.com/wp-content/themes/nytheme/dist/assets/fonts/ Frame 9F38 22 KB
22 KB 115ms
32ms Font
application/octet-stream 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mn.nytcdn.com/wp-content/themes/nytheme/dist/assets/fonts/icon-set.ttf?v=20210129

Requested by

Host: www.nefisyemektarifleri.com
URL: https://www.nefisyemektarifleri.com/etsiz-nohut-yemegi-248941/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

886a2ff3ff2a76e50d8387582d03539c71d06dbd4314cd8cc955ea08b5cf752f

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nefisyemektarifleri.com/
Origin: https://www.nefisyemektarifleri.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 00:40:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3763
alt-svc: h3=":443"; ma=86400
content-length: 22084
x-xss-protection: 1; mode=block
last-modified: Thu, 24 Mar 2022 06:41:39 GMT
server: cloudflare
etag: "623c12a3-5644"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cZS7tpbQnOuxigFINZPnQfsQqoISnL3nklbiLxhN4lX7LxzFDn4OJMo5F6UhKq5TURdTjthBJJ5UGM%2FSiJM833brT3Po%2B%2FTUhBPZIoBuM9DSjgQqB3r1xiZ7syNJVU4%2F5lJGbLnExF2vaDTS"}],"group":"cf-nel","max_age":604800}
x-varnish: 806663561 781570431
content-type: application/octet-stream
access-control-allow-origin: *
x-abc: local
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7e3c84b47ffc5b3e-FRA
x-nyt-cache: hit cached

GET
H2 200 single-recipe.css
mn.nytcdn.com/wp-content/themes/nytheme/dist/assets/css/ Frame 9F38 161 KB
28 KB 116ms
38ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mn.nytcdn.com/wp-content/themes/nytheme/dist/assets/css/single-recipe.css?1680961699

Requested by

Host: www.nefisyemektarifleri.com
URL: https://www.nefisyemektarifleri.com/etsiz-nohut-yemegi-248941/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0fd0e821ef47075614e9500f81f2077fef9be630b5a63bd40a10b7922026aed7

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 00:40:55 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5852
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 24 Mar 2023 10:00:42 GMT
server: cloudflare
etag: W/"641d74ca-28302"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KgOrPeLuI6Uj8GBeByy3WvO0oMnlq7Akd4OYT5SD5ani7yqEVWVAZ84NWg6sNk71vn65HmqB%2FjvRoIdSVNFf1hM3gHe0vyyWF7%2B4czriKA8mUSw6REVwlXMYTu%2F9lk0S3qeMNV%2FS7dybLKbu"}],"group":"cf-nel","max_age":604800}
x-varnish: 908258478 908153339
content-type: text/css
access-control-allow-origin: *
x-abc: s3
cache-control: max-age=14400
cf-ray: 7e3c84b46a3f3a57-FRA
x-nyt-cache: hit cached

GET
H2 200 single-vendor.css
mn.nytcdn.com/wp-content/themes/nytheme/dist/assets/css/ Frame 9F38 189 KB
30 KB 123ms
45ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mn.nytcdn.com/wp-content/themes/nytheme/dist/assets/css/single-vendor.css?1687242409

Requested by

Host: www.nefisyemektarifleri.com
URL: https://www.nefisyemektarifleri.com/etsiz-nohut-yemegi-248941/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38312b284a104dfa32e4ecfe73f542a66e04fb259e9bcd5e581e45bdeb677487

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 00:40:55 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2430
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 20 Jun 2023 06:26:15 GMT
server: cloudflare
etag: W/"64914687-2f326"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y%2BHKUUfBeLVT46ONGXqOXVqYZ51xJFv8z1FwFu6QbMB652pWdwKcmg73SyTJx%2FQGJCaMp57ypvCrFyfUHSACc6wN9sp51YrL%2FyCplzqFf39hWR4tsydcd7tYpax3%2FobuO788WylmcyGOA7a%2F"}],"group":"cf-nel","max_age":604800}
x-varnish: 204457102 204392002
content-type: text/css
access-control-allow-origin: *
x-abc: local
cache-control: max-age=14400
cf-ray: 7e3c84b46a403a57-FRA
x-nyt-cache: hit cached

GET
H2 200 1x1.gif
mn.nytcdn.com/wp-content/ Frame 9F38 42 B
392 B 35ms
33ms Image
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mn.nytcdn.com/wp-content/1x1.gif

Requested by

Host: www.nefisyemektarifleri.com
URL: https://www.nefisyemektarifleri.com/etsiz-nohut-yemegi-248941/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 00:40:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3378
alt-svc: h3=":443"; ma=86400
content-length: 42
x-xss-protection: 1; mode=block
last-modified: Thu, 24 Mar 2022 06:41:37 GMT
server: cloudflare
etag: "623c12a1-2a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Dao7%2FuS5DGL01iAS9glQTcr6Hn31ZtVU5bX0zaSVh1iyAmgpTv3C3zoGyw6rj6FG0b2Rc7GYTBPAugLEy7SQI81QUG230vHmsT8TR1BTjG56HYi9xFQMz0kPnIOt3zTAMlKSPFokPeCs0VY"}],"group":"cf-nel","max_age":604800}
x-varnish: 1002958177 987328424
content-type: image/gif
access-control-allow-origin: *
x-abc: s3
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7e3c84b4ba7a3a57-FRA
x-nyt-cache: hit cached

GET
H2 200 profilo-tab-logo.png
i.nefisyemektarifleri.com/2022/01/06/ Frame 9F38 4 KB
4 KB 141ms
39ms Image
image/png 31.3.2.88
MEDIANOVA-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.nefisyemektarifleri.com/2022/01/06/profilo-tab-logo.png

Requested by

Host: www.nefisyemektarifleri.com
URL: https://www.nefisyemektarifleri.com/etsiz-nohut-yemegi-248941/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

31.3.2.88 Frankfurt am Main, Germany, ASN21245 (MEDIANOVA-CDN, TR),

Reverse DNS

Software

MNCDN-236 /

Resource Hash

4621960c2ce01b405da6b6652f322bd8904f3e0d867daf7db9dd5d5ad6cc6491

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Mon, 08 Jul 2024 00:40:55 GMT
date: Sun, 09 Jul 2023 00:40:55 GMT
age: 12344
x-edge-location: DE-372
x-cache-status: Edge : HIT,
content-length: 4162
x-xss-protection: 1; mode=block
last-modified: Thu, 06 Jan 2022 13:11:21 GMT
server: MNCDN-236
x-mnrequest-id: 9785b5778b99f9323ab826528ab30569
x-varnish: 743064697 742473178
content-type: image/png
access-control-allow-origin: *
x-abc: local
cache-control: max-age=31536000
accept-ranges: bytes
x-mserver: 2216
x-nyt-cache: hit cached

GET
H2 200 etsiz-nohut-yemegi-5.jpg
i.nefisyemektarifleri.com/2022/08/31/ Frame 9F38 101 KB
102 KB 142ms
41ms Image
image/jpeg 31.3.2.88
MEDIANOVA-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.nefisyemektarifleri.com/2022/08/31/etsiz-nohut-yemegi-5.jpg

Requested by

Host: www.nefisyemektarifleri.com
URL: https://www.nefisyemektarifleri.com/etsiz-nohut-yemegi-248941/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

31.3.2.88 Frankfurt am Main, Germany, ASN21245 (MEDIANOVA-CDN, TR),

Reverse DNS

Software

MNCDN-236 /

Resource Hash

cde2d86c6323204b3e715d09b58ab41ecf370b5a10cb1d61fa76b77e0a0a75c0

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Mon, 08 Jul 2024 00:40:55 GMT
date: Sun, 09 Jul 2023 00:40:55 GMT
age: 513
x-edge-location: DE-372
x-cache-status: Edge : HIT,
x-cache: X-MISS
content-length: 103705
x-bn: default
x-xss-protection: 1; mode=block
last-modified: Wed, 31 Aug 2022 10:31:01 GMT
server: MNCDN-236
x-mnrequest-id: d6ae3c05ab576aae27989c8e0b44af73
x-varnish: 250859771, 884143075 884140396
content-type: image/jpeg
access-control-allow-origin: *
x-abc: remote
cache-control: max-age=31536000
accept-ranges: bytes
x-mserver: 2137
x-nyt-cache: hit cached

GET
H2 200 xa1555678923-751d43b96920b44a27ba4b25ad85fe3b-bpthumb.jpg
i2.nefisyemektarifleri.com/avatar/2019/04/19/3514/ Frame 9F38 4 KB
4 KB 47ms
39ms Image
image/jpeg 2606:4700:10::6814:e66f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.nefisyemektarifleri.com/avatar/2019/04/19/3514/xa1555678923-751d43b96920b44a27ba4b25ad85fe3b-bpthumb.jpg

Requested by

Host: www.nefisyemektarifleri.com
URL: https://www.nefisyemektarifleri.com/etsiz-nohut-yemegi-248941/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:e66f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0757fc98355b7ff4d0bdc506c1ef2aa69aac074686194c2e7690ffdc913035a

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 00:40:55 GMT
cf-cache-status: HIT
age: 297
cf-polished: origSize=4099, status=webp_bigger
content-length: 3656
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Fri, 19 Apr 2019 13:02:03 GMT
server: cloudflare
etag: "5cb9c6cb-1003"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-abc: s3
cache-control: max-age=31536000
x-varnish: 1018281825 985885231
accept-ranges: bytes
cf-ray: 7e3c84b4fd21bba9-FRA
x-nyt-cache: hit cached

GET
H2 200 ads.js Show response
mn.nytcdn.com/wp-content/assets/js/ Frame 9F38 24 B
386 B 38ms
37ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mn.nytcdn.com/wp-content/assets/js/ads.js

Requested by

Host: www.nefisyemektarifleri.com
URL: https://www.nefisyemektarifleri.com/etsiz-nohut-yemegi-248941/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b6ad08a66b7925e557e069b9c9fcab676f04fbc22535b7b12c0d8eca8d48803

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 00:40:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4390
alt-svc: h3=":443"; ma=86400
content-length: 24
x-xss-protection: 1; mode=block
last-modified: Thu, 24 Mar 2022 06:41:38 GMT
server: cloudflare
etag: "623c12a2-18"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BehJBJtxy3XnX3iGD4Kozjy9aw%2BgawZRp%2ByxtWJq%2FCymXd3RWX%2B4Dp%2Buf33O0PKolqBJxXiPdrTi1sjlPvKdjJySIv7vnhs97WEy6baMeG6clqp8BZ0I9yQAcd9Ms3qQ8vAcBjD60CKt9jnF"}],"group":"cf-nel","max_age":604800}
x-varnish: 553057397 526533194
content-type: application/javascript
access-control-allow-origin: *
x-abc: s3
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7e3c84b4ea9d3a57-FRA
x-nyt-cache: hit cached

GET
H2 200 outside.js Show response
static.virgul.com/theme/mockups/adcode/ Frame 9F38 75 KB
26 KB 430ms
79ms Script
application/javascript 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19547
Requested by: Host: www.nefisyemektarifleri.com
URL: https://www.nefisyemektarifleri.com/etsiz-nohut-yemegi-248941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 66413d92e3b48b21f37de7968a4c6ee6dafb956f4963d0557959a3d10db2c492

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 00:40:56 GMT
content-encoding: gzip
last-modified: Fri, 23 Jun 2023 06:55:07 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=43200

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 9F38 223 KB
74 KB 108ms
45ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MFXWLS3

Requested by

Host: www.nefisyemektarifleri.com
URL: https://www.nefisyemektarifleri.com/etsiz-nohut-yemegi-248941/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

817692600c883f0a924c19d8f23bb0497d710f6ed0b662e6eba4f8054446de12

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 00:40:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74851
x-xss-protection: 0
last-modified: Sun, 09 Jul 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 09 Jul 2023 00:40:55 GMT

GET
H2 200 olan-biten-dark.svg
c.nefisyemektarifleri.com/wp-content/themes/nytheme/dist/assets/img/svg/ Frame 9F38 949 B
552 B 50ms
41ms Image
image/svg+xml 2606:4700:10::6814:e66f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.nefisyemektarifleri.com/wp-content/themes/nytheme/dist/assets/img/svg/olan-biten-dark.svg

Requested by

Host: www.nefisyemektarifleri.com
URL: https://www.nefisyemektarifleri.com/etsiz-nohut-yemegi-248941/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:e66f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f86c74a7863cd1fa2343f0371ccbac47085bdb301f0df1785c5a4337bd044d24

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 00:40:55 GMT
content-encoding: br
cf-cache-status: HIT
age: 3014
x-xss-protection: 1; mode=block
last-modified: Thu, 24 Mar 2022 06:41:39 GMT
server: cloudflare
etag: W/"623c12a3-3b5"
vary: Accept-Encoding
x-varnish: 19305946 19860535
content-type: image/svg+xml
access-control-allow-origin: *
x-abc: local
cache-control: max-age=31536000
cf-ray: 7e3c84b50d37bba9-FRA
x-nyt-cache: hit cached

GET
H2 200 group(1).svg
c.nefisyemektarifleri.com/wp-content/themes/nytheme/dist/assets/img/svg/ Frame 9F38 4 KB
1 KB 66ms
60ms Image
image/svg+xml 2606:4700:10::6814:e66f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.nefisyemektarifleri.com/wp-content/themes/nytheme/dist/assets/img/svg/group(1).svg

Requested by

Host: www.nefisyemektarifleri.com
URL: https://www.nefisyemektarifleri.com/etsiz-nohut-yemegi-248941/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:e66f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70b9f9cb8f1feda701490e7fa560a0a2e0309ef259f9d74b301c9712e56efa56

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 00:40:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 24 Mar 2022 06:41:39 GMT
server: cloudflare
etag: W/"623c12a3-102c"
vary: Accept-Encoding
x-varnish: 19303858
content-type: image/svg+xml
access-control-allow-origin: *
x-abc: local
cache-control: max-age=31536000
cf-ray: 7e3c84b50d36bba9-FRA
x-xss-protection: 1; mode=block
x-nyt-cache: miss cached

GET
H3 200 script-notlogin.js Show response
mn.nytcdn.com/wp-content/themes/nytheme/ Frame 9F38 290 KB
89 KB 47ms
47ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mn.nytcdn.com/wp-content/themes/nytheme/script-notlogin.js?v=1687242409

Requested by

Host: www.nefisyemektarifleri.com
URL: https://www.nefisyemektarifleri.com/etsiz-nohut-yemegi-248941/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd4d8b7f56b06140ad3542041b66f635d9cbd4e0da6cc7d17a0e16d014aa2498

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 00:40:55 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5726
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 20 Jun 2023 06:26:15 GMT
server: cloudflare
etag: W/"64914687-48777"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0PEcAq%2BhZqUAfPadZ1CnW4MOvcCKxTr%2F54yH5XS5z9me5YSpnAv52p9Ut8SxIXxUurRiANGhubBFh98jTRkfVrlUHSLhuUQ9UQAQaAT9MtOqMjSWdVtg%2FdyhVOwO1iVN%2FDfhTk8ZHZJyfnyE"}],"group":"cf-nel","max_age":604800}
x-varnish: 204392005 204612307
content-type: application/javascript
access-control-allow-origin: *
x-abc: s3
cache-control: max-age=14400
cf-ray: 7e3c84b59f569bf5-FRA
x-nyt-cache: hit cached

GET
H3 200 red-iconned-v2.png
mn.nytcdn.com/wp-content/themes/nytheme/dist/assets/img/png/ Frame 9F38 6 KB
6 KB 116ms
116ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mn.nytcdn.com/wp-content/themes/nytheme/dist/assets/img/png/red-iconned-v2.png

Requested by

Host: mn.nytcdn.com
URL: https://mn.nytcdn.com/wp-content/themes/nytheme/dist/assets/css/single-vendor.css?1687242409

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a2ff6717bd218c66ffde415472bdaf58a1384725840a862a466317727eaaab1b

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mn.nytcdn.com/wp-content/themes/nytheme/dist/assets/css/single-vendor.css?1687242409
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 00:40:55 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 5986
x-xss-protection: 1; mode=block
last-modified: Thu, 24 Mar 2022 06:41:39 GMT
server: cloudflare
etag: "623c12a3-1762"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BErUN61xqlKBTlA0DsAccdKDAaHGyJhYl%2BDFvhZXBoobMrEnNVlDxDIM5W4KDTTgRITOrNnBSLKNLx0sUySG94yetUc%2FB1irqJsq2oWC%2B%2B8GUUKv2ZMqRngAIz2RXAUlikGUq5wLgEgWoaJj"}],"group":"cf-nel","max_age":604800}
x-varnish: 806638575 785362051
content-type: image/png
access-control-allow-origin: *
x-abc: s3
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7e3c84b5af789bf5-FRA
x-nyt-cache: hit cached

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 9F38 52 KB
21 KB 124ms
30ms Script
text/javascript 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFXWLS3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 08 Jul 2023 23:04:37 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 5779
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 09 Jul 2023 01:04:37 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 9F38 171 KB
47 KB 96ms
31ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x67420x0229.html?fbclid=PAAaae-SdJFaTCe2X2Rz0YQJeaF_cmcYz8_lmUJJDaLttsAGULWuQIAYEIFUc_aem_AWqMemsf4qpLbeZbkZhrgOzXLw4pKQpSKaow2V3Sax-iHPbhThvsND2Me74HsU0i7CvE1WRhY0ku0e2hAZgH8ddB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2da988427b34614d705adbf808e2e61d91f67bf147db9049e34c99b3624171e8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 09 Jul 2023 00:40:56 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 46863
x-xss-protection: 0
pragma: public
x-fb-debug: EoeQjPKw/puPm1xgn8lMGaSNn9o8Nyzp/RsLvB9xhx+I7wy0ShlAdLXUdUnVSLSDANZsjtVAgIUvHhKm/FokgQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 9F38 249 KB
84 KB 45ms
45ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-WGBDLK44E4&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFXWLS3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bd5560109b9a45496e990f32b80084072cd174105c74537f08986ad44e6ab6b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 00:40:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86362
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 09 Jul 2023 00:40:56 GMT

GET
H2 200 1877570159153553 Show response
connect.facebook.net/signals/config/ Frame 9F38 384 KB
110 KB 30ms
29ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1877570159153553?v=2.9.111&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a883e74d2f7c31294beaf47eb691d0fa07414cc3ef857e53b768960c94f23a31

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 09 Jul 2023 00:40:56 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 111683
x-xss-protection: 0
pragma: public
x-fb-debug: SacwjOTphBY2K21m2fgRpTRPR1qWXmUkT/BXpWwXfrLnuNnXTryMrww/OHdv9VS8BgNqcal+sEjU1rTzVTXytQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ Frame 9F38 74 B
448 B 111ms
45ms XHR
application/json 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.nefisyemektarifleri.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 09 Jul 2023 00:40:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.nefisyemektarifleri.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94
x-xss-protection: 0

GET
H2 200 /
www.facebook.com/tr/ Frame 9F38 0
185 B 95ms
30ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1877570159153553&ev=PageView&dl=https%3A%2F%2Fwww.nefisyemektarifleri.com%2Fetsiz-nohut-yemegi-248941%2F&rl=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&if=true&ts=1688863256266&sw=1600&sh=1200&v=2.9.111&r=stable&ec=0&o=30&cs_est=true&it=1688863256186&coo=false&rqm=GET

Requested by

Host: www.nefisyemektarifleri.com
URL: https://www.nefisyemektarifleri.com/etsiz-nohut-yemegi-248941/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 09 Jul 2023 00:40:56 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ Frame 9F38 0
31 B 95ms
31ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1877570159153553&ev=ViewContent&dl=https%3A%2F%2Fwww.nefisyemektarifleri.com%2Fetsiz-nohut-yemegi-248941%2F&rl=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&if=true&ts=1688863256267&cd[content_name]=Etsiz%20Nohut%20Yeme%C4%9Fi&cd[content_ids]=248941&cd[content_type]=recipe&cd[recipe_mainCategory]=Bakliyat%20Yemekleri&cd[recipe_subCategory]=Bakliyat%20Yemekleri&cd[recipe_claps]=27&cd[recipe_comments]=40&cd[recipe_cookDuration]=25dk&cd[recipe_cooked]=22&cd[recipe_cookType]=Ha%C5%9Flama&cd[recipe_hasVideo]=Hay%C4%B1r&cd[recipe_prepDuration]=20dk&cd[recipe_rating]=4.6&cd[recipe_saved]=10852&cd[recipe_serves]=2-4%20&cd[contributor_id]=3514&cd[contributor_followers]=50049&cd[contributor_city]=undefined&cd[contributor_recipes]=undefined&cd[user_id]=undefined&cd[user_gender]=undefined&cd[user_recipes]=undefined&cd[user_followers]=undefined&cd[user_followings]=undefined&cd[user_city]=undefined&cd[user_role]=undefined&cd[ingredients]=domates%20sal%C3%A7as%C4%B1%2Ckarabiber%2Ckuru%20so%C4%9Fan%2Cnohut%2Cpul%20biber%2Cs%C4%B1v%C4%B1%20ya%C4%9F%2Csivri%20biber%2Csu%2Ctuz&sw=1600&sh=1200&v=2.9.111&r=stable&ec=1&o=30&it=1688863256186&coo=false&rqm=GET

Requested by

Host: www.nefisyemektarifleri.com
URL: https://www.nefisyemektarifleri.com/etsiz-nohut-yemegi-248941/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 09 Jul 2023 00:40:56 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 200 publisher:getClientId Show response
ampcid.google.de/v1/ Frame 9F38 3 B
377 B 135ms
69ms XHR
application/json 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.nefisyemektarifleri.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 09 Jul 2023 00:40:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.nefisyemektarifleri.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 9F38 76 KB
26 KB 112ms
48ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19547

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04ecc5072f5817c57f5ac22537748cc4715212791d3921aa30394f8ccf2b3641

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 00:40:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26106
x-xss-protection: 0
server: cafe
etag: 861 / 19547 / m202306290101 / config-hash: 12381638052069933206
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 09 Jul 2023 00:40:56 GMT

GET
H2 200 ads.js Show response
static.virgul.com/theme/mockups/mockups/tracker/imp/collect/adview/ad/ Frame 9F38 120 B
306 B 81ms
81ms Script
application/javascript 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/mockups/tracker/imp/collect/adview/ad/ads.js
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19547
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: d9fd0aeda423bd39a36871759ef7b17dab3d51e5981cd5839103f990b8b9ef60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 00:40:56 GMT
last-modified: Wed, 21 Dec 2022 18:47:42 GMT
server: openresty/1.15.8.3
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 120

GET
H2 200 str.html Show response
static.virgul.com/theme/mockups/outside/ Frame 4932 891 B
1 KB 81ms
81ms Document
text/html 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/outside/str.html?v=2
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19547
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 2af1b8e91e1ea0f27fab2f6bac1dd1d81867b7a2a8d7cef1084fa39309e0ac6f

Request headers

Referer: https://www.nefisyemektarifleri.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=5184000
content-length: 891
content-type: text/html
date: Sun, 09 Jul 2023 00:40:56 GMT
last-modified: Wed, 28 Sep 2022 10:07:57 GMT
server: openresty/1.15.8.3

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 9F38 144 KB
48 KB 127ms
47ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19547

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ce0b11a691f08e3b088bfb617d970b6b4f80f67b5e8a17dca8681f6befbc7b3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nefisyemektarifleri.com/
Origin: https://www.nefisyemektarifleri.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 00:40:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49113
x-xss-protection: 0
server: cafe
etag: 7410194014387986921
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 09 Jul 2023 00:40:56 GMT

GET
H2 200 prebid7.38.0.js Show response
static.virgul.com/theme/mockups/outside/ Frame 9F38 489 KB
182 KB 86ms
86ms Script
application/javascript 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19547
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: cff57bb539a961e5816127eb4b662175d6a1c92917effe0f943de85c35911101

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 00:40:56 GMT
content-encoding: gzip
last-modified: Mon, 27 Mar 2023 14:56:06 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame 9F38 236 KB
58 KB 122ms
34ms Script
application/javascript 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19547
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dbc211260f3fb81e545fbebe8be8c367ebe670a585e60e1ec58524c06723ecbc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 00:35:25 GMT
content-encoding: gzip
via: 1.1 00746b020527dcdbeca0dab6f6de299a.cloudfront.net (CloudFront), 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
last-modified: Thu, 29 Jun 2023 21:03:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P6
age: 332
x-amz-server-side-encryption: AES256
etag: W/"9352f20e556bff9fea6fd0461aac850d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: PPdgbPXmuMFrUL6yZvEmFlqs0_qeKZcMzcw_I6aqvzdqb0xovadFCA==

GET
H2 200 pageview Show response
ng.virgul.com/ Frame 9F38 44 KB
7 KB 275ms
86ms Script
application/javascript 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://ng.virgul.com/pageview?c=site_geneli&mt=1688863256324&v=https%3A%2F%2Fwww.nefisyemektarifleri.com%2Fetsiz-nohut-yemegi-248941%2F%26vi%3D10710800%40&r=nefisyemektarifleri:site_geneli&userId=&tp=&os=&call=noktaad.ads.vvad&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc0,hf1,vv1,gpnyt%3D1%26video%3D1%26rec%3Dbakliyat-yemekleri%26rec_ing%3Ddomates%20sal%C3%A7as%C4%B1%40karabiber%40kuru%20so%C4%9Fan%40nohut%40pul%20biber%40s%C4%B1v%C4%B1%20ya%C4%9F%40sivri%20biber%40su%40tuz%26nyt_cat%3Dpost&info=&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&rdmt=0.6562377583980374
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19547
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 1391ee29d055d15dd90f31f08dd272387c4782515e0e2e7fc75df309fea0197d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 00:40:56 GMT
content-encoding: gzip
server: openresty/1.15.8.3
vary: Accept-Encoding
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
access-control-allow-origin: https://www.nefisyemektarifleri.com
content-type: application/javascript
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT

GET
H2 200 nefisyemektarifleri.js Show response
static.virgul.com/theme/mockups/fallback/ Frame 9F38 15 KB
3 KB 82ms
81ms Script
application/javascript 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/fallback/nefisyemektarifleri.js?dts=19547
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19547
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 3b9166033e13e81c852194510ca321d03a0f3e0f8196cc84858c874a32a0adf4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 00:40:56 GMT
content-encoding: gzip
last-modified: Tue, 20 Jun 2023 21:45:07 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000

GET
H2 200 hb Show response
ng.virgul.com/ Frame 9F38 60 KB
6 KB 269ms
85ms Script
application/javascript 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://ng.virgul.com/hb?call=noktaad.setHbParameters&site=nefisyemektarifleri&dts=469128
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19547
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 1fe8f37df09fbf7be378ea021b1fd01c63c9a2cb3f071718a56b65a8c6dac6ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 00:40:56 GMT
content-encoding: gzip
server: openresty/1.15.8.3
vary: Accept-Encoding
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
access-control-allow-origin: https://www.nefisyemektarifleri.com
content-type: application/javascript
cache-control: max-age=3600
access-control-allow-credentials: true

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/ Frame 9F38 391 KB
125 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8187dcb05ebcfc94502aeec0524c23c7d22afbafe17aff1d39acc1d59a3a52db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 19:46:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17637
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127464
x-xss-protection: 0
server: cafe
etag: 4704578582152062329
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 07 Jul 2024 19:46:59 GMT

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame 9F38 0
319 B 24ms
23ms XHR
text/plain 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.nefisyemektarifleri.com&pubid=e0a76a78-9ad1-46f2-a337-886c2e24ac91
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 20:37:15 GMT
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
age: 14620
x-cache: Hit from cloudfront
access-control-allow-origin: https://www.nefisyemektarifleri.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: B3olp_R0UcGZ1BETiLa7QoIcn69pNoHTVDdAJZqivX2mPi6vlI0JxA==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 9F38 6 KB
3 KB 60ms
18ms XHR
application/javascript 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: rBtfgJUMGYsy5fZuQwMAU7hSD.fVdF76
content-encoding: gzip
via: 1.1 def5acc189db6e2856a956225d5cd100.cloudfront.net (CloudFront)
date: Sat, 08 Jul 2023 09:09:57 GMT
x-amz-cf-pop: FRA56-P6
age: 62802
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Sat, 24 Jun 2023 09:19:11 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: HNbCYoGzwZm6lCLyoAVG350JPtNrX-On7JxZvUrQzf-600xWQxF4Ww==

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306290101/ Frame 9F38 344 KB
118 KB 92ms
49ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=www.nefisyemektarifleri.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f09380b3dad001a4769894d45e348df559c8c546b07bb11c335adf51e7e35e2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 00:40:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121033
x-xss-protection: 0
server: cafe
etag: 13281109504134075198
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 09 Jul 2023 00:40:56 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230705/r20190131/ Frame 14D2 10 KB
5 KB 69ms
21ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230705/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nefisyemektarifleri.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 39102
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 08 Jul 2023 13:49:14 GMT
etag: 12368291122986407432
expires: Sat, 22 Jul 2023 13:49:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 empowerwebplayer3.js Show response
static.virgul.com/theme/mockups/outside/ Frame 9F38 10 KB
3 KB 60ms
60ms Script
application/javascript 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/outside/empowerwebplayer3.js?v=20
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x67420x0229.html?fbclid=PAAaae-SdJFaTCe2X2Rz0YQJeaF_cmcYz8_lmUJJDaLttsAGULWuQIAYEIFUc_aem_AWqMemsf4qpLbeZbkZhrgOzXLw4pKQpSKaow2V3Sax-iHPbhThvsND2Me74HsU0i7CvE1WRhY0ku0e2hAZgH8ddB
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 3e9569df702eb478e6e7699775a0f555b64ef9e89d89a81742bc97c7803dba96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 00:40:56 GMT
content-encoding: gzip
last-modified: Tue, 13 Jun 2023 13:36:40 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000

GET
H2 200 5e73154be4b0016313fa90d5 Show response
ng2.virgul.com/ic/ Frame 0634 756 B
998 B 69ms
59ms Document
text/html 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://ng2.virgul.com/ic/5e73154be4b0016313fa90d5?g=1&t=cpc_annotation&r=154248@site_geneli@nefisyemektarifleri:site_geneli&l=&info=&mt=1688863256324&userId=vnet13e653e2-9c07-45f2-b274-9cafc9d81d31&ext=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgpnyt%3D1%26video%3D1%26rec%3Dbakliyat-yemekleri%26rec_ing%3Ddomates+sal%C3%A7as%C4%B1%40karabiber%40kuru+so%C4%9Fan%40nohut%40pul+biber%40s%C4%B1v%C4%B1+ya%C4%9F%40sivri+biber%40su%40tuz%26nyt_cat%3Dpost
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19547
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: c8781b5c61ff8a63f9f9c3a72d809585cba0dc277848ec538739649dc54b9404

Request headers

Referer: https://www.nefisyemektarifleri.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.nefisyemektarifleri.com
content-length: 756
content-type: text/html
date: Sun, 09 Jul 2023 00:40:56 GMT
expires: Tue, 04 Jan 2022 10:49:40 GMT
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
server: openresty/1.15.8.3

GET
H2 200 adview Show response
ng2.virgul.com/ Frame 0CCF 866 B
1 KB 61ms
60ms Script
application/javascript 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://ng2.virgul.com/adview?a=5e73154be4b0016313fa90d5&r=154248@site_geneli@nefisyemektarifleri:site_geneli&l=&ext=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgpnyt%3D1%26video%3D1%26rec%3Dbakliyat-yemekleri%26rec_ing%3Ddomates+sal%C3%A7as%C4%B1%40karabiber%40kuru+so%C4%9Fan%40nohut%40pul+biber%40s%C4%B1v%C4%B1+ya%C4%9F%40sivri+biber%40su%40tuz%26nyt_cat%3Dpost&info=&cs=1688863256559&mt=1688863256324&userId=vnet13e653e2-9c07-45f2-b274-9cafc9d81d31&vmn=5e73154be4b0016313fa90d5___15424862886202
Requested by: Host: www.nefisyemektarifleri.com
URL: https://www.nefisyemektarifleri.com/etsiz-nohut-yemegi-248941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: d1d2ab2b46dd1c66d08fe60b3390d4bb1f06b9e2e35576d2100c535f237cc349

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 00:40:56 GMT
server: openresty/1.15.8.3
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
access-control-allow-origin: https://www.nefisyemektarifleri.com
content-type: application/javascript
access-control-allow-credentials: true
content-length: 866
expires: Tue, 04 Jan 2022 10:49:40 GMT

GET
H2 200 5e73154be4b0016313fa90d5 Show response
ng2.virgul.com/ic/ Frame 3712 756 B
998 B 61ms
60ms Document
text/html 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://ng2.virgul.com/ic/5e73154be4b0016313fa90d5?g=1&t=cpc_annotation&r=154248@site_geneli@nefisyemektarifleri:site_geneli&l=&info=&mt=1688863256324&userId=vnet13e653e2-9c07-45f2-b274-9cafc9d81d31&ext=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgpnyt%3D1%26video%3D1%26rec%3Dbakliyat-yemekleri%26rec_ing%3Ddomates+sal%C3%A7as%C4%B1%40karabiber%40kuru+so%C4%9Fan%40nohut%40pul+biber%40s%C4%B1v%C4%B1+ya%C4%9F%40sivri+biber%40su%40tuz%26nyt_cat%3Dpost
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19547
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: c8781b5c61ff8a63f9f9c3a72d809585cba0dc277848ec538739649dc54b9404

Request headers

Referer: https://www.nefisyemektarifleri.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.nefisyemektarifleri.com
content-length: 756
content-type: text/html
date: Sun, 09 Jul 2023 00:40:56 GMT
expires: Tue, 04 Jan 2022 10:49:40 GMT
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
server: openresty/1.15.8.3

GET
H2 200 adview Show response
ng2.virgul.com/ Frame 92DF 867 B
1 KB 60ms
60ms Script
application/javascript 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://ng2.virgul.com/adview?a=5e73154be4b0016313fa90d5&r=154248@site_geneli@nefisyemektarifleri:site_geneli&l=&ext=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgpnyt%3D1%26video%3D1%26rec%3Dbakliyat-yemekleri%26rec_ing%3Ddomates+sal%C3%A7as%C4%B1%40karabiber%40kuru+so%C4%9Fan%40nohut%40pul+biber%40s%C4%B1v%C4%B1+ya%C4%9F%40sivri+biber%40su%40tuz%26nyt_cat%3Dpost&info=&cs=1688863256559&mt=1688863256324&userId=vnet13e653e2-9c07-45f2-b274-9cafc9d81d31&vmn=5e73154be4b0016313fa90d5___154248628862022
Requested by: Host: www.nefisyemektarifleri.com
URL: https://www.nefisyemektarifleri.com/etsiz-nohut-yemegi-248941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 9ef6bcec53afcb2f28701c02a39cd3e0c767b3f61c5d472611b913122f9a92ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 00:40:56 GMT
server: openresty/1.15.8.3
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
access-control-allow-origin: https://www.nefisyemektarifleri.com
content-type: application/javascript
access-control-allow-credentials: true
content-length: 867
expires: Tue, 04 Jan 2022 10:49:40 GMT

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ Frame 9F38 23 B
472 B 479ms
358ms XHR
text/javascript 108.138.9.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&pr=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&pid=RaCYW1DxkE7SM&cb=0&ws=1600x1200&v=23.612.1758&t=1200&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1455783126174-15318321728129623web_nyt_masthead%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%2C%22728x250%22%5D%2C%22sn%22%3A%22%2F21728129623%2Fweb_nyt_masthead%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1455783126174-15319321728129623web_nyt_malzemeler_yani_300x250%22%2C%22s%22%3A%5B%22300x250%22%2C%22250x250%22%2C%22200x200%22%5D%2C%22sn%22%3A%22%2F21728129623%2Fweb_nyt_malzemeler_yani_300x250%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1455783126174-15318521728129623web_nyt_right_tower%22%2C%22s%22%3A%5B%22300x600%22%2C%22160x600%22%2C%22120x600%22%2C%22300x250%22%2C%22250x250%22%5D%2C%22sn%22%3A%22%2F21728129623%2Fweb_nyt_right_tower%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1455783126174-15318421728129623web_nyt_left_tower%22%2C%22s%22%3A%5B%22300x600%22%2C%22160x600%22%2C%22120x600%22%2C%22300x250%22%2C%22250x250%22%5D%2C%22sn%22%3A%22%2F21728129623%2Fweb_nyt_left_tower%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1455783126174-15318721728129623web_nyt_sidebar_300x600%22%2C%22s%22%3A%5B%22300x600%22%2C%22160x600%22%2C%22120x600%22%2C%22300x250%22%2C%22250x250%22%5D%2C%22sn%22%3A%22%2F21728129623%2Fweb_nyt_sidebar_300x600%22%7D%5D&pubid=e0a76a78-9ad1-46f2-a337-886c2e24ac91&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.9.235 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-9-235.fra56.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 00:40:57 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 cfbb6e543d97587a32117dbabb25fc86.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-amz-rid: 1E071MFHTCPFY072G9GG
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.nefisyemektarifleri.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: M4v155zbO9ZzF0BGd6HfF1Nnvvh7qqvGNbpb9f5ztfM7LkOKOHHgdQ==

GET
H2 200 nefisyemektarifleri.js Show response
static.virgul.com/theme/mockups/sites/ Frame 9F38 37 KB
12 KB 62ms
62ms Script
application/javascript 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/sites/nefisyemektarifleri.js?dts=469128
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19547
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 7ef7148f577d4b8db5481c0c82ec42fc53e2b2d3c7f83b2662977759f58477ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 00:40:56 GMT
content-encoding: gzip
last-modified: Thu, 27 Apr 2023 09:08:15 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000

GET
H2 200 pandg-sdk.js Show response
pghub.io/js/ Frame 9F38 17 KB
5 KB 76ms
23ms Script
application/javascript 35.241.45.217
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pghub.io/js/pandg-sdk.js
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19547
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.45.217 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 217.45.241.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 27961ab8c37cddad89230364167c048c6377a80e38542a5ffbca600faf4098ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 00:23:15 GMT
content-encoding: gzip
age: 1061
x-guploader-uploadid: ADPycdtUhL9LLuzZm5Flc7U6TpxkH3TMhU9Ihb0I4ies8MvuuBlh08aLO5oHEabh4MZAhuUCgPY07flnlGwepgzlJhKy
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5009
last-modified: Mon, 05 Jun 2023 16:36:50 GMT
server: UploadServer
etag: "47a886353056caf33a998c6041e20896"
vary: Accept-Encoding
x-goog-generation: 1685983010517890
x-goog-hash: crc32c=aHj4lg==, md5=R6iGNTBWyvM6mYxgQeIIlg==
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: public,max-age=3600
x-goog-stored-content-length: 5009
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 zoneview
ng.virgul.com/ Frame 9F38 0
222 B 62ms
62ms Image
text/plain 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/zoneview?c=&mt=1688863256660&v=https%3A%2F%2Fwww.nefisyemektarifleri.com%2Fetsiz-nohut-yemegi-248941%2F%26vi%3D10710800%40&r=153183@153193@153204@153190@153201@153187@154248@154248@153202@153184@153185@153186:nefisyemektarifleri&userId=vnet13e653e2-9c07-45f2-b274-9cafc9d81d31&tp=&os=&call=&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc1,hf1,vv1,gpnyt%3D1%26video%3D1%26rec%3Dbakliyat-yemekleri%26rec_ing%3Ddomates%20sal%C3%A7as%C4%B1%40karabiber%40kuru%20so%C4%9Fan%40nohut%40pul%20biber%40s%C4%B1v%C4%B1%20ya%C4%9F%40sivri%20biber%40su%40tuz%26nyt_cat%3Dpost&info=&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&rdmt=0.09099678967986291
Requested by: Host: www.nefisyemektarifleri.com
URL: https://www.nefisyemektarifleri.com/etsiz-nohut-yemegi-248941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: https://www.nefisyemektarifleri.com
date: Sun, 09 Jul 2023 00:40:56 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 9F38 107 B
456 B 90ms
29ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.nefisyemektarifleri.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 00:40:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 9F38 80 KB
21 KB 317ms
317ms XHR
text/plain 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1674499439926752&correlator=2766362169384848&eid=31074650%2C31074947%2C31075338%2C31075340&output=ldjh&gdfp_req=1&vrg=202306290101&ptt=17&impl=fif&iu_parts=21728129623%3A21696649314%2Cweb_nyt_tarif_yapilis_sonrasi&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C615x60%7C468x60%7C600x200%7C300x250%7C250x250%7C200x200&fluid=height&ifi=2&adks=3912523020&sfv=1-0-40&eri=1&cust_params=amznbid%3D0%26amznp%3D0%26category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dnefisyemektarifleri%26mt%3D1688863256324%26pager%3D1%2540site_geneli%2540nefisyemektarifleri%253Asite_geneli%26policy%3D0%26host%3Dwww.nefisyemektarifleri.com%26url%3Dtsiz%2520nohut%2520yemegi%2520248941%2520%2526vi%253D10710800%2540%26targetCtr%3D0%26pid%3Dvnet13e653e2-9c07-45f2-b274-9cafc9d81d31%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26nyt%3D1%26video%3D1%26rec%3Dbakliyat-yemekleri%26rec_ing%3Ddomates%2520sal%25C3%25A7as%25C4%25B1%252Ckarabiber%252Ckuru%2520so%25C4%259Fan%252Cnohut%252Cpul%2520biber%252Cs%25C4%25B1v%25C4%25B1%2520ya%25C4%259F%252Csivri%2520biber%252Csu%252Ctuz%26nyt_cat%3Dpost&ppid=vnet13e653e29c0745f2b2749cafc9d81d31&sc=1&cdm=www.nefisyemektarifleri.com&abxe=1&dt=1688863256698&lmt=1688858573&dlt=1688863255648&idt=909&adxs=486&adys=3326&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=780m9innj81o&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.nefisyemektarifleri.com%2Fetsiz-nohut-yemegi-248941%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=300x0&msz=656x0&fws=388&ohw=300&ga_vid=21520935.1688863256&ga_sid=1688863257&ga_hid=2011909801&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c81a7c3306e7400025b41acefc4906eddaf2d0e9763711263785988e25a73218

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 00:40:57 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: 280300
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21440
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-mediationtag-id: 429223
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nefisyemektarifleri.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 94BF 6 KB
3 KB 100ms
29ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nefisyemektarifleri.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 09 Jul 2023 00:40:56 GMT
expires: Mon, 08 Jul 2024 00:40:56 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 5e73154be4b0016313fa90d5 Show response
ng.virgul.com/tck/imp/ Frame 0634 0
212 B 61ms
61ms Script
text/plain 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://ng.virgul.com/tck/imp/5e73154be4b0016313fa90d5?userId=vnet13e653e2-9c07-45f2-b274-9cafc9d81d31&sdr=&et=&r=154248@site_geneli@nefisyemektarifleri:site_geneli&mt=1688863256324&l=&info=&t=cpc_annotation&c=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgpnyt%3D1%26video%3D1%26rec%3Dbakliyat-yemekleri%26rec_ing%3Ddomates+sal%C3%A7as%C4%B1%40karabiber%40kuru+so%C4%9Fan%40nohut%40pul+biber%40s%C4%B1v%C4%B1+ya%C4%9F%40sivri+biber%40su%40tuz%26nyt_cat%3Dpost&os=
Requested by: Host: ng2.virgul.com
URL: https://ng2.virgul.com/ic/5e73154be4b0016313fa90d5?g=1&t=cpc_annotation&r=154248@site_geneli@nefisyemektarifleri:site_geneli&l=&info=&mt=1688863256324&userId=vnet13e653e2-9c07-45f2-b274-9cafc9d81d31&ext=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgpnyt%3D1%26video%3D1%26rec%3Dbakliyat-yemekleri%26rec_ing%3Ddomates+sal%C3%A7as%C4%B1%40karabiber%40kuru+so%C4%9Fan%40nohut%40pul+biber%40s%C4%B1v%C4%B1+ya%C4%9F%40sivri+biber%40su%40tuz%26nyt_cat%3Dpost
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ng2.virgul.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: https://ng2.virgul.com
date: Sun, 09 Jul 2023 00:40:56 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H2 200 5e73154be4b0016313fa90d5 Show response
ng.virgul.com/tck/imp/ Frame 3712 0
212 B 61ms
61ms Script
text/plain 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://ng.virgul.com/tck/imp/5e73154be4b0016313fa90d5?userId=vnet13e653e2-9c07-45f2-b274-9cafc9d81d31&sdr=&et=&r=154248@site_geneli@nefisyemektarifleri:site_geneli&mt=1688863256324&l=&info=&t=cpc_annotation&c=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgpnyt%3D1%26video%3D1%26rec%3Dbakliyat-yemekleri%26rec_ing%3Ddomates+sal%C3%A7as%C4%B1%40karabiber%40kuru+so%C4%9Fan%40nohut%40pul+biber%40s%C4%B1v%C4%B1+ya%C4%9F%40sivri+biber%40su%40tuz%26nyt_cat%3Dpost&os=
Requested by: Host: ng2.virgul.com
URL: https://ng2.virgul.com/ic/5e73154be4b0016313fa90d5?g=1&t=cpc_annotation&r=154248@site_geneli@nefisyemektarifleri:site_geneli&l=&info=&mt=1688863256324&userId=vnet13e653e2-9c07-45f2-b274-9cafc9d81d31&ext=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgpnyt%3D1%26video%3D1%26rec%3Dbakliyat-yemekleri%26rec_ing%3Ddomates+sal%C3%A7as%C4%B1%40karabiber%40kuru+so%C4%9Fan%40nohut%40pul+biber%40s%C4%B1v%C4%B1+ya%C4%9F%40sivri+biber%40su%40tuz%26nyt_cat%3Dpost
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ng2.virgul.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: https://ng2.virgul.com
date: Sun, 09 Jul 2023 00:40:56 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H2 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6EA5 603 B
218 B 77ms
76ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3279755397&plat=1%3A512%2C2%3A512%2C3%3A512%2C4%3A512%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1081856%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688863256512&bpp=4&bdt=864&idt=219&shv=r20230705&mjsv=m202306290101&ptt=9&saldr=aa&nras=1&correlator=4770005594451&frm=24&ife=1&pv=2&ga_vid=21520935.1688863256&ga_sid=1688863257&ga_hid=2011909801&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1843544316&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759837%2C44759875%2C31075643%2C44785292%2C44788442%2C44796479&oid=2&pvsid=1674499439926752&tmod=1383711997&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.w36ovlukm9ku&fsb=1&dtd=234

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=www.nefisyemektarifleri.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nefisyemektarifleri.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 09 Jul 2023 00:40:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 t.js Show response
bitbeat7.com/ Frame 0CCF 65 KB
18 KB 102ms
28ms Script
application/javascript 18.66.147.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bitbeat7.com/t.js?i=spt4ntkb5q5ru2l99px&cb=0178001688863256748
Requested by: Host: ng2.virgul.com
URL: https://ng2.virgul.com/adview?a=5e73154be4b0016313fa90d5&r=154248@site_geneli@nefisyemektarifleri:site_geneli&l=&ext=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgpnyt%3D1%26video%3D1%26rec%3Dbakliyat-yemekleri%26rec_ing%3Ddomates+sal%C3%A7as%C4%B1%40karabiber%40kuru+so%C4%9Fan%40nohut%40pul+biber%40s%C4%B1v%C4%B1+ya%C4%9F%40sivri+biber%40su%40tuz%26nyt_cat%3Dpost&info=&cs=1688863256559&mt=1688863256324&userId=vnet13e653e2-9c07-45f2-b274-9cafc9d81d31&vmn=5e73154be4b0016313fa90d5___15424862886202
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-114.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 82ee1e40c5621a84f4cd861d9d7212c7bb94ffde5bdf1bc8cb1f4e32dff9c4e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: zOoo2_h9TaVhAd990YG88tzvCQTcR.0W
content-encoding: gzip
via: 1.1 7efdfc8e9ebc26758933b0151e22707e.cloudfront.net (CloudFront)
date: Sat, 08 Jul 2023 02:02:19 GMT
last-modified: Tue, 27 Jun 2023 15:35:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 81518
x-amz-server-side-encryption: AES256
etag: W/"cd7dd170485b6d0fa6991dfd6c25d426"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: eRFg8dlFf6n6YzJ1lED5HiyDtQERnUJECuWw83LODCxCm8lztB96kA==

GET
H2 200 t.js Show response
bitbeat7.com/ Frame 92DF 65 KB
18 KB 106ms
33ms Script
application/javascript 18.66.147.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bitbeat7.com/t.js?i=spt4ntkb5q5ru2l99px&cb=5412701688863256749
Requested by: Host: ng2.virgul.com
URL: https://ng2.virgul.com/adview?a=5e73154be4b0016313fa90d5&r=154248@site_geneli@nefisyemektarifleri:site_geneli&l=&ext=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgpnyt%3D1%26video%3D1%26rec%3Dbakliyat-yemekleri%26rec_ing%3Ddomates+sal%C3%A7as%C4%B1%40karabiber%40kuru+so%C4%9Fan%40nohut%40pul+biber%40s%C4%B1v%C4%B1+ya%C4%9F%40sivri+biber%40su%40tuz%26nyt_cat%3Dpost&info=&cs=1688863256559&mt=1688863256324&userId=vnet13e653e2-9c07-45f2-b274-9cafc9d81d31&vmn=5e73154be4b0016313fa90d5___154248628862022
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-114.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 82ee1e40c5621a84f4cd861d9d7212c7bb94ffde5bdf1bc8cb1f4e32dff9c4e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: zOoo2_h9TaVhAd990YG88tzvCQTcR.0W
content-encoding: gzip
via: 1.1 7efdfc8e9ebc26758933b0151e22707e.cloudfront.net (CloudFront)
date: Sat, 08 Jul 2023 02:02:19 GMT
last-modified: Tue, 27 Jun 2023 15:35:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 81518
x-amz-server-side-encryption: AES256
etag: W/"cd7dd170485b6d0fa6991dfd6c25d426"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: _tXMokWf3GCxit8e_lR1aS1r7oVptLA2_deVOpmYekzaGcZXbrPsXw==

GET
H2 200 NoktaNpmPlayerApi.js Show response
c1.imgiz.com/player_others/html5/ Frame 9F38 7 KB
3 KB 377ms
71ms Script
application/javascript 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=19547
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/empowerwebplayer3.js?v=20
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 0b29697868cd68cfd1b5650054cc96ea755016b3242bd26469cdbd4e4f6fc18a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 00:40:57 GMT
content-encoding: gzip
last-modified: Wed, 13 Oct 2021 11:58:21 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
expires: Sun, 16 Jul 2023 00:40:57 GMT

GET
H2 200 zoneview
ng.virgul.com/ Frame 9F38 0
222 B 70ms
69ms Image
text/plain 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/zoneview?c=&mt=1688863256783&v=https%3A%2F%2Fwww.nefisyemektarifleri.com%2Fetsiz-nohut-yemegi-248941%2F%26vi%3D10710800%40&r=153995@153363:nefisyemektarifleri&userId=vnet13e653e2-9c07-45f2-b274-9cafc9d81d31&tp=&os=&call=&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc1,hf1,vv1,gpnyt%3D1%26video%3D1%26rec%3Dbakliyat-yemekleri%26rec_ing%3Ddomates%20sal%C3%A7as%C4%B1%40karabiber%40kuru%20so%C4%9Fan%40nohut%40pul%20biber%40s%C4%B1v%C4%B1%20ya%C4%9F%40sivri%20biber%40su%40tuz%26nyt_cat%3Dpost&info=&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&rdmt=0.12053732107014059
Requested by: Host: www.nefisyemektarifleri.com
URL: https://www.nefisyemektarifleri.com/etsiz-nohut-yemegi-248941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: https://www.nefisyemektarifleri.com
date: Sun, 09 Jul 2023 00:40:56 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H2 200 zoneview
ng.virgul.com/ Frame 9F38 0
222 B 70ms
69ms Image
text/plain 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/zoneview?c=&mt=1688863256784&v=https%3A%2F%2Fwww.nefisyemektarifleri.com%2Fetsiz-nohut-yemegi-248941%2F%26vi%3D10710800%40&r=155307:nefisyemektarifleri&userId=vnet13e653e2-9c07-45f2-b274-9cafc9d81d31&tp=&os=&call=&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc1,hf1,vv1,gpnyt%3D1%26video%3D1%26rec%3Dbakliyat-yemekleri%26rec_ing%3Ddomates%20sal%C3%A7as%C4%B1%40karabiber%40kuru%20so%C4%9Fan%40nohut%40pul%20biber%40s%C4%B1v%C4%B1%20ya%C4%9F%40sivri%20biber%40su%40tuz%26nyt_cat%3Dpost&info=&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&rdmt=0.0034205551870643003
Requested by: Host: www.nefisyemektarifleri.com
URL: https://www.nefisyemektarifleri.com/etsiz-nohut-yemegi-248941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: https://www.nefisyemektarifleri.com
date: Sun, 09 Jul 2023 00:40:56 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H2 200 zoneview
ng.virgul.com/ Frame 9F38 0
222 B 70ms
69ms Image
text/plain 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/zoneview?c=&mt=1688863256788&v=https%3A%2F%2Fwww.nefisyemektarifleri.com%2Fetsiz-nohut-yemegi-248941%2F%26vi%3D10710800%40&r=153218:nefisyemektarifleri&userId=vnet13e653e2-9c07-45f2-b274-9cafc9d81d31&tp=&os=&call=&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc1,hf1,vv1,gpnyt%3D1%26video%3D1%26rec%3Dbakliyat-yemekleri%26rec_ing%3Ddomates%20sal%C3%A7as%C4%B1%40karabiber%40kuru%20so%C4%9Fan%40nohut%40pul%20biber%40s%C4%B1v%C4%B1%20ya%C4%9F%40sivri%20biber%40su%40tuz%26nyt_cat%3Dpost&info=&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&rdmt=0.15500297843739919
Requested by: Host: www.nefisyemektarifleri.com
URL: https://www.nefisyemektarifleri.com/etsiz-nohut-yemegi-248941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: https://www.nefisyemektarifleri.com
date: Sun, 09 Jul 2023 00:40:56 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H2 200 zoneview
ng.virgul.com/ Frame 9F38 0
222 B 70ms
70ms Image
text/plain 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/zoneview?c=&mt=1688863256789&v=https%3A%2F%2Fwww.nefisyemektarifleri.com%2Fetsiz-nohut-yemegi-248941%2F%26vi%3D10710800%40&r=153260:nefisyemektarifleri&userId=vnet13e653e2-9c07-45f2-b274-9cafc9d81d31&tp=&os=&call=&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc1,hf1,vv1,gpnyt%3D1%26video%3D1%26rec%3Dbakliyat-yemekleri%26rec_ing%3Ddomates%20sal%C3%A7as%C4%B1%40karabiber%40kuru%20so%C4%9Fan%40nohut%40pul%20biber%40s%C4%B1v%C4%B1%20ya%C4%9F%40sivri%20biber%40su%40tuz%26nyt_cat%3Dpost&info=&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&rdmt=0.4710866659140436
Requested by: Host: www.nefisyemektarifleri.com
URL: https://www.nefisyemektarifleri.com/etsiz-nohut-yemegi-248941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: https://www.nefisyemektarifleri.com
date: Sun, 09 Jul 2023 00:40:56 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

POST
H2 200 / Show response
www.facebook.com/tr/ Frame 421D 0
58 B 24ms
23ms Document
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.nefisyemektarifleri.com
URL: https://www.nefisyemektarifleri.com/etsiz-nohut-yemegi-248941/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.nefisyemektarifleri.com
Referer: https://www.nefisyemektarifleri.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.nefisyemektarifleri.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Sun, 09 Jul 2023 00:40:56 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 tag Show response
feed.pghub.io/ Frame A224 13 B
257 B 116ms
40ms Document
text/html 34.102.243.38
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://feed.pghub.io/tag?referrer_url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&page_url=https%3A%2F%2Fwww.nefisyemektarifleri.com%2Fetsiz-nohut-yemegi-248941%2F&owner=P%26G&bp_id=noktacommedya&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js&data=%7B%22category%22%3A%22site_geneli%22%7D

Requested by

Host: pghub.io
URL: https://pghub.io/js/pandg-sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.102.243.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

38.243.102.34.bc.googleusercontent.com

Software

Resource Hash

b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628

Security Headers

Name	Value
Content-Security-Policy	default-src 'none';img-src https://*.pghub.io https://match.adsrvr.org
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.nefisyemektarifleri.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
access-control-max-age: 300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-store
content-security-policy: default-src 'none';img-src https://*.pghub.io https://match.adsrvr.org
content-type: text/html;charset=utf-8
date: Sun, 09 Jul 2023 00:40:56 GMT
strict-transport-security: max-age=31536000
via: 1.1 google

GET
H2 200 unfriendly.gif
bitbeat7.com/p/ Frame 0CCF 0
350 B 156ms
156ms Image
image/gif 18.66.147.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bitbeat7.com/p/unfriendly.gif?i=spt4ntkb5q5ru2l99px
Requested by: Host: www.nefisyemektarifleri.com
URL: https://www.nefisyemektarifleri.com/etsiz-nohut-yemegi-248941/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-114.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 00:40:57 GMT
x-amz-version-id: EE9hgHBeXFHY2gb85mUsL1p1qwyR4gS_
via: 1.1 7efdfc8e9ebc26758933b0151e22707e.cloudfront.net (CloudFront)
last-modified: Mon, 14 Feb 2022 17:22:36 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Origin
x-cache: Miss from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 0
x-amz-cf-id: Ax7QavlMl1extUwHhHZbNAsPTuDsHsM-vfINDK19LwFh-U0J14EPLw==

GET
H2 200 300x18.png
placehold.jp/24/cccccc/000000/ Frame 0CCF 2 KB
2 KB 1763ms
291ms Image
image/png 160.16.238.49

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://placehold.jp/24/cccccc/000000/300x18.png
Requested by: Host: www.nefisyemektarifleri.com
URL: https://www.nefisyemektarifleri.com/etsiz-nohut-yemegi-248941/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 160.16.238.49 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 7876391f25f26ccf3297d78d34a1922dcc16c54fcaa51e8622e90bbc6fc96e80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 00:40:58 GMT
cache-control: max-age=31536000, public
last-modified: Wed, 01 Jan 2020 00:00:00 GMT
server: Apache
age: 65007
content-length: 1772
content-type: image/png

GET
H2 200 unfriendly.gif
bitbeat7.com/p/ Frame 92DF 0
349 B 152ms
152ms Image
image/gif 18.66.147.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bitbeat7.com/p/unfriendly.gif?i=spt4ntkb5q5ru2l99px
Requested by: Host: bitbeat7.com
URL: https://bitbeat7.com/t.js?i=spt4ntkb5q5ru2l99px&cb=5412701688863256749
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-114.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 00:40:57 GMT
x-amz-version-id: EE9hgHBeXFHY2gb85mUsL1p1qwyR4gS_
via: 1.1 7efdfc8e9ebc26758933b0151e22707e.cloudfront.net (CloudFront)
last-modified: Mon, 14 Feb 2022 17:22:36 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 0
x-amz-cf-id: MjGQ0XP-wO2qfncGKF5BLPHvof6jlcKM3PsL6ANS-Av1CehzEorLCw==

GET
H2 200 300x18.png
placehold.jp/24/cccccc/000000/ Frame 92DF 2 KB
2 KB 1758ms
291ms Image
image/png 160.16.238.49

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://placehold.jp/24/cccccc/000000/300x18.png
Requested by: Host: bitbeat7.com
URL: https://bitbeat7.com/t.js?i=spt4ntkb5q5ru2l99px&cb=5412701688863256749
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 160.16.238.49 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 7876391f25f26ccf3297d78d34a1922dcc16c54fcaa51e8622e90bbc6fc96e80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 00:40:58 GMT
cache-control: max-age=31536000, public
last-modified: Wed, 01 Jan 2020 00:00:00 GMT
server: Apache
age: 65007
content-length: 1772
content-type: image/png

GET
H2 200 container.html Show response
e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0699 6 KB
3 KB 21ms
20ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nefisyemektarifleri.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 09 Jul 2023 00:40:56 GMT
expires: Mon, 08 Jul 2024 00:40:56 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 0699 8 KB
1 KB 98ms
32ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
URL: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 09 Jul 2023 00:40:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 09 Jul 2023 00:34:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 09 Jul 2023 00:40:57 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/ Frame 0699 15 KB
3 KB 89ms
22ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.css

Requested by

Host: e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
URL: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d4095ea226f3f80d6d4fc62e3737dd5107fd9d4aa4a443cac11378b102f64b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 18:51:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 107348
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2883
x-xss-protection: 0
last-modified: Wed, 17 May 2023 00:43:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Jul 2024 18:51:49 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/ Frame 0699 371 KB
127 KB 90ms
22ms Script
text/javascript 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js

Requested by

Host: e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
URL: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

464be521d749b2ba1c7e8c1f87223b56a03ee0bd05484baa0e9067ce9eb9d2be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 10:39:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 223311
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 130330
x-xss-protection: 0
last-modified: Wed, 17 May 2023 00:43:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 Jul 2024 10:39:06 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/ Frame 0699 20 KB
9 KB 88ms
23ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
URL: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 17:19:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26507
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8314
x-xss-protection: 0
server: cafe
etag: 15120507268597061312
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 22 Jul 2023 17:19:10 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 0699 24 KB
7 KB 90ms
26ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
URL: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 12:02:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 304686
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 04 Jul 2024 12:02:51 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 9F38 344 KB
119 KB 71ms
71ms Script
text/javascript 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=19547

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02e7535563110e913669c43b9233db020deb9a4b0eaff84ab9de1b55b8ad21c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 00:40:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121444
x-xss-protection: 0
expires: Sun, 09 Jul 2023 00:40:57 GMT

GET
H2 200 NoktaPlayer.js Show response
c1.imgiz.com/player_others/html5/ Frame 9F38 398 KB
128 KB 77ms
77ms Script
application/javascript 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=7/9/2023
Requested by: Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=19547
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: bea17c8870ba8dae9515993b5c55b65437f03f0e2672e1c3d3dbe7872dd74e5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 00:40:57 GMT
content-encoding: gzip
last-modified: Mon, 29 May 2023 18:51:56 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
expires: Sun, 16 Jul 2023 00:40:57 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 9F38 107 B
165 B 29ms
28ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.nefisyemektarifleri.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 00:40:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 9F38 127 KB
42 KB 454ms
453ms XHR
text/plain 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1674499439926752&correlator=3091678647078100&eid=31074650%2C31074947%2C31075338%2C31075340%2C31074825&output=ldjh&gdfp_req=1&vrg=202306290101&ptt=17&impl=fif&iu_parts=21728129623%3A21696649314%2Cweb_nyt_right_tower&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C160x600%7C120x600%7C120x240&fluid=height&ifi=3&adks=1855900369&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dnefisyemektarifleri%26mt%3D1688863256324%26pager%3D1%2540site_geneli%2540nefisyemektarifleri%253Asite_geneli%26policy%3D0%26host%3Dwww.nefisyemektarifleri.com%26url%3Dtsiz%2520nohut%2520yemegi%2520248941%2520%2526vi%253D10710800%2540%26targetCtr%3D0%26pid%3Dvnet13e653e2-9c07-45f2-b274-9cafc9d81d31%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26nyt%3D1%26video%3D1%26rec%3Dbakliyat-yemekleri%26rec_ing%3Ddomates%2520sal%25C3%25A7as%25C4%25B1%252Ckarabiber%252Ckuru%2520so%25C4%259Fan%252Cnohut%252Cpul%2520biber%252Cs%25C4%25B1v%25C4%25B1%2520ya%25C4%259F%252Csivri%2520biber%252Csu%252Ctuz%26nyt_cat%3Dpost&ppid=vnet13e653e29c0745f2b2749cafc9d81d31&sc=1&cdm=www.nefisyemektarifleri.com&abxe=1&dt=1688863257180&lmt=1688858573&dlt=1688863255648&idt=909&adxs=1300&adys=159&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=ji6usg9iqapf&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.nefisyemektarifleri.com%2Fetsiz-nohut-yemegi-248941%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=0x-1&msz=0x-1&fws=900&ohw=1600&ga_vid=21520935.1688863256&ga_sid=1688863257&ga_hid=2011909801&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3625ea6f0ae28d039eaa7d379f304d45f396f9c6bcddcb3724ffd59faa690ab2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 00:40:57 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42636
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nefisyemektarifleri.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 9F38 83 KB
23 KB 491ms
490ms XHR
text/plain 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1674499439926752&correlator=2501986943146685&eid=31074650%2C31074947%2C31075338%2C31075340%2C31074825&output=ldjh&gdfp_req=1&vrg=202306290101&ptt=17&impl=fif&iu_parts=21728129623%3A21696649314%2Cweb_nyt_sidebar_300x600&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x600%7C160x600%7C120x600%7C300x250&fluid=height&ifi=4&adks=1631017644&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dnefisyemektarifleri%26mt%3D1688863256324%26pager%3D1%2540site_geneli%2540nefisyemektarifleri%253Asite_geneli%26policy%3D0%26host%3Dwww.nefisyemektarifleri.com%26url%3Dtsiz%2520nohut%2520yemegi%2520248941%2520%2526vi%253D10710800%2540%26targetCtr%3D0%26pid%3Dvnet13e653e2-9c07-45f2-b274-9cafc9d81d31%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26nyt%3D1%26video%3D1%26rec%3Dbakliyat-yemekleri%26rec_ing%3Ddomates%2520sal%25C3%25A7as%25C4%25B1%252Ckarabiber%252Ckuru%2520so%25C4%259Fan%252Cnohut%252Cpul%2520biber%252Cs%25C4%25B1v%25C4%25B1%2520ya%25C4%259F%252Csivri%2520biber%252Csu%252Ctuz%26nyt_cat%3Dpost&ppid=vnet13e653e29c0745f2b2749cafc9d81d31&sc=1&cdm=www.nefisyemektarifleri.com&abxe=1&dt=1688863257184&lmt=1688858573&dlt=1688863255648&idt=909&adxs=972&adys=1436&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=b30np3cvoyeu&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.nefisyemektarifleri.com%2Fetsiz-nohut-yemegi-248941%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=300x600&msz=328x0&fws=388&ohw=300&ga_vid=21520935.1688863256&ga_sid=1688863257&ga_hid=2011909801&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e172c259c4e34fdaf39a013cc389a24f90d59cacdf6536f2e92a1e3a6e7eccbe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 00:40:57 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: 280300
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23303
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-mediationtag-id: 429223
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nefisyemektarifleri.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 9F38 40 KB
16 KB 517ms
516ms XHR
text/plain 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1674499439926752&correlator=4449247817469201&eid=31074650%2C31074947%2C31075338%2C31075340%2C31074825&output=ldjh&gdfp_req=1&vrg=202306290101&ptt=17&impl=fif&iu_parts=21728129623%3A21696649314%2Cweb_nyt_tarif_gorsel_en_alt_610x280&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C320x180%7C320x250%7C468x60%7C336x280%7C468x280%7C600x200%7C640x205%7C300x100%7C320x100&fluid=height&ifi=5&adks=3546791932&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dnefisyemektarifleri%26mt%3D1688863256324%26pager%3D1%2540site_geneli%2540nefisyemektarifleri%253Asite_geneli%26policy%3D0%26host%3Dwww.nefisyemektarifleri.com%26url%3Dtsiz%2520nohut%2520yemegi%2520248941%2520%2526vi%253D10710800%2540%26targetCtr%3D0%26pid%3Dvnet13e653e2-9c07-45f2-b274-9cafc9d81d31%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26nyt%3D1%26video%3D1%26rec%3Dbakliyat-yemekleri%26rec_ing%3Ddomates%2520sal%25C3%25A7as%25C4%25B1%252Ckarabiber%252Ckuru%2520so%25C4%259Fan%252Cnohut%252Cpul%2520biber%252Cs%25C4%25B1v%25C4%25B1%2520ya%25C4%259F%252Csivri%2520biber%252Csu%252Ctuz%26nyt_cat%3Dpost&ppid=vnet13e653e29c0745f2b2749cafc9d81d31&sc=1&cdm=www.nefisyemektarifleri.com&abxe=1&dt=1688863257187&lmt=1688858573&dlt=1688863255648&idt=909&adxs=486&adys=6403&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=ibwzxj4xtjmn&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.nefisyemektarifleri.com%2Fetsiz-nohut-yemegi-248941%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=621x0&msz=656x0&fws=388&ohw=641&ga_vid=21520935.1688863256&ga_sid=1688863257&ga_hid=2011909801&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

be0ea84c0a3e0441d58b3f2c4178347ef79f45543aa300b8d1006c8ea39b24db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 00:40:57 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16396
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nefisyemektarifleri.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 9F38 125 KB
40 KB 529ms
528ms XHR
text/plain 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1674499439926752&correlator=165654463734262&eid=31074650%2C31074947%2C31075338%2C31075340%2C31074825&output=ldjh&gdfp_req=1&vrg=202306290101&ptt=17&impl=fif&iu_parts=21728129623%3A21696649314%2Cweb_nyt_left_tower&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C160x600%7C120x600%7C120x240&fluid=height&ifi=6&adks=4169634498&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dnefisyemektarifleri%26mt%3D1688863256324%26pager%3D1%2540site_geneli%2540nefisyemektarifleri%253Asite_geneli%26policy%3D0%26host%3Dwww.nefisyemektarifleri.com%26url%3Dtsiz%2520nohut%2520yemegi%2520248941%2520%2526vi%253D10710800%2540%26targetCtr%3D0%26pid%3Dvnet13e653e2-9c07-45f2-b274-9cafc9d81d31%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26nyt%3D1%26video%3D1%26rec%3Dbakliyat-yemekleri%26rec_ing%3Ddomates%2520sal%25C3%25A7as%25C4%25B1%252Ckarabiber%252Ckuru%2520so%25C4%259Fan%252Cnohut%252Cpul%2520biber%252Cs%25C4%25B1v%25C4%25B1%2520ya%25C4%259F%252Csivri%2520biber%252Csu%252Ctuz%26nyt_cat%3Dpost&ppid=vnet13e653e29c0745f2b2749cafc9d81d31&sc=1&cdm=www.nefisyemektarifleri.com&abxe=1&dt=1688863257191&lmt=1688858573&dlt=1688863255648&idt=909&adxs=140&adys=159&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=jyqfywxnt2fl&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.nefisyemektarifleri.com%2Fetsiz-nohut-yemegi-248941%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=0x-1&msz=0x-1&fws=900&ohw=1600&ga_vid=21520935.1688863256&ga_sid=1688863257&ga_hid=2011909801&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f4c7f9d84c397947c6ac90a5e4f8cb251afd266e8ffa727cde8975e3b783c0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 00:40:57 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40819
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nefisyemektarifleri.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 9F38 56 KB
13 KB 369ms
368ms XHR
text/plain 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1674499439926752&correlator=8463748897484&eid=31074650%2C31074947%2C31075338%2C31075340%2C31074825&output=ldjh&gdfp_req=1&vrg=202306290101&ptt=17&impl=fif&iu_parts=21728129623%3A21696649314%2Cweb_nyt_masthead&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C970x90%7C728x250%7C728x90%7C728x50%7C600x200%7C640x205&ifi=7&adks=1581849759&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dnefisyemektarifleri%26mt%3D1688863256324%26pager%3D1%2540site_geneli%2540nefisyemektarifleri%253Asite_geneli%26policy%3D0%26host%3Dwww.nefisyemektarifleri.com%26url%3Dtsiz%2520nohut%2520yemegi%2520248941%2520%2526vi%253D10710800%2540%26targetCtr%3D0%26pid%3Dvnet13e653e2-9c07-45f2-b274-9cafc9d81d31%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26nyt%3D1%26video%3D1%26rec%3Dbakliyat-yemekleri%26rec_ing%3Ddomates%2520sal%25C3%25A7as%25C4%25B1%252Ckarabiber%252Ckuru%2520so%25C4%259Fan%252Cnohut%252Cpul%2520biber%252Cs%25C4%25B1v%25C4%25B1%2520ya%25C4%259F%252Csivri%2520biber%252Csu%252Ctuz%26nyt_cat%3Dpost&ppid=vnet13e653e29c0745f2b2749cafc9d81d31&sc=1&cdm=www.nefisyemektarifleri.com&abxe=1&dt=1688863257194&lmt=1688858573&dlt=1688863255648&idt=909&adxs=315&adys=284&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=qj51oavrqeo3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.nefisyemektarifleri.com%2Fetsiz-nohut-yemegi-248941%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=970x-1&msz=1600x-1&fws=388&ohw=1600&ga_vid=21520935.1688863256&ga_sid=1688863257&ga_hid=2011909801&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

94cd90bf2dbf4193f0c22cb7bcb64f0c5539857c403549d8ef6eef6fd058b3fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 00:40:57 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13645
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nefisyemektarifleri.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 9F38 58 KB
14 KB 503ms
502ms XHR
text/plain 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1674499439926752&correlator=1075280068336447&eid=31074650%2C31074947%2C31075338%2C31075340%2C31074825&output=ldjh&gdfp_req=1&vrg=202306290101&ptt=17&impl=fif&iu_parts=21728129623%3A21696649314%2Cweb_nyt_malzemeler_yani_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C250x250%7C200x200%7C160x160%7C300x100&fluid=height&ifi=8&adks=1562665157&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dnefisyemektarifleri%26mt%3D1688863256324%26pager%3D1%2540site_geneli%2540nefisyemektarifleri%253Asite_geneli%26policy%3D0%26host%3Dwww.nefisyemektarifleri.com%26url%3Dtsiz%2520nohut%2520yemegi%2520248941%2520%2526vi%253D10710800%2540%26targetCtr%3D0%26pid%3Dvnet13e653e2-9c07-45f2-b274-9cafc9d81d31%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26nyt%3D1%26video%3D1%26rec%3Dbakliyat-yemekleri%26rec_ing%3Ddomates%2520sal%25C3%25A7as%25C4%25B1%252Ckarabiber%252Ckuru%2520so%25C4%259Fan%252Cnohut%252Cpul%2520biber%252Cs%25C4%25B1v%25C4%25B1%2520ya%25C4%259F%252Csivri%2520biber%252Csu%252Ctuz%26nyt_cat%3Dpost&ppid=vnet13e653e29c0745f2b2749cafc9d81d31&sc=1&cdm=www.nefisyemektarifleri.com&abxe=1&dt=1688863257197&lmt=1688858573&dlt=1688863255648&idt=909&adxs=643&adys=1989&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=384mkdwb15kk&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.nefisyemektarifleri.com%2Fetsiz-nohut-yemegi-248941%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=300x-1&msz=308x-1&fws=388&ohw=300&ga_vid=21520935.1688863256&ga_sid=1688863257&ga_hid=2011909801&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5bdd101f8bf9c73d54cfae7eca6016be98e6372257ba48a7d33d1fcd27eb4825

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 00:40:57 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13836
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nefisyemektarifleri.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 0699 0
234 B 431ms
141ms Ping
image/gif 2607:f8b0:4008:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~ljupktcl&c=5045136992859&slotId=2522568496429.5&qqid=CNr2-fOxgIADFQz-dwodANwJ9Q&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4008:814::2003 Riverview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Jul 2023 00:40:57 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 0699 15 KB
16 KB 80ms
24ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 17:04:15 GMT
x-content-type-options: nosniff
age: 27402
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Jul 2024 17:04:15 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 0699 15 KB
15 KB 84ms
30ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 03:30:27 GMT
x-content-type-options: nosniff
age: 76230
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Jul 2024 03:30:27 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0699 0
20 B 58ms
58ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CvGvCGAKqZNqKL4z83wOAuKeoD_7T969czs-92OoCwI23ARABIABglYKAgMgHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQXgAgCoAwHIAwKqBLMCT9AncRy7X2mhya9eHz__Gf9TSnScGLe8a53Z53CD-k1PoavG770ttd09_P21yo-Du_a1lKRDKhzuj4UO-fdthIVQVX5bev6mS-_PCJrtUn__S7SyxSOAeweOfSjcS530Fw-PldpPQtxwzuaq8m1Cn9492erCPB8fZdEqjg7D7bBiyqRvdXnR4vUIeEy_oYCt7Mf7ry3k-MLGiAR_XmYZX9YEqETlAa0IEEv7doOy7d5heJltfvHdE3PB8Vg-quPC6L8NOcCZ4YN6qh3hlIWlSOGTtycvly81BnvnluDFQA4xVCVMZ_B6WHx7uSYMYVDmfCazn2clhAjcWW7EweUnoAXgloXHBuT4ZlEIkQS6MtPdKaWGJIG5vxA2T3cPWW2WSsaB_sYtoMdZdXEjQWoIXRNjzeAEAYAGibfA_vS0426gBiqoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTYxNDU3NjA5ODQyODMxMzP6CwIIAYAMAdAVAYAXAQ&eventType=clickstring&clientTime=1688863257247&ai=CvGvCGAKqZNqKL4z83wOAuKeoD_7T969czs-92OoCwI23ARABIABglYKAgMgHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQXgAgCoAwHIAwKqBLMCT9AncRy7X2mhya9eHz__Gf9TSnScGLe8a53Z53CD-k1PoavG770ttd09_P21yo-Du_a1lKRDKhzuj4UO-fdthIVQVX5bev6mS-_PCJrtUn__S7SyxSOAeweOfSjcS530Fw-PldpPQtxwzuaq8m1Cn9492erCPB8fZdEqjg7D7bBiyqRvdXnR4vUIeEy_oYCt7Mf7ry3k-MLGiAR_XmYZX9YEqETlAa0IEEv7doOy7d5heJltfvHdE3PB8Vg-quPC6L8NOcCZ4YN6qh3hlIWlSOGTtycvly81BnvnluDFQA4xVCVMZ_B6WHx7uSYMYVDmfCazn2clhAjcWW7EweUnoAXgloXHBuT4ZlEIkQS6MtPdKaWGJIG5vxA2T3cPWW2WSsaB_sYtoMdZdXEjQWoIXRNjzeAEAYAGibfA_vS0426gBiqoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTYxNDU3NjA5ODQyODMxMzP6CwIIAYAMAdAVAYAXAQ

Requested by

Host: e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
URL: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Jul 2023 00:40:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 0699 0
54 B 416ms
142ms Ping
image/gif 2607:f8b0:4008:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~ljupktcx&c=5045136992859&slotId=2522568496429.5&qqid=CNr2-fOxgIADFQz-dwodANwJ9Q&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.fl&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4008:814::2003 Riverview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Jul 2023 00:40:57 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 0699 31 KB
17 KB 146ms
65ms XHR
text/xml 173.194.76.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-AS5AtQ7MYjHyrT7-LDll1TA8y6T0mRDpqvpCioPNVvpjGIeAewakBxEzTepPDdzQ3yeacXQAIkqx6Fa-CkANkUaDbayA&cry=1&dbm_d=AKAmf-B7y0rbeH6Zm-UgduxyZf8uw2F-wozWBDKdBEpByko1LjFvVPepWRJfY5n6ZOzScYNj9lgJ7oHKfycyzh7qXyd_AOfzDAwxs9f8DQoRg-E6HdjwlNXvClv_oC22sFWSQUgFOnI3KNEPqiKQ8sa4koWP304RqnTeTEDaXqp5O9qZpMCMIeUOTYwWReigIxZzX49anvebYkfVvIxWQiKq8g3exCiV31kDrpaAXaDaxI_zWnGeSvCsuV241ZYFra-jV8y4ahMUz9yIW2OxWRdHdPzA_AJ32c5ht6mvQ9QfHWP8IJWSm-LsZT-TF3w0aw0gTDBRHbH8OBGoNNVLNUyTtTrd1llGsjPg-Pd2VrRsaYy8ICRVi9GhtAS4s1dXT2GCz6RU59alc9KcneK2zPnXbSuUTdscth7gG0c8nY699GMl4tiw6qfCctcqVf7NxHJ_hmhFwhGXHF2XnEAKhucEWWzROEoEFM0BhRV300s-lR4e6qlkPsXDIoEZoM_-bq7Zajz3CD1aQJy0efOQXcCg6mJmY5q4XP4sFEBQQfGmqIKMa7H9Yn1JXb7MQ8jIX2xnUfkZnH9-5gGxm1A3hyjEXJPuKOwYKnNDumLD-2QUWkwAA59eTwVxXlGCiRXeHA0Lwu3MP6_jKJiIDBDBqAF3XEX2f7TwrXNUNEx2ARNp6b6maqcLBA8Zjmv-Q7Aiz5WrYSLk169VBB7tylSjQ84PaOjQXIU4Xh4gHogTIUjGdW27g3_OgzbdNeXVvPebYWMFHnRHRRJM7xMEPrAOvxEn02rpVGnG9cPm6D6z65b1Opr8gKd8S5tqhKn_ceXRDmTb11P61jvjzlUatkruEXwrI_kWUaHenN3shY6qRwLWmByky_dsT9HZiw52g2JsNjv_C_F_bgDDPAEBJzG2jfIK44EJqR6MkC9rGGOclRqrfABJxTZ2t44H-rglE99YkRfojswdTNZlnts-HqLQbAneGOTCbWjmsLOWh875YB4_0QRv90y9E38zJ0QauMw2BH6k8FYoCzmqmwpWKxiaKq2CxnSNaBhwNCIohIWRd76Hj_5_9RPb1ACPwbVDaOo6SRtI9C7rAJ2UB4BqJx-JUqatw1wOY-HtMKQnwzYw-2C1NI4xWbf5Y7GiihAJppgheySTb96WKyYE8k2GaX_c9ZGMmTAjLQmWhYDIovP7rSB7C_m60_Xxa1G95Zjk3mUCaYLRmSblpnrDJI-b1kAo-d2COU72Fn6K8Owe_7rt6AoZ4D6qXyVv3TdbiNRyJAKwgi1EMS3uSvZ6r8a2jDQGeFKIWELdNpYZwLu8Hjb7ts97cKFplrcuvXeRw5u3Gkk3l0KY9CDlCihtgJ6gWJiJIjaKa1oEWcsjgwEnIGft1SL1StbbyJF-1HdBJ1vSuuJVXl6lbh0SDCJ2T2p_qfSmt4DkfFpLu1olD-uXSTurChbZV8dKblkAtfwAQSaa5puwZuQP7DD0UWjRJ-uwUC9zNLFtZnI6EXGfVY4mIVbsclc2igSJv8EouVUQQ-vrBBbgEGJz3bl9qulKJ7-fDrqK7TzzHEk4McHrn8lvnrkhzWWWuC65CMjSAF1PptNTUT8-2zae0VQAOStlcyOHdk5sgHQkhSt2D9fygKIt6EHIgdgzOlMREn7UF7tdl4A4F-9-qOxLugziIqLpLEu_WIV9ozdUJzRLfTdUErY4iFPPnyQSohbUWLx1xxnvGz3U2gJPTaZhEr_ij9hZE9DQIAwQ3bYeS0ggiiNFG-ubfT6x_r97e64dySAgdBnapW8OhKE_sfCcpujXMrEvGkq1mDE9CaMxb-U1Iz_iHJQqvRxhie3Ljtr6CztwYE4cSEfDe_1N1ELCaUZKY1Jg2MYocRVMxH9NETjzjBPYDlqksyHW4hAqEI67ayVV3y-0fghdDufya6nELJ3SRt66oGLgelKsGcVHqEYXti8IpzLATx3RloYBi6hNJvMwmzciIefn9xqp36dbOZhQ3UUi5E7xLV7ZVZQQBPdigRoyBZKd4gCCAt3ccjPKDm-qw55Fe-oq9-SK09oMqHhhsAyrYCM3Y-Y_N2_2twES_MEK0sCtJexWCWBbPwi7-s9lktsPSC5_PnaLg-Dg2MltLWM8ekUGWBJ5ib68XXf7Jqc2lhc4zP6v_rpb18p2h5r6_ezxV2TqxXjjql8w_CGhz8f7iSwaXBtT6hqqOCGl6OOR0VJ5RAPlRDt_ftKpX0BT_JmH3PyMRPA_OJhjl9CQhb9CrWJEtOswsGh-786FzLU-EDvkMe2Z-_ZLx_eYCYT9qrK60ds8BHf1GS5ynbORmAwDGcyTfgZ7RQtcUJTDRKiuZiMtgyVFDYnanPiqqCETfGVYiommu2dkOLgJbdDLiuTok5Gd7eDVay53lKfIxc87mFEWgqV5X2uodQu1Fv55Bsr3UQhiPgwzpJKzHW41D2i1x7Mc6bb1EBUPU4WZlJyDzZkEuiwvU2josFhVMHEbrpZPVGcueWyVnD-ehJI6HeO8Fcubbrw7G_5cxgFL9b2FYOSO18qeS7kpAds78gDo4DuZIfqmLAcK4lTtyxLHXC8B0bKFxhjMmMUdFtXijdAkZW9wuODkl6qGZzJJx66lItmp8NmMofAfNuvGIYCRHTDKuqNc8TQTwC5Bg_NQF6tShxnoMOULEsUYF4Dsh9bnr3W6xMkILsmnquuMSSVTO38X_6UjKoAYi9_p_1Wcrn6ZKlHbKdZdQti3VcU4klJvSKFjcjeWS27iJHpjoRYmhz_xNAUo20gTmYd0m55wUpDfZ_D7ABu3VE8qCBoGDyqDGEyYHIYCOdC90HTJv3T-_RyTE9VNqIHOkewUuKsdbIs8Xz3fG3A8Ki4YdcdITSxBYgT4h0azlAjLC9H5iaNVoFlQRzkrXXe4J5RSzCdWUJZ3BLnVWGW39TZWLJQTFwWTBSiNohjcKc7BibP-SyRzpMpdJOeaqhM897SQUDQyMfuyHwAu5m9ZH4VSwbr9JA8yBwFRVn6pVbVXIv759jts8p7OBDVetWkm_LbXZ5dg54cxxDZ9FIiHrJe9UCsmejUF2mPREeVnxTs60i1Hf6aV9UTsgls33f778eBvo8Y-XBFKIM_BqmfHo4wtMTNiOcVztG7CtWlKwSrM2JPLVcVRo6ZFdOHsY5OVCyzXUDA5hTfFZ2hD0ycYE2sJ3rZOkxLwpYu7fWvUqnT__F2QA5Ymsl6ThZGOsmnYDUS3dExNr_ZEe3QNK3S5cWZEL1uzJXcs17lcRCdpCkfJ5CJVAnEK7pBR6HmLEZwvRDkHG6tdlKk2crcIRq6r76Z83SRI0exkr8ppTz0L9bATvp0UfymMlLSMaVumQ36_zbeQvgsWUefI-0pWaco3FHLu8KixDdTQMaeN0s2hJqDeoCVwAbujnVWHKFecuSLU-KnlPAhL7jO_hxjsk1aB-8FIYCxF6OywYsKEBVXteo3T54fyWZtg41iqQbVr41RBzoc4UJmTktih7qJ85eSF3jqmD1lSIl8t7M7yOlK9C_ifSZdlpobXaQLWFkQKE7wZ9ALd7gx2qB5KYSvDKe7f7Wl5MGYRYgdq1TLcXmDd4-muY3nsZVPd2sEk7vqXVu3cSyvFdU04-TthEl3PcJLflmXpk8FnEQp5voJI0n7HdbAWdOMLKFgnVO5tNAc-9xyO6p9o-81T4axPqe-mJCUM7w9jWkF66CISL3o&cid=CAQSGwBygQiDHmpkc9VfkF3IWcO5bl5bFV59b6bbkhgB&pr=8%3A4BC21F4630DB6FA5&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.76.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ws-in-f156.1e100.net

Software

cafe /

Resource Hash

bb18af60192870daa88455c18c62bfcf294e61a63bd48f1a754905f39ad6c817

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 00:40:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17049
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 0699 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8f2cea2ce8e18b163bc9f8f326eebb51f4b2436a5b7afac412330bbaf0e9581c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 0699 0
0 59ms
58ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C89lUGAKqZNqKL4z83wOAuKeoD_7T969czs-92OoCwI23ARABIABglYKAgMgHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQXgAgCoAwGqBLACT9AncRy7X2mhya9eHz__Gf9TSnScGLe8a53Z53CD-k1PoavG770ttd09_P21yo-Du_a1lKRDKhzuj4UO-fdthIVQVX5bev6mS-_PCJrtUn__S7SyxSOAeweOfSjcS530Fw-PldpPQtxwzuaq8m1Cn9492erCPB8fZdEqjg7D7bBiyqRvdXnR4vUIeEy_oYCt7Mf7ry3k-MLGiAR_XmYZX9YEqETlAa0IEEv7doOy7d5heJltfvHdE3PB8Vg-quPC6L8NOcCZ4YN6qh3hlIWlSOGTtycvly81BnvnluDFQA4xVCVMZ_B6WHx7uSYMYVDmfCazn2clhAjcWW7EweUnoAXgloXHBuT4ZlEI0waaoAZGwpEtz8IEaw6Ps8AzcWS4UmYqMtiUVnlHWWn0_pk89uAEAYAGibfA_vS0426gBiqoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTYxNDU3NjA5ODQyODMxMzOACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNzk4MzY1MTI1NzgzODI4MhjqwW0&sigh=C1TrGjkgHNQ&uach_m=[UACH]&cid=CAQSLQBpAlJWYuUO3UgDkafMKVTkgOcTbySrMDffiOdRCfunMk5yxQ6zeTowPkDZFxgB&vt=10&cbvp=2&vis=1
Requested by: Host: www.nefisyemektarifleri.com
URL: https://www.nefisyemektarifleri.com/etsiz-nohut-yemegi-248941/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

POST
H2 204 csi
csi.gstatic.com/ Frame 0699 0
54 B 255ms
141ms Ping
image/gif 2607:f8b0:4008:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~ljupktdc&c=5045136992859&slotId=2522568496429.5&qqid=CNr2-fOxgIADFQz-dwodANwJ9Q&fb=outstream-lima&vast_v=3.0&vmfc=12&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4008:814::2003 Riverview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Jul 2023 00:40:57 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 0699 41 KB
15 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 17:15:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 113139
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Jul 2024 17:15:18 GMT

HEAD
H/1.1

200
OK

file.mp4
r2---sn-4g5ednsr.c.2mdn.net/videoplayback/id/f8fd2e94061f0d97/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1720399257/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 0699
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/f8fd2e94061f0d97/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1720399257/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
https://r2---sn-4g5ednsr.c.2mdn.net/videoplayback/id/f8fd2e94061f0d97/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1720399257/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

100ms
24ms

Fetch
video/mp4

2a00:1450:401e:28::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r2---sn-4g5ednsr.c.2mdn.net/videoplayback/id/f8fd2e94061f0d97/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1720399257/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/76AAA79C0BE562E47AE9304AB1B046EE6C927448.4905A3BFEFD13B0C9CABFEB849D004F357A7FE7B/key/cms1/cms_redirect/yes/mh/xb/mip/2001:1b60:2:240:3247::4/mm/42/mn/sn-4g5ednsr/ms/onc/mt/1688862767/mv/m/mvi/2/pl/29/file/file.mp4

Protocol

HTTP/1.1

Server

2a00:1450:401e:28::7 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Sun, 09 Jul 2023 00:40:57 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 2220696
Last-Modified: Fri, 07 Jul 2023 14:34:05 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Sun, 09 Jul 2023 00:40:57 GMT

Redirect headers

date: Sun, 09 Jul 2023 00:40:57 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 653
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
location: https://r2---sn-4g5ednsr.c.2mdn.net/videoplayback/id/f8fd2e94061f0d97/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1720399257/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/76AAA79C0BE562E47AE9304AB1B046EE6C927448.4905A3BFEFD13B0C9CABFEB849D004F357A7FE7B/key/cms1/cms_redirect/yes/mh/xb/mip/2001:1b60:2:240:3247::4/mm/42/mn/sn-4g5ednsr/ms/onc/mt/1688862767/mv/m/mvi/2/pl/29/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 print.css
mn.nytcdn.com/wp-content/themes/nytheme/ Frame 9F38 1 KB
1022 B 32ms
32ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mn.nytcdn.com/wp-content/themes/nytheme/print.css?1680961699

Requested by

Host: www.nefisyemektarifleri.com
URL: https://www.nefisyemektarifleri.com/etsiz-nohut-yemegi-248941/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

47d8199865dfcfbad460b752d8a5ce4b85dfdf3f46d2d1bc3ef1715909caed5e

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 00:40:57 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4560
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 24 Mar 2022 06:41:39 GMT
server: cloudflare
etag: W/"623c12a3-58e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=URItGV9Foq96yLM5g12MGCAjb%2FlQWQ5KOn65e3QfSss4qMvndwwEjhYWylWYP%2F3qu8QuXd4AKPZFzmIoC%2FRvEjLUh7vAQPYyTCCq4JeyeumFPofPwtwz8aoGsTIKEQmjnwkyThpOBUK3J2FY"}],"group":"cf-nel","max_age":604800}
x-varnish: 908092582 908289460
content-type: text/css
access-control-allow-origin: *
x-abc: s3
cache-control: max-age=14400
cf-ray: 7e3c84bf3e5e9bf5-FRA
x-nyt-cache: hit cached

GET
H3 200 wp-emoji-release.min.js Show response
mn.nytcdn.com/wp-includes/js/ Frame 9F38 18 KB
5 KB 30ms
29ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mn.nytcdn.com/wp-includes/js/wp-emoji-release.min.js?ver=6.2.2

Requested by

Host: www.nefisyemektarifleri.com
URL: https://www.nefisyemektarifleri.com/etsiz-nohut-yemegi-248941/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 00:40:57 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1429
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 18 May 2023 13:12:05 GMT
server: cloudflare
etag: W/"64662425-4904"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yygkBWjXQT4Xa05LrACmeTTCKjVbjAI9pmXkA8xDljgCdsx4z0fp1y8V8eKBfbJ1bGMTQ0v17033%2B4UUta4DVIpCxqmjgBHO0MRCV9PRrKH53ZQVJ08kadfthgY0Womp4%2BPGQQQPQ%2FlMWyq7"}],"group":"cf-nel","max_age":604800}
x-varnish: 102338829 101907530
content-type: application/javascript
access-control-allow-origin: *
x-abc: s3
cache-control: max-age=14400
cf-ray: 7e3c84bf5e6e9bf5-FRA
x-nyt-cache: hit cached

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 9F38 15 KB
12 KB 37ms
37ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202306290101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0314d7ab2bc19fbc234a2399a3c0d0d763649799ad6b166c222c6493ce1c79e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 00:40:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11735
x-xss-protection: 0

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 9F38 344 KB
119 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=19547

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02e7535563110e913669c43b9233db020deb9a4b0eaff84ab9de1b55b8ad21c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 00:40:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121444
x-xss-protection: 0
expires: Sun, 09 Jul 2023 00:40:57 GMT

GET
H2 200 NoktaPlayer.js Show response
c1.imgiz.com/player_others/html5/ Frame 9F38 398 KB
128 KB 75ms
74ms Script
application/javascript 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=7/9/2023
Requested by: Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=19547
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: bea17c8870ba8dae9515993b5c55b65437f03f0e2672e1c3d3dbe7872dd74e5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 00:40:57 GMT
content-encoding: gzip
last-modified: Mon, 29 May 2023 18:51:56 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
expires: Sun, 16 Jul 2023 00:40:57 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 391D 23 KB
8 KB 22ms
21ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 278113
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 7799
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 05 Jul 2023 19:25:44 GMT
expires: Thu, 04 Jul 2024 19:25:44 GMT
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 9F38 17 KB
6 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 00:40:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 09 Jul 2023 00:40:57 GMT

GET
H3 200 oBMhIGozJCmZhanrY2s6Nzm7GdNkvCqEaGjKud4M6yI.js Show response
pagead2.googlesyndication.com/bg/ Frame 391D 37 KB
14 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/oBMhIGozJCmZhanrY2s6Nzm7GdNkvCqEaGjKud4M6yI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a01321206a3324299985a9eb636b3a3739bb19d364bc2a846868cab9de0ceb22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 06:31:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 151767
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14631
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 06 Jul 2024 06:31:30 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012306202201000/ Frame BFDE 222 KB
61 KB 90ms
23ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012306202201000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5af185c4ee2f05f5e2f6407594cd75cb32129871c2ec0f0957be6d3129a8cf54

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 05 Jul 2023 17:10:51 GMT
age: 286206
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61909
x-xss-protection: 0
server: sffe
etag: "f919e19544cf979d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 04 Jul 2024 17:10:51 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012306202201000/v0/ Frame BFDE 15 KB
5 KB 147ms
81ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012306202201000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c52e2a15cba5be54e6986bd808f5a6aa6705b0efffd9379feb005dabdb748e32

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 06 Jul 2023 22:13:03 GMT
age: 181674
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5217
x-xss-protection: 0
server: sffe
etag: "64cbd7fca0464c6f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 05 Jul 2024 22:13:03 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012306202201000/v0/ Frame BFDE 94 KB
28 KB 138ms
72ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012306202201000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

01204747c552676cceff27ecab875807de15fc28860715608db3d368ba736b3e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 05 Jul 2023 16:18:55 GMT
age: 289322
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28896
x-xss-protection: 0
server: sffe
etag: "4dcd9a8c59f0d36a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 04 Jul 2024 16:18:55 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012306202201000/v0/ Frame BFDE 5 KB
2 KB 138ms
71ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012306202201000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52337cf2499996a25da3c2f17c8e0492c2d728c4b22bdd9b4da2089fcedac9ba

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 05 Jul 2023 16:19:04 GMT
age: 289313
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1898
x-xss-protection: 0
server: sffe
etag: "b82574a955fb50a0"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 04 Jul 2024 16:19:04 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012306202201000/v0/ Frame BFDE 40 KB
13 KB 133ms
67ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012306202201000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b17d2d0a88d045b86c025e6a7978189716ddd6776e975bb9de1ad43be17348f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 05 Jul 2023 16:18:58 GMT
age: 289319
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12958
x-xss-protection: 0
server: sffe
etag: "5e14f2792a869535"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 04 Jul 2024 16:18:58 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame BFDE 14 KB
1 KB 33ms
32ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 09 Jul 2023 00:40:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 08 Jul 2023 23:22:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 09 Jul 2023 00:40:57 GMT

GET
H3 200 tr.png
tpc.googlesyndication.com/pagead/images/abg/ Frame BFDE 3 KB
3 KB 23ms
22ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/tr.png

Requested by

Host: www.nefisyemektarifleri.com
URL: https://www.nefisyemektarifleri.com/etsiz-nohut-yemegi-248941/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e5a886321d0e00c13f7abff03ca39fd782f42997fd34bcbf4fc93718f3670cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 15:32:50 GMT
x-content-type-options: nosniff
server: cafe
age: 32887
etag: 9957912877679239782
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3057
x-xss-protection: 0
expires: Sun, 09 Jul 2023 15:32:50 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame BFDE 344 B
368 B 23ms
23ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: www.nefisyemektarifleri.com
URL: https://www.nefisyemektarifleri.com/etsiz-nohut-yemegi-248941/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 19:03:49 GMT
x-content-type-options: nosniff
server: cafe
age: 20228
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Sun, 09 Jul 2023 19:03:49 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame BFDE 0
0 93ms
32ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQKrdrNcs3LE6rg4qQ6OOJIPQeIYO2w6axaQFHa5cdqnkMtZTfWBfnFjpZ6UXWYYVFp-8F-4F-TCk_iRmZwzxTvfEADSg
Requested by: Host: www.nefisyemektarifleri.com
URL: https://www.nefisyemektarifleri.com/etsiz-nohut-yemegi-248941/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame BFDE 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 70460193365617fd3ac5ce9553db7851827830545f8e053c28c727746fff4842

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 5e25888d6f82ad050a0138d8
ng2.virgul.com/tck/imp/ Frame 9F38 0
222 B 66ms
66ms Image
text/plain 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng2.virgul.com/tck/imp/5e25888d6f82ad050a0138d8?g=1&t=gb&r=153183@site_geneli@nefisyemektarifleri:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgpnyt%3D1%26video%3D1%26rec%3Dbakliyat-yemekleri%26rec_ing%3Ddomates+sal%C3%A7as%C4%B1%40karabiber%40kuru+so%C4%9Fan%40nohut%40pul+biber%40s%C4%B1v%C4%B1+ya%C4%9F%40sivri+biber%40su%40tuz%26nyt_cat%3Dpost&info=&mt=1688863256324&userId=vnet13e653e2-9c07-45f2-b274-9cafc9d81d31
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: https://www.nefisyemektarifleri.com
date: Sun, 09 Jul 2023 00:40:57 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9235 13 KB
5 KB 23ms
21ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nefisyemektarifleri.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 17637
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 08 Jul 2023 19:47:00 GMT
expires: Sun, 07 Jul 2024 19:47:00 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame ABA8 783 B
1001 B 72ms
35ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

dd5ce63c1c040faef7b77ac6b9d94224ff31c44f2e758d6ef565bcfd378847c3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-HTk6C16D58VbEo-rgQILrQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nefisyemektarifleri.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-HTk6C16D58VbEo-rgQILrQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 09 Jul 2023 00:40:57 GMT
expires: Sun, 09 Jul 2023 00:40:57 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame BFDE 33 KB
33 KB 24ms
24ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.nefisyemektarifleri.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 04 Jul 2023 19:09:17 GMT
x-content-type-options: nosniff
age: 365500
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Jul 2024 19:09:17 GMT

GET
H3 206 file.mp4
r2---sn-4g5ednsr.c.2mdn.net/videoplayback/id/f8fd2e94061f0d97/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1720399257/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 0699 2 MB
2 MB 51ms
25ms Media
video/mp4 2a00:1450:401e:28::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:401e:28::7 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

9b279f62d8ab632481b6d6fda4c49c8b9ee7fd77988c13e4b8baa7007d37b10c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Range: bytes=0-

Response headers

expires: Sun, 09 Jul 2023 00:40:57 GMT
date: Sun, 09 Jul 2023 00:40:57 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-2220695/2220696
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 2220696
last-modified: Fri, 07 Jul 2023 14:34:05 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
client-protocol: quic

GET
H3 200 oBMhIGozJCmZhanrY2s6Nzm7GdNkvCqEaGjKud4M6yI.js Show response
pagead2.googlesyndication.com/bg/ Frame 9235 37 KB
14 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/oBMhIGozJCmZhanrY2s6Nzm7GdNkvCqEaGjKud4M6yI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a01321206a3324299985a9eb636b3a3739bb19d364bc2a846868cab9de0ceb22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 06:31:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 151767
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14631
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 06 Jul 2024 06:31:30 GMT

GET
H3 200 container.html Show response
e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0A34 6 KB
3 KB 26ms
24ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nefisyemektarifleri.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 09 Jul 2023 00:40:56 GMT
expires: Mon, 08 Jul 2024 00:40:56 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FBE7 6 KB
3 KB 24ms
24ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nefisyemektarifleri.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 09 Jul 2023 00:40:56 GMT
expires: Mon, 08 Jul 2024 00:40:56 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012306202201000/ Frame 2528 222 KB
61 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012306202201000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5af185c4ee2f05f5e2f6407594cd75cb32129871c2ec0f0957be6d3129a8cf54

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 05 Jul 2023 17:10:51 GMT
age: 286206
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61909
x-xss-protection: 0
server: sffe
etag: "f919e19544cf979d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 04 Jul 2024 17:10:51 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012306202201000/v0/ Frame 2528 15 KB
5 KB 32ms
30ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012306202201000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c52e2a15cba5be54e6986bd808f5a6aa6705b0efffd9379feb005dabdb748e32

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 06 Jul 2023 22:13:03 GMT
age: 181674
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5217
x-xss-protection: 0
server: sffe
etag: "64cbd7fca0464c6f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 05 Jul 2024 22:13:03 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012306202201000/v0/ Frame 2528 94 KB
28 KB 33ms
31ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012306202201000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

01204747c552676cceff27ecab875807de15fc28860715608db3d368ba736b3e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 05 Jul 2023 16:18:55 GMT
age: 289322
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28896
x-xss-protection: 0
server: sffe
etag: "4dcd9a8c59f0d36a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 04 Jul 2024 16:18:55 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012306202201000/v0/ Frame 2528 5 KB
2 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012306202201000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52337cf2499996a25da3c2f17c8e0492c2d728c4b22bdd9b4da2089fcedac9ba

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 05 Jul 2023 16:19:04 GMT
age: 289313
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1898
x-xss-protection: 0
server: sffe
etag: "b82574a955fb50a0"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 04 Jul 2024 16:19:04 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012306202201000/v0/ Frame 2528 40 KB
13 KB 38ms
36ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012306202201000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b17d2d0a88d045b86c025e6a7978189716ddd6776e975bb9de1ad43be17348f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 05 Jul 2023 16:18:58 GMT
age: 289319
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12958
x-xss-protection: 0
server: sffe
etag: "5e14f2792a869535"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 04 Jul 2024 16:18:58 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 2528 6 KB
706 B 35ms
34ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 09 Jul 2023 00:40:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 09 Jul 2023 00:25:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 09 Jul 2023 00:40:57 GMT

GET
H3 200 tr.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 2528 3 KB
3 KB 25ms
24ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/tr.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e5a886321d0e00c13f7abff03ca39fd782f42997fd34bcbf4fc93718f3670cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 15:32:50 GMT
x-content-type-options: nosniff
server: cafe
age: 32887
etag: 9957912877679239782
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3057
x-xss-protection: 0
expires: Sun, 09 Jul 2023 15:32:50 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 2528 344 B
368 B 25ms
24ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 19:03:49 GMT
x-content-type-options: nosniff
server: cafe
age: 20228
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Sun, 09 Jul 2023 19:03:49 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 2528 0
0 37ms
36ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS0B6xdt1Qm5JDcjy--thH9zZ96mh_UsA2US3SZXepG2VQKbga9DjVuxJ0XMwzwR8XfAE9wizM5Z4bE_LTxX56L92U90g
Requested by: Host: www.nefisyemektarifleri.com
URL: https://www.nefisyemektarifleri.com/etsiz-nohut-yemegi-248941/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 2528 0
0 68ms
67ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CJLmTGQKqZNXVEL-pjuwPkP2AqAi_-IbGcer81v7tEdDmhZ2RDhABIMCygmtglYKAgMgHoAG_n7DNKMgBCakCtmvPTG1msj7gAgCoAwHIAwqqBKoCT9DWmWlGWcWyDYx7iCo5wti1MZueIPwxQpkDAbUqm1-ANXAvRmMsghJL1Yy1rtDe9SBdLmJVs1dR0JAVPvW73hxaOn0p4-0K_Bz_JBpYt7Tc2ckZ8V6mK8GXDYiyNOjic9zJfJ8dZE5sklWBGPFL9Q1OLZhg8Uabp0I2fw95wwjiG7D4HYV30GBW0jHF1RmwIJNQPAhYlxNsYovDqzxVzhn4dRgbAtDxAhTQ6LDMdYcihxffg7s8OIBPLBUNVGxveUyW0E5leWCqPsn_PsfTaO-hX_w7WbQksgWfGUUKZm9f-wqXxhUh8kiqrNq8EwlKZ7qOZx56aVkDwcdkmRsIkpp2IycnRZmLj74N9NJglA8bnJNejECg8TGbH68be2YT9ayW20cRzur3NsAEodPp1JsE4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB7_XgK0DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQmZAB0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNjE0NTc2MDk4NDI4MzEzM4AKA8gLAbgT5APYEwzQFQGYFgGAFwGyFx4KHAgAEhRwdWItNjU5MzUyMzIxMDAxMDE1NBjqwW0&sigh=Z2t5PgR1Pig&uach_m=[UACH]&cid=CAQSOwBpAlJWo8obbOZ-qAvrpimygF0LCbN11-kQy369wtpbBDoxp5yo_nJDrK2tHiYqNQRO-5YAG4EE5j6LGAE&template_id=484
Requested by: Host: www.nefisyemektarifleri.com
URL: https://www.nefisyemektarifleri.com/etsiz-nohut-yemegi-248941/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/9566760328412470139/ Frame 2528 13 KB
13 KB 25ms
24ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9566760328412470139/14763004658117789537?w=400&h=209

Requested by

Host: www.nefisyemektarifleri.com
URL: https://www.nefisyemektarifleri.com/etsiz-nohut-yemegi-248941/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce1f77892412721157337d3b66628b2defbed37fdc1cac935fda4155e34b9417

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 13:12:52 GMT
x-content-type-options: nosniff
age: 300485
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12832
x-xss-protection: 0
last-modified: Wed, 28 Jun 2023 12:38:35 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 04 Jul 2024 13:12:52 GMT

GET
DATA 200
OK truncated
/ Frame 2528 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 2528 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6053f47d2a9ed62ddef49dd170fcee1577cc6ccddf30f9875b55fa239a8f0483

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 bridge3.579.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 1E02 711 KB
227 KB 26ms
26ms Document
text/html 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.579.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06a4f350efd2f7070d82b804276d816dee436bc13c2d5cdd33960892090dbd17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nefisyemektarifleri.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 230507
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 232615
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 08:39:10 GMT
expires: Fri, 05 Jul 2024 08:39:10 GMT
last-modified: Wed, 05 Jul 2023 14:52:34 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 9F38 44 KB
17 KB 123ms
34ms Script
text/javascript 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 00:40:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 09 Jul 2023 00:40:57 GMT

POST
H/1.1 200
OK 10710800 Show response
panel.izlesene.com/api/player/npm_nefisyemektarifleri/ Frame 9F38 1 KB
1 KB 484ms
119ms XHR
application/json 185.7.176.4
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://panel.izlesene.com/api/player/npm_nefisyemektarifleri/10710800
Requested by: Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=7/9/2023
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.7.176.4 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: nginx/1.4.4 /
Resource Hash: ba1467a1a64c9c26660dfbe269f639545fec5ee6da13770ba5a1224178cb92b2

Request headers

Referer: https://www.nefisyemektarifleri.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Sun, 09 Jul 2023 00:40:58 GMT
Content-Encoding: gzip
Server: nginx/1.4.4
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Connection: keep-alive
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3 200 nyt-logo-duo-200.png
mn.nytcdn.com/wp-content/assets/img/ Frame 9F38 3 KB
4 KB 64ms
62ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mn.nytcdn.com/wp-content/assets/img/nyt-logo-duo-200.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3002e63c4d3d76bb53d4618f047d2c0a50b692602ea8d6f19ef19bd1dfade34

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 00:40:57 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 3269
x-xss-protection: 1; mode=block
last-modified: Thu, 24 Mar 2022 06:41:37 GMT
server: cloudflare
etag: "623c12a1-cc5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7uqcm%2B4i%2FjmyGTpQzBce3Ee5TJXjrbjgdhbmCL%2FKr3dwhNKYilKOlTCG0DYFpeZDelo6Zka2u%2FSTm%2BXeurXNxL%2FnZmppjHMn2o6x0DZjqMTsKs0UTzeRzMC444b%2Bb6tbX13xdzoHVDLY3YiJ"}],"group":"cf-nel","max_age":604800}
x-varnish: 806639393 797977566
content-type: image/png
access-control-allow-origin: *
x-abc: local
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7e3c84c13fda9bf5-FRA
x-nyt-cache: hit cached

GET
H3 200 container.html Show response
e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 544D 6 KB
3 KB 24ms
23ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nefisyemektarifleri.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 09 Jul 2023 00:40:56 GMT
expires: Mon, 08 Jul 2024 00:40:56 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5FBD 6 KB
3 KB 23ms
22ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nefisyemektarifleri.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 09 Jul 2023 00:40:56 GMT
expires: Mon, 08 Jul 2024 00:40:56 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/ Frame 0A34 2 KB
892 B 27ms
26ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
URL: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 17:19:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26516
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 22 Jul 2023 17:19:01 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230705/r20110914/ Frame 0A34 23 KB
9 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230705/r20110914/abg_lite_fy2021.js

Requested by

Host: e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
URL: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 17:18:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26520
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9104
x-xss-protection: 0
server: cafe
etag: 12939045362079141464
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 22 Jul 2023 17:18:57 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/ Frame 0A34 3 KB
1 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/window_focus_fy2021.js

Requested by

Host: e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
URL: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 19:47:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17637
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 22 Jul 2023 19:47:00 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame AB46 1 KB
643 B 27ms
27ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
URL: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 28101
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 08 Jul 2023 16:52:36 GMT
etag: 48472445140208031
expires: Sun, 09 Jul 2023 16:52:36 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/ Frame 0A34 20 KB
8 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
URL: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 17:19:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26507
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8314
x-xss-protection: 0
server: cafe
etag: 15120507268597061312
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 22 Jul 2023 17:19:10 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 0A34 0
0 34ms
33ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQwTgra05CHMUSh5d1TRYOXusqM92BENilEQMKliWTg8CTrTj6gnFVzTFQ7kFi2LIEC-f_5AVdSW1KyWIT4_SZGQcBx-Q
Requested by: Host: e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
URL: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0A34 179 KB
57 KB 516ms
445ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
URL: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bf958c032ce083c26ae980ed92d0360c971e87c183d6bd988e770fc172786c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 00:40:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57266
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1688579601580341"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 09 Jul 2023 00:40:58 GMT

GET
H2 200 5f03bef6f00b7a8cf9d43233a2aa7e67.js Show response
www.gstatic.com/mysidia/ Frame 0A34 33 KB
14 KB 85ms
24ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5f03bef6f00b7a8cf9d43233a2aa7e67.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
URL: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a5fa3073b94aa8259d04802566504c897fd640610ea9f36654cfacc615f325e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 19:38:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 190967
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14183
x-xss-protection: 0
last-modified: Thu, 29 Jun 2023 19:09:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 04 Oct 2023 19:38:10 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame FBE7 8 KB
750 B 33ms
33ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
URL: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 09 Jul 2023 00:40:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 08 Jul 2023 23:35:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 09 Jul 2023 00:40:57 GMT

GET
H3 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/ Frame FBE7 15 KB
3 KB 25ms
25ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.css

Requested by

Host: e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
URL: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d4095ea226f3f80d6d4fc62e3737dd5107fd9d4aa4a443cac11378b102f64b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 18:51:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 107348
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2883
x-xss-protection: 0
last-modified: Wed, 17 May 2023 00:43:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Jul 2024 18:51:49 GMT

GET
H3 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/ Frame FBE7 371 KB
127 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js

Requested by

Host: e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
URL: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

464be521d749b2ba1c7e8c1f87223b56a03ee0bd05484baa0e9067ce9eb9d2be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 10:39:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 223311
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 130330
x-xss-protection: 0
last-modified: Wed, 17 May 2023 00:43:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 Jul 2024 10:39:06 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/ Frame FBE7 20 KB
8 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
URL: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 17:19:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26507
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8314
x-xss-protection: 0
server: cafe
etag: 15120507268597061312
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 22 Jul 2023 17:19:10 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame FBE7 0
0 33ms
32ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRrnQKYqUR0y7L1WfiPonCJcAQy8PFAHFSer9QAGw6-IyeEuFJVozWHMUQ-K91XWlprdLcoMxf7uy8aH34lutjUyEdaWg
Requested by: Host: e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
URL: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame FBE7 24 KB
6 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
URL: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 12:02:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 304686
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 04 Jul 2024 12:02:51 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 0A34 35 KB
36 KB 121ms
51ms Image
image/jpeg 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcT5QYNTelEdx4UI6hoNNaivPZuZRS3Z-aHhyYwM-ZcaphuOdW3W_JeTiAqFgsg&usqp=CAI

Requested by

Host: e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
URL: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3cdd75780a94938ccfcb51bfae2c4a6d208bdd4c0678ba656b5e0ac7f34ac1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 18:27:17 GMT
x-content-type-options: nosniff
age: 195221
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36230
x-xss-protection: 0
last-modified: Thu, 26 Jan 2023 10:10:16 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 05 Jul 2024 18:27:17 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 0A34 35 KB
36 KB 143ms
73ms Image
image/jpeg 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcR2PrBlp1VI-BVRLiuE_hijFvyrJIETL83gIMdyxUJqUJ4kwIIw7PNJnVBCGQ&usqp=CAI

Requested by

Host: e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
URL: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1247b5c869ddd4b96f796ad1180bc1198a6faef5abf4f20d610963e5d9eb99d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 02:02:12 GMT
x-content-type-options: nosniff
age: 81526
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36267
x-xss-protection: 0
last-modified: Tue, 24 Jan 2023 04:22:59 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 07 Jul 2024 02:02:12 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 0A34 33 KB
33 KB 94ms
24ms Image
image/jpeg 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcTnakfl1kEW4jtSYucmyFfP64EEHtSyV8L8oAHrpXIPicl90QPa4bOFElk_o1w&usqp=CAI

Requested by

Host: e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
URL: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27897bc609e2bcb7e25d7114b3f1ec7bc2466209f9dbd2587eed662acdd70cac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 15:32:28 GMT
x-content-type-options: nosniff
age: 32910
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33722
x-xss-protection: 0
last-modified: Wed, 18 Jan 2023 07:31:22 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 07 Jul 2024 15:32:28 GMT

GET
H3

200

4339031254341182387
tpc.googlesyndication.com/simgad/ Frame 0A34
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDbhv_nVhCkBhjJATIIT-U8H3K8tRU
https://tpc.googlesyndication.com/simgad/4339031254341182387

26 KB
26 KB

30ms
30ms

Image
image/png

2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4339031254341182387

Requested by

Host: e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
URL: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f99bc745cc2417fc3b9fa7813042d516d77385fdbf5e95ef870f2c1afcec9b6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 04:15:59 GMT
x-content-type-options: nosniff
age: 591899
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26440
x-xss-protection: 0
last-modified: Fri, 17 May 2019 07:40:53 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 01 Jul 2024 04:15:59 GMT

Redirect headers

date: Sat, 08 Jul 2023 18:55:32 GMT
x-content-type-options: nosniff
server: cafe
age: 20725
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/4339031254341182387
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 07 Aug 2023 18:55:32 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2528 15 KB
16 KB 23ms
22ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.nefisyemektarifleri.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 17:04:15 GMT
x-content-type-options: nosniff
age: 27402
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Jul 2024 17:04:15 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2528 15 KB
15 KB 24ms
24ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.nefisyemektarifleri.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 15:24:53 GMT
x-content-type-options: nosniff
age: 33364
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Jul 2024 15:24:53 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame ABA8 0
0 59ms
58ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202306290101&jk=1674499439926752&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame BFDE
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

36ms
36ms

Image
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.nefisyemektarifleri.com
URL: https://www.nefisyemektarifleri.com/etsiz-nohut-yemegi-248941/
Protocol: H3
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Redirect headers

date: Sun, 09 Jul 2023 00:40:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 creative_add_on.js Show response
cti.w55c.net/ct/ Frame 544D 5 KB
2 KB 130ms
28ms Script
application/javascript 2600:9000:2251:6800:3:4706:a6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cti.w55c.net/ct/creative_add_on.js?w=300&h=250&zindex=0&ci=Xmwo1n97Q8&ei=GOOGLE&ob=0&ai=0DaDXCcU00&epid=R0wxNTIyMg&fiu=WG1FS1o4a2t0eA&s=https%3A%2F%2Fwww.nefisyemektarifleri.com%2Fetsiz-nohut-yemegi-248941&ciu=XRzTeTi6gk&btid=N0RCRDUwMkVENUQ3MUY5Mjg4RERDMUJFMEU2REI4QTV8R0ZBODQ3VlBIbnwxNjg4ODYzMjU3MzkwfDF8WG1FS1o4a2t0eHxYUnpUZVRpNmdrfC0xODI5MTcxNDk3X0VYfDE2NzMwfHx8fC4wUHxVU0Q&c=DE&dt=2dt0005&sd=nefisyemektarifleri.com&cip=1&hmt=1&uidu=CAESECkgz_uwSlieYE65Yln6pS8&spidu=GOOGLE&pidu=15222&hmpvu=93316644-050e-40a3-9c9f-adce697df8d7&hmtsu=3&odtu=2&mtfu=1&crdmu=300x250&cridu=XRzTeTi6gk&

Requested by

Host: e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
URL: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2251:6800:3:4706:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e8090651b52c256938df2fb0582f24521fe0476939aab81d01b7f31a7ac75beb

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: 0IYa12QvFdrNK.CC2JhaeEJAYjkhUjCe
content-encoding: br
via: 1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
date: Wed, 05 Jul 2023 23:00:36 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-amz-cf-pop: FRA60-P3
age: 265223
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 17 Sep 2021 21:17:39 GMT
server: AmazonS3
etag: W/"a6c8a5bdec77729759b220b95bf503f9"
vary: Accept-Encoding
content-type: application/javascript
cache-control: must-revalidate
x-amz-cf-id: -o0M-08Z597UioSJmmIOHC_norUmALS6Wqxub5KGwLp44yptKlYgrg==

GET
H2 200 XassetkFJs3ny4.png
ads.w55c.net/t/d/ Frame 544D 38 KB
39 KB 126ms
33ms Image
image/png 2600:9000:2491:9000:1b:f040:3600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.w55c.net/t/d/XassetkFJs3ny4.png?at=0&rtbhost=conf01-europe-west1.rtb.roku.com&btid=N0RCRDUwMkVENUQ3MUY5Mjg4RERDMUJFMEU2REI4QTV8R0ZBODQ3VlBIbnwxNjg4ODYzMjU3MzkwfDF8WG1FS1o4a2t0eHxYUnpUZVRpNmdrfC0xODI5MTcxNDk3X0VYfDE2NzMwfHx8fC4wUHxVU0Q&ei=GOOGLE&ac=WFM2YVdYQTl2bjpYU1pHTkNKTWpzfDB8MHxFVVI7&js=0&ob=0&ccw=SUFCMjQjMS4w&ci=Xmwo1n97Q8&psid=NTkzOTA4MTEyNTc&s=https%3A%2F%2Fwww.nefisyemektarifleri.com%2Fetsiz-nohut-yemegi-248941&ts=1688863257393&c=DE&r=TH&m=0&pc=06577&epid=R0wxNTIyMg&mi=d2Vi&wp_exchange=NWP
Requested by: Host: e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
URL: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:9000:1b:f040:3600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4d77fe1a9555985d6d3981209d00dbe2d28208cb42917322b57ec2f73b6e075b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: SLHuFXuOnpUf03k5jtH8203t4E1wMpAt
date: Sat, 08 Jul 2023 07:25:28 GMT
via: 1.1 f3d57c6f1e03e389abd50b7f7535cee4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 62139
x-amz-server-side-encryption: AES256
x-amz-meta-width: 300
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-amz-meta-filesize: 38935
x-amz-meta-height: 250
content-length: 38935
last-modified: Thu, 15 Jun 2023 15:29:43 GMT
server: AmazonS3
etag: "b29dd6c8e5bad4c52ce4a5727083404e"
vary: Accept-Encoding
content-type: image/png
accept-ranges: bytes
x-amz-cf-id: MYMvVzdS2hVYUmnEfoiZGBAuYCaFOE5Ir9frqe8ywK1JgQS1SFHW2Q==

GET
H/1.1 200
OK pixel.php
t.hspvst.com/ Frame 544D 95 B
920 B 288ms
64ms Image
image/png 154.58.197.185
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.hspvst.com/pixel.php?id=2677&t=P&cb=4737955162650563
Requested by: Host: e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
URL: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 154.58.197.185 , Indonesia, ASN174 (COGENT-174, US),
Reverse DNS: staticip-hv4m185.hispavista.com
Software: Apache / PHP/5.4.45-1~dotdeb+7.1
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Sun, 09 Jul 2023 00:40:58 GMT
Server: Apache
X-Powered-By: PHP/5.4.45-1~dotdeb+7.1
Transfer-Encoding: chunked
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Content-Type: image/png
Cache-Control: max-age=315360000
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Keep-Alive: timeout=3, max=1000
Expires: Wed, 06 Jul 2033 00:40:58 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/ Frame 544D 3 KB
1 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/window_focus_fy2021.js

Requested by

Host: e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
URL: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 19:47:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17638
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 22 Jul 2023 19:47:00 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/ Frame 544D 20 KB
8 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
URL: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 17:19:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26508
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8314
x-xss-protection: 0
server: cafe
etag: 15120507268597061312
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 22 Jul 2023 17:19:10 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 544D 0
0 32ms
32ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTIr6roabvBgjALl94XzQdjA9clTFMe61qUemQnLot0Imjn5VrOmxN0YjPhVCxJ5-1TmUNk4x2OJ19B--xXv2OZTZ3_4w
Requested by: Host: e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
URL: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 544D 24 KB
6 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
URL: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 12:02:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 304687
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 04 Jul 2024 12:02:51 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 544D 179 KB
56 KB 397ms
397ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
URL: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bf958c032ce083c26ae980ed92d0360c971e87c183d6bd988e770fc172786c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 00:40:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57266
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1688579601580341"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 09 Jul 2023 00:40:58 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 5FBD 4 KB
632 B 34ms
33ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Requested by

Host: e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
URL: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4681d619f677c1b314814309a6f00a5e0ec3f12968e807ee71def1cf42bd7808

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 09 Jul 2023 00:40:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 08 Jul 2023 23:25:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 09 Jul 2023 00:40:58 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/ Frame 5FBD 2 KB
898 B 25ms
25ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
URL: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 17:19:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26517
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 22 Jul 2023 17:19:01 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230705/r20110914/ Frame 5FBD 23 KB
9 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230705/r20110914/abg_lite_fy2021.js

Requested by

Host: e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
URL: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 17:18:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26521
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9104
x-xss-protection: 0
server: cafe
etag: 12939045362079141464
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 22 Jul 2023 17:18:57 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/ Frame 5FBD 3 KB
1 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/window_focus_fy2021.js

Requested by

Host: e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
URL: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 19:47:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17638
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 22 Jul 2023 19:47:00 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 1C5C 1 KB
643 B 28ms
28ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
URL: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 28102
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 08 Jul 2023 16:52:36 GMT
etag: 48472445140208031
expires: Sun, 09 Jul 2023 16:52:36 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/ Frame 5FBD 20 KB
8 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
URL: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 17:19:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26508
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8314
x-xss-protection: 0
server: cafe
etag: 15120507268597061312
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 22 Jul 2023 17:19:10 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 5FBD 0
0 35ms
34ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT9IZv1j1ZIwjudMCuvULKyBWebRjEP3hYT3Cu6ZcBFBltRYxhUnyrv4xQ8mldbbkdkPxtx1Sn6G-R6aztmLxAiOp7jWA
Requested by: Host: e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
URL: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5FBD 179 KB
56 KB 381ms
380ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
URL: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bf958c032ce083c26ae980ed92d0360c971e87c183d6bd988e770fc172786c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 00:40:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57266
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1688579601580341"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 09 Jul 2023 00:40:58 GMT

GET
H2 200 2a76cf1338a212cd33ad52adb05195b7.js Show response
www.gstatic.com/mysidia/ Frame 5FBD 33 KB
14 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/2a76cf1338a212cd33ad52adb05195b7.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
URL: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ac22a80a1517c4b3751f554c5ea17e9906473d3fff568baa668e37588ba753d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 23:00:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 178858
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14183
x-xss-protection: 0
last-modified: Thu, 06 Jul 2023 22:47:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 04 Oct 2023 23:00:00 GMT

GET
H3 200 7847500916456011622
tpc.googlesyndication.com/gpa_images/simgad/ Frame 5FBD 101 KB
101 KB 29ms
29ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/gpa_images/simgad/7847500916456011622

Requested by

Host: e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
URL: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb90e7e62356f01c39599caf410f7a3da61beabc98f984fe1c73cd54b64566f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 04 Jul 2023 19:27:19 GMT
x-content-type-options: nosniff
age: 364419
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 103651
x-xss-protection: 0
last-modified: Sun, 30 Apr 2023 22:14:35 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 03 Jul 2024 19:27:19 GMT

GET
H3 200 6878694237294738737
tpc.googlesyndication.com/gpa_images/simgad/ Frame 5FBD 83 KB
83 KB 38ms
38ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/gpa_images/simgad/6878694237294738737

Requested by

Host: e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
URL: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bcd3ea17cbf6c1c1e8b723ac4013c9f23c5ec57085b27a38b3ac59f401890591

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 17:54:12 GMT
x-content-type-options: nosniff
age: 110806
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 84958
x-xss-protection: 0
last-modified: Sun, 30 Apr 2023 21:23:18 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 06 Jul 2024 17:54:12 GMT

GET
H3 200 13149059963749450903
tpc.googlesyndication.com/daca_images/simgad/ Frame 5FBD 21 KB
21 KB 44ms
43ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/13149059963749450903

Requested by

Host: e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
URL: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b9df9c8837f7ec64225d7a66e9fb9dee225d35004d57a7da1472fc1adb7a7f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 13:00:43 GMT
x-content-type-options: nosniff
age: 42015
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21184
x-xss-protection: 0
last-modified: Mon, 26 Jun 2017 02:20:34 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 07 Jul 2024 13:00:43 GMT

GET
H3

200

624907996767536446
tpc.googlesyndication.com/simgad/ Frame 5FBD
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr3ZqF_gEQgAgYgAgyCFFyRh2Ouq9r
https://tpc.googlesyndication.com/simgad/624907996767536446

8 KB
8 KB

26ms
26ms

Image
image/png

2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/624907996767536446

Requested by

Host: e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
URL: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

484ec1c347c17d7d3b98d5058aa5d90bb5c7315f3a67f44611e902de4be50831

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 20:07:59 GMT
x-content-type-options: nosniff
age: 16379
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8502
x-xss-protection: 0
last-modified: Tue, 09 Apr 2019 09:00:52 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 07 Jul 2024 20:07:59 GMT

Redirect headers

date: Sat, 08 Jul 2023 04:44:48 GMT
x-content-type-options: nosniff
server: cafe
age: 71770
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/624907996767536446
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 07 Aug 2023 04:44:48 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 391D 0
20 B 65ms
64ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=B9h68GQKqZODuFprKbffIvpAHAAAAADgB4AQC&bg=!w8ClwJTNAAb90kgr3dI7ADkAdvg8WkOGFe8-5N1m22QMrVJNSoB4IerQuaFVeNkE7dmR8PmzC9eD7PSBWrVkVagFH4PBkk-1CpECAAABllIAAAANaAEHmQMfKoofp7-ek-x_Q8YrE3GiYFBmlqtrzhl50td5w9Vg15-bssWOL3RfHFZKo8FqzJxP7k3X9TlM0cFOBtc_sQ6pBRu053mqiUQDbA61taVD3mndilCxEs6ULkvEpKjqPjFFNC2nevaMzQA722LA9nE-zqk18iYZP0DX29cfCsFrWRZ08kC_eQLpM3_bR1jzt4ZEMhW0GsOKNMvaz1RdwF1ots6QxHms54zB6YazJKQB6DmAFqnzRG_c3RZ9JqipswKZcVwPozz5zt3PmSFggzDug-9D9dBDY9c3mlDva3sk-B2lHn6bKZgajFdVbd_S5ivVZ8fAwd4y-o-QZUlMTOKWZ2R7cHexCkV2Ay-KybT49HvSV_AL3TJHkHZaTXFxjDDe0pzghuWWrmiF5i2CvLD7UPYRyxRM3c6yP9es3huW6aWbreYNnsO6aexTvqVXl38xNB2bEiDKU69qSnVocBzv0OmDiOtXHRetPVtoQlPmRXvx9c78g5TxNRCoUDzrxXi_eNwkJWpYwrMpAc8L5FYPH6ICLQqY3DgdCcERUpm_WBFCykt2X_4bzyyjSIIPxAH00en1pd3YM2Om-Ar5vaFvCObqGJbUBblMkpGZUpgrM6grFXsiFcnfLnJKQIe67b3PZRXELRBwoYxlhSiUVAAq90XGFEj56VZ19gzIIj-uvZNv0cTk4JhJOAqYtRCnTAzINqWK_pjkoFwtPKsoaimnUUF_eOLqHdHF9v9RneL-Sw9LRLml-0TEjPGAvyjvlmZbppnK2rnaNf_kfAt0dmrLVYUTNb-AM9d7JFSG_tvwaj-FVBgvL5LbJQ4JyRcEpsr93ZJLW-us1Nb6U4Fr-X_IN7Et0PG-u_v_uQtlAOXPjly54TU7W6G1eUQLl_O3BRQ0MoovhaEqEhZxjFgHNbg6HXJbOCg96ScS4Du82-bLSdx_yFw3Kr7PTN3mY4M-b4o-xnM1BNHMwAPZhnkW3K9o2gdjdyVB8HwPlNri2CbhH0A8OOQV6Bm29dtNNS-MRooCCdUFWhzD1C5v8qQjrO-yFFdZIIoVNYg60uZdtUC9UQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Jul 2023 00:40:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame AB46
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESECKn35cMYf8JYXjOf0PLlxQ&google_cver=1&google_push=AaAOQGErkTGGyxGFg0Cq3uh8aTwKgkzZ338koaV05B3_qWkpYEg6z4YzgpVLLBc0SmkqkXgueT5Phbesnl2m6DG52Q9rL6SBzdV_XQ
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjMyNjM0NzA4NDY3ODkwNzMyNw==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEMjbXoz9-86AYTSKejmloB4&google_cver=1

43 B
398 B

117ms
29ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEMjbXoz9-86AYTSKejmloB4&google_cver=1
Requested by: Host: e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
URL: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 09 Jul 2023 00:40:58 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Sun, 09 Jul 2023 00:40:58 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEMjbXoz9-86AYTSKejmloB4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame AB46
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEGGdlEMF2zmppLirPelB5X8&google_cver=1&google_push=AaAOQGHMFJvDCMKV6EF7fhkrkEN4LVRChFNQ2vovrQFQxyVJodF4H0usJGQAddrzXp0Xjyn1VSoqLZ5X20u7xF6sfJc7w49kXeJUj...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGGdlEMF2zmppLirPelB5X8&google_cver=1&google_push=AaAOQGHMFJvDCMKV6EF7fhkrkEN4LVRChFNQ2vovrQFQxyVJodF4H0usJGQAddrzXp0Xjyn1VSoqLZ5X20u7xF6sfJc7w49kXeJ...

43 B
412 B

188ms
179ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGGdlEMF2zmppLirPelB5X8&google_cver=1&google_push=AaAOQGHMFJvDCMKV6EF7fhkrkEN4LVRChFNQ2vovrQFQxyVJodF4H0usJGQAddrzXp0Xjyn1VSoqLZ5X20u7xF6sfJc7w49kXeJUjQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGHMFJvDCMKV6EF7fhkrkEN4LVRChFNQ2vovrQFQxyVJodF4H0usJGQAddrzXp0Xjyn1VSoqLZ5X20u7xF6sfJc7w49kXeJUjQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
URL: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Jul 2023 00:40:58 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7e3c84c5da529be6-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 09 Jul 2023 00:40:58 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 457
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGGdlEMF2zmppLirPelB5X8&google_cver=1&google_push=AaAOQGHMFJvDCMKV6EF7fhkrkEN4LVRChFNQ2vovrQFQxyVJodF4H0usJGQAddrzXp0Xjyn1VSoqLZ5X20u7xF6sfJc7w49kXeJUjQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGHMFJvDCMKV6EF7fhkrkEN4LVRChFNQ2vovrQFQxyVJodF4H0usJGQAddrzXp0Xjyn1VSoqLZ5X20u7xF6sfJc7w49kXeJUjQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7e3c84c459549be6-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AB46
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEBqqGiI99hcJugtxCk2O4kw&google_cver=1&google_push=AaAOQGG9FGj1WEZxX3XwgA_YpmYboMviQqFvs6fQH6JJN_p-RCmQvfriClrnNHLKIXETf0lIGEq7NnjOMgpGCmhsHGMi...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEBqqGiI99hcJugtxCk2O4kw&google_cver=1&google_push=AaAOQGG9FGj1WEZxX3XwgA_YpmYboMviQqFvs6fQH6JJN_p-RCmQvfriClrnNHLKIXETf0lIGEq7NnjOMgpGCm...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGG9FGj1WEZxX3XwgA_YpmYboMviQqFvs6fQH6JJN_p-RCmQvfriClrnNHLKIXETf0lIGEq7NnjOMgpGCmhsHGMiC72erGLH&google_hm=dnpdsTAxQ4yBWMl3hhESow==

170 B
188 B

37ms
36ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGG9FGj1WEZxX3XwgA_YpmYboMviQqFvs6fQH6JJN_p-RCmQvfriClrnNHLKIXETf0lIGEq7NnjOMgpGCmhsHGMiC72erGLH&google_hm=dnpdsTAxQ4yBWMl3hhESow==

Requested by

Host: e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
URL: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Jul 2023 00:40:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGG9FGj1WEZxX3XwgA_YpmYboMviQqFvs6fQH6JJN_p-RCmQvfriClrnNHLKIXETf0lIGEq7NnjOMgpGCmhsHGMiC72erGLH&google_hm=dnpdsTAxQ4yBWMl3hhESow==
date: Sun, 09 Jul 2023 00:40:58 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AB46
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEEVSr6T6MIj2Zk6HWpoBKeQ&google_cver=1&google_push=AaAOQGHeeX-SKV9K8G1way2PVudTv3sQ0yAa7HPcCa9hiNNEDUc5meW86GpslcAdiL2tXOWhMQq0HGK7aFqAt3az7LuVn_-...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEEVSr6T6MIj2Zk6HWpoBKeQ&google_cver=1&google_push=AaAOQGHeeX-SKV9K8G1way2PVudTv3sQ0yAa7HPcCa9hiNNEDUc5meW86GpslcAdiL2tXOWhMQq0HGK7aFqAt3az7LuVn...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AaAOQGHeeX-SKV9K8G1way2PVudTv3sQ0yAa7HPcCa9hiNNEDUc5meW86GpslcAdiL2tXOWhMQq0HGK7aFqAt3az7LuVn_-rN-LX

170 B
188 B

36ms
35ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AaAOQGHeeX-SKV9K8G1way2PVudTv3sQ0yAa7HPcCa9hiNNEDUc5meW86GpslcAdiL2tXOWhMQq0HGK7aFqAt3az7LuVn_-rN-LX

Requested by

Host: e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
URL: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Jul 2023 00:40:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AaAOQGHeeX-SKV9K8G1way2PVudTv3sQ0yAa7HPcCa9hiNNEDUc5meW86GpslcAdiL2tXOWhMQq0HGK7aFqAt3az7LuVn_-rN-LX
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AB46
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEDgfYwLl8qF4WlhPSEYjtr8&google_cver=1&google_push=AaAOQGGG0LaDXtlPIelnKTPSc5CaoDoCCVQj-AO1tqTfpNmwjIGLpTxRfRSeMK_7wvr8lAAXZqQD-bYD...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEDgfYwLl8qF4WlhPSEYjtr8&google_cver=1&google_push=AaAOQGGG0LaDXtlPIelnKTPSc5CaoDoCCVQj-AO1tqTfpNmwjIGLpTxRfRSeMK_7wvr8lAAXZqQ...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzIyODQ5ODc3NDUyODI1Nzc3NQ&google_push=AaAOQGGG0LaDXtlPIelnKTPSc5CaoDoCCVQj-AO1tqTfpNmwjIGLpTxRfRSeMK_7wvr8lAAXZqQD-b...

170 B
188 B

34ms
34ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzIyODQ5ODc3NDUyODI1Nzc3NQ&google_push=AaAOQGGG0LaDXtlPIelnKTPSc5CaoDoCCVQj-AO1tqTfpNmwjIGLpTxRfRSeMK_7wvr8lAAXZqQD-bYDZW7FhZL44uWUaiJuNLJisw

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Jul 2023 00:40:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 09 Jul 2023 00:40:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzIyODQ5ODc3NDUyODI1Nzc3NQ&google_push=AaAOQGGG0LaDXtlPIelnKTPSc5CaoDoCCVQj-AO1tqTfpNmwjIGLpTxRfRSeMK_7wvr8lAAXZqQD-bYDZW7FhZL44uWUaiJuNLJisw
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame AB46
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFdfDnXUETVfhe1aspsSmZE&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEFdfDnXUETVfhe1aspsSmZE&google_push=Aa...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFdfDnXUETVfhe1aspsSmZE&google_hm=ZKoCGm7EqBWujoB1wBvybQAACFIAAAIB&google_nid=index&google_push=AaAOQGHXH6seXeir7rz2Cr0sS0OeBqBbTjJOT...

170 B
232 B

32ms
31ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFdfDnXUETVfhe1aspsSmZE&google_hm=ZKoCGm7EqBWujoB1wBvybQAACFIAAAIB&google_nid=index&google_push=AaAOQGHXH6seXeir7rz2Cr0sS0OeBqBbTjJOTPgDYDOgfaMmmApCpsN3o6MNveWF_NH9l5o_1i3tY7WWtGcQC5GQ8dBgq_GlfMrZTA

Requested by

Host: e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
URL: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Jul 2023 00:40:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 09 Jul 2023 00:40:58 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFdfDnXUETVfhe1aspsSmZE&google_hm=ZKoCGm7EqBWujoB1wBvybQAACFIAAAIB&google_nid=index&google_push=AaAOQGHXH6seXeir7rz2Cr0sS0OeBqBbTjJOTPgDYDOgfaMmmApCpsN3o6MNveWF_NH9l5o_1i3tY7WWtGcQC5GQ8dBgq_GlfMrZTA
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AB46
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEMPoXEVKm...
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEMP...
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=767a5db1-3031-438c-8158-c977861112a3&%%GOOGLE_PUSH_PAIR%%

170 B
188 B

37ms
37ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=767a5db1-3031-438c-8158-c977861112a3&%%GOOGLE_PUSH_PAIR%%

Requested by

Host: e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
URL: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Jul 2023 00:40:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=767a5db1-3031-438c-8158-c977861112a3&%%GOOGLE_PUSH_PAIR%%
date: Sun, 09 Jul 2023 00:40:58 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame AB46 0
139 B 134ms
47ms Image
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L3xAWueM9Ssv-66xgJO2fbfT7NSMMkd7K-1S-EDTcEQt2cbrjJfbsq6_OkOKI1F-SpZ7XaNA

Requested by

Host: e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
URL: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 00:40:58 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H2 204 csi
csi.gstatic.com/ Frame FBE7 0
54 B 147ms
147ms Ping
image/gif 2607:f8b0:4008:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~ljupku4q&c=788508821990&slotId=394254410995&qqid=CLikmPSxgIADFTeFgwcd1SAO2w&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318475489%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4008:814::2003 Riverview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Jul 2023 00:40:58 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame FBE7 15 KB
16 KB 26ms
26ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 17:04:15 GMT
x-content-type-options: nosniff
age: 27403
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Jul 2024 17:04:15 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame FBE7 15 KB
15 KB 29ms
29ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 03:30:27 GMT
x-content-type-options: nosniff
age: 76231
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Jul 2024 03:30:27 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FBE7 0
20 B 61ms
61ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CWbkbGQKqZPizELeKjuwP1cG42A3-0_evXM7PvdjqAsCNtwEQASAAYJWCgIDIB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEF4AIAqAMByAMCqgStAk_QENCcxjQBWvpkIhSQDpWhhbxwPft25_eoAxT9FWKI2i2St_PEJuCXisxONodVlb1ezxgymH1uKTfOcn4G_9WxtFpmyPzHblqv04tl08zl8xgwGDBv72Ebk8QDLogCoi197k0j8gekh2oqRMSu5GMJ7DJc2wdF6tskNNoUCYvn150Yo6H7BMP-ZDwVHxWgQhPzQZddzJV--kORC6A6ia-8hESPynHk3DzRpjVQEYGG1pLXx6-k60Z8jU0pSW5auFDNII47nlwXyK-9pSGZlES9dqkAep-4l_Qc_XrTcnyxTbJ6ikVFzQ7JSNqj0oavjWit4P6hEtdh_Wj8BwrrWxC03yWgL3FLn_dm50A2KAsOYM3VRizVqQhF3bbNAPJpoc2uLin3wd5i7bICv8zgBAGABv3V1afSmZvFNKAGKqgHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNjE0NTc2MDk4NDI4MzEzM_oLAggBgAwB0BUBgBcB&eventType=clickstring&clientTime=1688863258256&ai=CWbkbGQKqZPizELeKjuwP1cG42A3-0_evXM7PvdjqAsCNtwEQASAAYJWCgIDIB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEF4AIAqAMByAMCqgStAk_QENCcxjQBWvpkIhSQDpWhhbxwPft25_eoAxT9FWKI2i2St_PEJuCXisxONodVlb1ezxgymH1uKTfOcn4G_9WxtFpmyPzHblqv04tl08zl8xgwGDBv72Ebk8QDLogCoi197k0j8gekh2oqRMSu5GMJ7DJc2wdF6tskNNoUCYvn150Yo6H7BMP-ZDwVHxWgQhPzQZddzJV--kORC6A6ia-8hESPynHk3DzRpjVQEYGG1pLXx6-k60Z8jU0pSW5auFDNII47nlwXyK-9pSGZlES9dqkAep-4l_Qc_XrTcnyxTbJ6ikVFzQ7JSNqj0oavjWit4P6hEtdh_Wj8BwrrWxC03yWgL3FLn_dm50A2KAsOYM3VRizVqQhF3bbNAPJpoc2uLin3wd5i7bICv8zgBAGABv3V1afSmZvFNKAGKqgHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNjE0NTc2MDk4NDI4MzEzM_oLAggBgAwB0BUBgBcB

Requested by

Host: e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
URL: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Jul 2023 00:40:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame FBE7 0
54 B 146ms
146ms Ping
image/gif 2607:f8b0:4008:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~ljupku4x&c=788508821990&slotId=394254410995&qqid=CLikmPSxgIADFTeFgwcd1SAO2w&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.tx&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4008:814::2003 Riverview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Jul 2023 00:40:58 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame FBE7 31 KB
17 KB 73ms
72ms XHR
text/xml 173.194.76.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-CdFVpo3qMqCxVorcwh1pLEDOQb61xJCd4jpvKy8KSm3HQVSiUh2UZ1RnGmH3LRqisUWbykNW3AjiJ2lwO_-a-umizSvQ&cry=1&dbm_d=AKAmf-DftUY-OMUZTGDPwiXGTILlp5OTmqpDZcViAnCl9BGmNvrSQbCRkAPNEzHU7u0KINX-AmRrViXtq6uqjrRiA6vvGjK8wt_6ZXtuIS-IEApPRgAWJ9wmz6VFOzIjJIVKYaiSm4oUXsU729swGjYPjN2Sc7TlQDSZWNHOJy2f5EVPP2uAk5oKpJ1AfmCIsNkZorZPS6BAKuHgafwik99YzJ-4ArJ-ETIim7zzlFuQIFedgTWG4WVLo4mTB461Uoyty8kyJCGFU7ba-Lg9TJ7MVwofairIQGZmZ9i2Xf9fs99quZR9solC91lXv9jtXQc8BmEUfDTciCKbH2A5FMWHbsj4xK2PtODkYxlLN90BDAjKey4RqaXfiOCEG24padqhc78yWTPqx_0OGWLXNsaO2cLep2kYHGBeQff1x5srBUtHpy4uVoSh6dgL44RVGUY7mJ7ja_W9mPfCq-cVH5AtOils1XZGuYAjLNYLaxe68GXotliSA0PKm11j1-I7MJTzpeTZxHR7mEHPSOTbSUO9SkfmSzoJg3iaIgfHBjYFUvmhHYH0m0_C13FY7PWYXIRbSIk4Ogm6dSidy9-rK9BURcqcMi9RfBhW47LKDgUcek95eb9SokeR8TGnxTYkdzdWlLg8WXwsgl9eXUdHUAi90tX1ODecWfarVP5tSDoowUL5GG9gOcfLKIXmN3vhcHzrBTU6BfHAw3JNo86hT01WZ4Nll8HMWW2PlifQVvbCjkdxE4V1P_KXJamc7KP5T-MY_pJ7EnL4BumF41TFo_fCyviWsu3TZruPh-QsEMFuuB5h0fb5ruXNgbQKKAI_OZjBIWExEMdegZsi84wvv-qqreTgMK5HDJAJythRj2-yfGnrvAOZgFJYFECmAz5HabdMSvwDa7s52Rgua-YwO_PBLOR_3JGG9y1ky8y4eOohgj9FwETrfRu3BxqnsI3FQSBJPbDfBp_nGfIg2CDqWVcHvmr7zT2STQLO1EnLJBGdGIF8CSEDdNtyiZHI9-kUtt-ZLAVFNEQ_nz8gWrR-KyESnIbLtHnnN7i8003AkoZj2Jot0zfH2An86oDhQR-DNawLzNp6sFqxQwkXFfoJ-MCm8kb0Lj2KPlKezz1WKhStXlHDnaW1sazEHPtVje-TCMxYapMPXzv2maSvR5DZ-B34GFu5lEJhYcUMFQTFIN8Z5ZcyCk8Cc-Vx587YInKOCL0Hr4NZU5DFKV-6GzvJnF9cWQDAoubEd4y9gNB0kAq42VI9GCMhR94GYM5es1Uk7JCkd9BUyTuRa6ovUJums8PtHfqKx5p41FyDlmsQoDMgRl4WIp7hjQQBoY2c4dXnqs61lQmbIKuWsVjGxmjIUxCKhcD20qNgKcBQ5PsSpVNtyEOgbNJSaM0tcx2hnOPqmKS3gickQ-u_TuXA7C-vJXBjEbJpu0tKIhSS1L-yJHpv2EejNyj3UPw_5v2WxRfZYv4CF_S66YdmUBlN9ydOlrh6nAhzYvVc_DnD4DihzMKsDOOtUtQKUnSmYJXj4cRnwvTu7DRwH2oMJ3JaxpY3THiMY0QcUC6obhWj2oHNhnpT6bs4ITCUsOXhP_B0TyyDr1XJaJ-onNO4oS8-grCzDNec1TdFbxAoucfRB41FMgVNlU7Wti4vpqEWdh83xHvDUtVh39_klJMI5oHN9zgBPLB4sfVxGFrgDaZUvgNNJGZGc4WNuglka1Qi5XTHkrJWB1TTNvzhCizwLrl2Gw6m84JLIL-RJ08xmWvDA5tACnruvB3LonbrBh49tYxhe-j6AFUEyOKBkrnd7zBFhMh97VeGzBsVpei3pGCqmzp1xd7Fw9vfHxKAFycKk-hDbN9eOeD1fAVwrDn4zjh5XXvy6kJ3dTvFsXViWiKx17jk0UwtbUZQf4WjEza0ExUgBkmZN5mHtn3T45blMC_3fCdWXtOREpNDMyFeiEXaAljyCYXuaRQHZ7iAwYBl_HK38f7G58GfkjpaT79VrZvfIuKpY8iPOm-16uWiOHmDBjAqKwKOZeuqthVFTohB58M-B5RgPG4ox7aBhpDnnPWivenDxp0FDTV56VUlNDiEA5kjedD95Zjrq2FHg8tXwXFSD_4D3iWRcPJP3tt891IKB0-0FUHRrGgZ8nCsb9Ahgqad14Ih-8ThlBUCmDXp1LcTFcNqi8fPqkGcLXckOyCzEUHkNAWRCPnSCL3A8IoYtbvi3WSWhGvA8G0yz45w-jXwOQ91ulnrZ97gnfI4DKMLIZEGk-ackRLR7BGryzJNUadfCbF7SLIK6hkc1yzzEftN9TezSET6ITar7y4fo20SFcL23KOAm_Q7pFSX9mheGOuPcvHzxZ6GsedBH_4Jyi2njzjtdceu1N1YfXgknA532_Yvxh_Ezej4Z-wZfkldRWDhuqYI35K-pvSKJyg3q28zhy4yRCRhCyKhGwKb2XQFW5jdBr8lO3lRPHyRAxuNQXQWnseKuIpncuirKGqtEYyFrBdDq85lG5EYawZCaiF5GCCWzu39OktVyUNouxuKdO_VjUmyIcd8MHg4h_EbSQMNFGc9sMsreHfE3BZVVgU93QencjqbKLIbckyM4BxdSsKgs5bsKIPjgVhWamlHL5Ws14FYq8N5FCycV7V3dPFgtgL4LIhz36c23gyc75W6Vo0wU1jIQPPet7J77RpboxglrpNTSLeylT5XRC1YIT37ch8pxqYccSF3Hy_zyRyF-qOQ6NUqQr6-CENu5JvGT5BfHKrd8KMabWr53iuwQCzGyTmsgqaIzdqBGLX7RNCWMxdsVmBQMJDHVWdYrbVWBdm5FDwBjZuFvgqU9FW5QPoz2uMhmRvW_Lr9pnrpOUwNqSj1evNvScPTRchmaS54xzjx0vAnJQC4ESNBa3dpBrhpLzr21179qpejNNt2BDgE5SmMgdmD74HHaWJor5Ln1IhP1OBJuZSQE4ZhmpAbWuYyLYW3fDFdPFyldgloQSAcgVbRlRg5A7CLts_XjHuFTVzOUOUZ5ANrUp7PVvjaSQtNPEgFiYTAD5sQVnFvekK1usgCCK4NNOXp6_0h62eNjXRIAui4x6qt8HoECIcnDUcIJEbSE9uW_b3lcdbeEo0nfMRMUhvvNtk0RX75LaWPJSVGsWmxh01k-Scy4CQa6Bupy779PMZZYNBOD1iUDDkNk-VOcWPvOpZFSCb46K-Aeyb3v1_Rli_hxwR4Ww4MBA8XyhHLQj7MCw-tDrxx6AQQEmM3fu4JPmT8bLIcc6ywRpqWuk48i8p_4hmjlky9GrIXqY7MEz2Lh8E5KSIePBcqfwcViwEhSWcTerRCe-oJWoFZwX5tBepkcqD7VF8N8fXwlrAhQz1FHfNwyCazAxo97jZgoluenjo1KPDZnRP5Xx9SjnAZYUDizC6GpVUfKKQEIuJ38UW503tp_l5T9yXe0JuB0BqUcJoCk5_4Smm2PEiDGS1nsSwUePCsI6VpOO1MqxxhYX9OGkMiBtkDkTeZENMkcmNICi9dtVbff5NCze07YX3SwY0cOw9SO-p7gK893U04PbEiN72k2yrAR1IXnQ65tH6dxuLTjCBnQpE9q4uY2JIL9t5G1PZM1ipVr68jnGQ5Dkionr5kDtNiW3qxk_DTjoMqONOXBondIo4xTpQWNL5jtn2vSkSDQ2DUXd2j8SimdVyEnDeTQcNzEBMXj1YeFz-1xJUwsb0YUEA&cid=CAQSGwBpAlJWX68u61pdu8VmZOTnrECmH0OW_mFPyhgB&pr=8%3A38200423C9C8E148&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.76.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ws-in-f156.1e100.net

Software

cafe /

Resource Hash

f7709291e1d9e78fc75ff802ab7090e1c9e605b5e1ed0bf4da785b6edd919f45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 00:40:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16927
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1C5C
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEIMkUauYK5WHjJxYOMsMgWQ&google_cver=1&google_push=AaAOQGGMwoDphmlrFSH3H7ibpz-Um_47rdoi7l3GlmPnG3erykvTvkK4kQb5JoxVdel-z7buC5LrywZWIyhmHqJdVmmLa-9bazaP
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8AC69B0BFDB4484A9CA87824C94F5FD9&google_push=AaAOQGGMwoDphmlrFSH3H7ibpz-Um_47rdoi7l3GlmPnG3erykvTvkK4kQb5JoxVdel-z7buC5LrywZWIyhmHqJ...

170 B
188 B

36ms
36ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8AC69B0BFDB4484A9CA87824C94F5FD9&google_push=AaAOQGGMwoDphmlrFSH3H7ibpz-Um_47rdoi7l3GlmPnG3erykvTvkK4kQb5JoxVdel-z7buC5LrywZWIyhmHqJdVmmLa-9bazaP

Requested by

Host: e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
URL: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Jul 2023 00:40:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 09 Jul 2023 00:40:58 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8AC69B0BFDB4484A9CA87824C94F5FD9&google_push=AaAOQGGMwoDphmlrFSH3H7ibpz-Um_47rdoi7l3GlmPnG3erykvTvkK4kQb5JoxVdel-z7buC5LrywZWIyhmHqJdVmmLa-9bazaP
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 08 Jul 2023 00:40:58 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 1C5C 70 B
265 B 180ms
50ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEGJVlv-NCNZV8aDaY9U3Xw4&google_cver=1&google_push=AaAOQGH3JHRjaROT6skaDFSoEXOjtVvX0T30KcfSShJCb4gdo4U0I4toP2HK6k_fPQU2Laih22fo1GMJnAXseJCyzelIp6EXM7ZV
Requested by: Host: e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
URL: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 09 Jul 2023 00:40:58 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 dds
rtb.openx.net/sync/ Frame 1C5C 43 B
245 B 125ms
36ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEBdv08Bx6rjfYF3bgcX5rOA&google_cver=1&google_push=AaAOQGGVSZpBowxFQsgO4YytJPOwtsN9ykImy8X1kC4HqF7M7AietU55PtuD49M3Qi4LrZJN5lIK3FjFr7HsRrax-uapCFxRZ1cI
Requested by: Host: e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
URL: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Jul 2023 00:40:58 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1C5C
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEDueeD5JQChLYnL5GBOeBOw&google_cver=1&google_push=AaAOQGHWgwHo8B3xh316EY9vJ5KLY4XnA6ziU4AE0e7oFs3uPYwF80S8960U1MmSGgSHRCE1r0W0tsD5KVq1t26eo...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEDueeD5JQChLYnL5GBOeBOw&google_cver=1&google_push=AaAOQGHWgwHo8B3xh316EY9vJ5KLY4XnA6ziU4AE0e7oFs3uPYwF80S8960U1MmSGgSHRCE1r0W0tsD5KVq1t26eo...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AaAOQGHWgwHo8B3xh316EY9vJ5KLY4XnA6ziU4AE0e7oFs3uPYwF80S8960U1MmSGgSHRCE1r0W0tsD5KVq1t26eoKX2s9GmzPf2&google_hm=G8vIrGZHn5eb0xpRQ2OusBnI

170 B
188 B

35ms
35ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AaAOQGHWgwHo8B3xh316EY9vJ5KLY4XnA6ziU4AE0e7oFs3uPYwF80S8960U1MmSGgSHRCE1r0W0tsD5KVq1t26eoKX2s9GmzPf2&google_hm=G8vIrGZHn5eb0xpRQ2OusBnI

Requested by

Host: e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
URL: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Jul 2023 00:40:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 09 Jul 2023 00:40:58 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AaAOQGHWgwHo8B3xh316EY9vJ5KLY4XnA6ziU4AE0e7oFs3uPYwF80S8960U1MmSGgSHRCE1r0W0tsD5KVq1t26eoKX2s9GmzPf2&google_hm=G8vIrGZHn5eb0xpRQ2OusBnI
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 1C5C
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEOFZpmLqc-rUhhkatBOWudo&google_cver=1&google_push=AaAOQGG-1zxgtg_dH4JmMTF3Ns_1WvYXmoQLRHtmEsCzmeoiftGRJA1rba7NJHwJMgxSPrcd8PNBCtUr-rRn46bH...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AaAOQGG-1zxgtg_dH4JmMTF3Ns_1WvYXmoQLRHtmEsCzmeoiftGRJA1rba7NJHwJMgxSPrcd8PNBCtUr-rRn46bHzRjVB796LRJy

170 B
243 B

38ms
30ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AaAOQGG-1zxgtg_dH4JmMTF3Ns_1WvYXmoQLRHtmEsCzmeoiftGRJA1rba7NJHwJMgxSPrcd8PNBCtUr-rRn46bHzRjVB796LRJy

Requested by

Host: e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
URL: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Jul 2023 00:40:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 09 Jul 2023 00:40:58 GMT
via: 1.1 c6b364b1181abfafd7a69f210841edca.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA6-C1
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AaAOQGG-1zxgtg_dH4JmMTF3Ns_1WvYXmoQLRHtmEsCzmeoiftGRJA1rba7NJHwJMgxSPrcd8PNBCtUr-rRn46bHzRjVB796LRJy
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: 5SQAqkEPxr-SStRxXBfs-fiadwfcC78VYAiwh9jb7Y-va7d8lIvFSw==

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 1C5C
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESELZB60JUOlQmP7-2G5DyBpo&google_cver=1&google_push=AaAOQGGgpeU3fo_ntSDpNbY2-V_6gfh-CXPHtrW7QrUnjSCGcgPgQdfPjTH6k6gmmxQkl-kjkyWG5tsJueJI...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGGgpeU3fo_ntSDpNbY2-V_6gfh-CXPHtrW7QrUnjSCGcgPgQdfPjTH6k6gmmxQkl-kjkyWG5tsJueJIZwRjAysuHHhvtX6N

170 B
232 B

32ms
32ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGGgpeU3fo_ntSDpNbY2-V_6gfh-CXPHtrW7QrUnjSCGcgPgQdfPjTH6k6gmmxQkl-kjkyWG5tsJueJIZwRjAysuHHhvtX6N

Requested by

Host: e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
URL: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Jul 2023 00:40:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGGgpeU3fo_ntSDpNbY2-V_6gfh-CXPHtrW7QrUnjSCGcgPgQdfPjTH6k6gmmxQkl-kjkyWG5tsJueJIZwRjAysuHHhvtX6N
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2

200

/
onetag-sys.com/match/ Frame 1C5C
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESELZB60JUOlQmP7-2G5DyBpo&google_cver=1&google_push=AaAOQGHbJ0Yeo3y4HLc8rw7RmZsCEVALR5s1BNMOKIkSJPade3_c7KBVSHPPpBRnyTLJFYN1op3pJJH4nfe...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGHbJ0Yeo3y4HLc8rw7RmZsCEVALR5s1BNMOKIkSJPade3_c7KBVSHPPpBRnyTLJFYN1op3pJJH4nfe1BS2BpadrVzfQ1BLC
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

26ms
26ms

Image
text/plain

51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
URL: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Sun, 09 Jul 2023 00:40:58 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 1C5C 0
49 B 47ms
47ms Image
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JlCyOfrazF5PgVEAtgUuRTZNrvdJWli7JkPNwBGfBNaJb8IkSahITU7G4pQXZLHaObNdO60Q

Requested by

Host: e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
URL: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 00:40:58 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 3319 1 KB
643 B 29ms
28ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
URL: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 28102
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 08 Jul 2023 16:52:36 GMT
etag: 48472445140208031
expires: Sun, 09 Jul 2023 16:52:36 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 count
logger.virgul.com/ Frame 9F38 0
116 B 252ms
65ms Ping
image/jpeg 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://logger.virgul.com/count?m=infoLoad&g=m&r=npm_nefisyemektarifleri:13::10710800&o=500-600&iv=&wVID=&info=10710800@117240@117240@13:30@@&os=windows&dt=desktop
Requested by: Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=7/9/2023
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 09 Jul 2023 00:40:58 GMT
server: openresty/1.15.8.3
content-length: 0
access-control-allow-methods: GET, POST
content-type: image/jpeg

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 55D4 1 KB
643 B 32ms
32ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
URL: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 28102
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 08 Jul 2023 16:52:36 GMT
etag: 48472445140208031
expires: Sun, 09 Jul 2023 16:52:36 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 0A34 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bafff6290b412ffe80864a85d2fb8806f78ae228078eee0e1edfcaa651698ec9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame FBE7 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d4167f83dc2b269d95736e40ae9860c4ec5194fa641c2cfbc85473c82f6b4245

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 544D 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 23400831f9cf1f1a16cf5b5cb62db416c87cdf98ef103475fd16b2237289b288

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame BFDE 0
0 76ms
75ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CSYuyGQKqZMCpEc7C3wPA2Yz4AuTl6cNxhPqO6JwR2tkeEAEgwLKCa2CVgoCAyAegAdv8uvEDyAEG4AIAqAMByAMKqgSbAk_QsNzv5Gn13DEbnBD3_SNGNdv-V_OA-toKBndbHsxW7xTO9zvNjUxjiD3tf0w3YU-BJ4DSmSSX-FFOcsUbdHN5G4BdmBa6V1ora28HN43NPpq10IwpgOnazNW_2Ko2PE2qw_ZC2IdrkKZXXE3oY-JAsmrVx5Mzn3Oson2wvm989qmoTd4GmWSCag2jshO6a1r3Li0etJ3k4jX4kRmV5JtMZuQ4iANjEmvzCvGGKYnG73D8XrVpojh5e48iLBTcyLGUfPCN9wt0h4OT5GDMm6pyU7_8HGVeaTRSsP4Tv3W3tSpihE9MqdiPk059FgqGSCuBNq05R1a2pb9MsUPr1h5jWHMAqjVyB3XZ-vi8zriGQKJ9z1x_31wwUN3ABLv4-bmaBOAEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBgAet4qjQAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEELr8AdIIFgiA4YAQEAEYHTICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTYxNDU3NjA5ODQyODMxMzOACgPICwHYEw2IFAPQFQGAFwGyFx4KHAgAEhRwdWItNjU5MzUyMzIxMDAxMDE1NBjqwW0&sigh=SVQa0T4uMIY&uach_m=[]&cid=CAQSOwBpAlJWgxSrmQM1DsQkPRvwBeNVgyVMKeInEkliN0NnlvW-F8leSkMleSvZwLaZxhnhV0JsdVwawh0hGAE&template_id=492&cbvp=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

POST
H2 204 csi
csi.gstatic.com/ Frame FBE7 0
54 B 151ms
150ms Ping
image/gif 2607:f8b0:4008:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~ljupku53&c=788508821990&slotId=394254410995&qqid=CLikmPSxgIADFTeFgwcd1SAO2w&fb=outstream-lima&vast_v=3.0&vmfc=12&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4008:814::2003 Riverview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Jul 2023 00:40:58 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame FBE7 41 KB
15 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 17:15:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 113140
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Jul 2024 17:15:18 GMT

HEAD
H/1.1

200
OK

file.mp4
r2---sn-4g5ednkl.c.2mdn.net/videoplayback/id/16b003e62bbfefe1/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1720399258/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame FBE7
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/16b003e62bbfefe1/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1720399258/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signat...
https://r2---sn-4g5ednkl.c.2mdn.net/videoplayback/id/16b003e62bbfefe1/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1720399258/sparams/acao,ctier,expire,id,ip,ipbits,itag...

0
0

114ms
23ms

Fetch
video/mp4

2a00:1450:4001:29::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r2---sn-4g5ednkl.c.2mdn.net/videoplayback/id/16b003e62bbfefe1/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1720399258/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/73E5C1F91CABE889A241EA85D38B2544B98008C7.0A7966AE84D73A10C313F38624C9D383448886B7/key/cms1/cms_redirect/yes/mh/2p/mip/2001:1b60:2:240:3247::4/mm/42/mn/sn-4g5ednkl/ms/onc/mt/1688862767/mv/m/mvi/2/pl/29/file/file.mp4

Requested by

Host: e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
URL: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

HTTP/1.1

Server

2a00:1450:4001:29::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Sun, 09 Jul 2023 00:40:58 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 1761564
Last-Modified: Fri, 07 Jul 2023 14:26:39 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Sun, 09 Jul 2023 00:40:58 GMT

Redirect headers

date: Sun, 09 Jul 2023 00:40:58 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 652
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
location: https://r2---sn-4g5ednkl.c.2mdn.net/videoplayback/id/16b003e62bbfefe1/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1720399258/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/73E5C1F91CABE889A241EA85D38B2544B98008C7.0A7966AE84D73A10C313F38624C9D383448886B7/key/cms1/cms_redirect/yes/mh/2p/mip/2001:1b60:2:240:3247::4/mm/42/mn/sn-4g5ednkl/ms/onc/mt/1688862767/mv/m/mvi/2/pl/29/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 5FBD 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 37a301845bb8112d2bf4f3f02b07dc9b4bb6dd7a289b4c4414ff567bc5cdcc96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 9235 0
12 B 22ms
22ms Image
text/plain 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?BKbrQA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 00:40:58 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 3319 0
104 B 188ms
75ms Image
text/plain 2a02:fa8:8806:20::2040

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESELf7uTt0TWVTrOGIpiF1HZw&google_cver=1&google_push=AaAOQGEuUomy4EGzwUqUNfO16RK8g5Yx6CCXzwaN5wb-sd9fx4SKY3JJb6hq8KtUwlFwWbtOKiFxW0Kqbyrhk3OvCc9nkwRTT029rQ
Requested by: Host: e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
URL: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:20::2040 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Jul 2023 00:40:58 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3319
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEG5RiDiaBBrux9t3ppXidzs&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEG5RiDiaBBrux9t3ppXidzs&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=M3RWTnEyRUoxUWlpdFk1&google_gid=CAESEG5RiDiaBBrux9t3ppXidzs&google_cver=1&google_push=AaAOQGHY_gfrxtGQel1or98Cy5z22zfpp552B71ZXF9n0e1...

170 B
188 B

29ms
29ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=M3RWTnEyRUoxUWlpdFk1&google_gid=CAESEG5RiDiaBBrux9t3ppXidzs&google_cver=1&google_push=AaAOQGHY_gfrxtGQel1or98Cy5z22zfpp552B71ZXF9n0e1jv465T8ZQlNyl2NDc5PbryRX11xMDC22BqwaCE_0ronLJhUEDvAEvWQ

Requested by

Host: e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
URL: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Jul 2023 00:40:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 09 Jul 2023 00:40:58 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-782-g97d928b#rel-ec2-master i-008a7b4f528d14c6d@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=M3RWTnEyRUoxUWlpdFk1&google_gid=CAESEG5RiDiaBBrux9t3ppXidzs&google_cver=1&google_push=AaAOQGHY_gfrxtGQel1or98Cy5z22zfpp552B71ZXF9n0e1jv465T8ZQlNyl2NDc5PbryRX11xMDC22BqwaCE_0ronLJhUEDvAEvWQ
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 3319 70 B
264 B 70ms
51ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEP-zqVDnTCE2t8tG4fmcWxU&google_cver=1&google_push=AaAOQGG1tlV-MLuUwZ-6rOZR7YHrgb3wviBNzMN_YhPuGPmqfA2lJ29Tan8aqHGv23RKehow-tMAc31Mh5ibnPZzBmM-zYUbtQNwHQ
Requested by: Host: e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
URL: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 09 Jul 2023 00:40:58 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3319
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEKIYD1N8VjDE5a3KxmteFss&google_cver=1&google_push=AaAOQGG8QqQAz_2Xk0qRyZ2Ctoz5VRkra9mLIFFBTxdKo7m1NnVF_i0oqL07L95C6_2aHp31O5BGTovPqaVtR-3hXi_EjYF...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGG8QqQAz_2Xk0qRyZ2Ctoz5VRkra9mLIFFBTxdKo7m1NnVF_i0oqL07L95C6_2aHp31O5BGTovPqaVtR-3hXi_EjYFsLhFNMw&google_hm=eS1pbTJyV1RoRTJwR2xG...

170 B
188 B

30ms
30ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGG8QqQAz_2Xk0qRyZ2Ctoz5VRkra9mLIFFBTxdKo7m1NnVF_i0oqL07L95C6_2aHp31O5BGTovPqaVtR-3hXi_EjYFsLhFNMw&google_hm=eS1pbTJyV1RoRTJwR2xGanN4dTZIbm85dTVQZEpUMlNENH5B

Requested by

Host: e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
URL: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Jul 2023 00:40:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 09 Jul 2023 00:40:58 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGG8QqQAz_2Xk0qRyZ2Ctoz5VRkra9mLIFFBTxdKo7m1NnVF_i0oqL07L95C6_2aHp31O5BGTovPqaVtR-3hXi_EjYFsLhFNMw&google_hm=eS1pbTJyV1RoRTJwR2xGanN4dTZIbm85dTVQZEpUMlNENH5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3319
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFCbK4RBujg5xrTGp3ZYeSo&google_cver=1&google_push=AaAOQGE6cKhwJfPTpTMo0lIdC0E2QwfHbVO8Y1vKfbLAdbDdnJvtbp9w8nNSanK0_RZtUkoOoKK...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEpVUEtVREktMjAtRkhOTA==&google_push=AaAOQGE6cKhwJfPTpTMo0lIdC0E2QwfHbVO8Y1vKfbLAdbDdnJvtbp9w8nNSanK0_RZtUkoOoKKHK72HjtSSl__Oj5g0dWB7FaOcYQ

170 B
188 B

32ms
31ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEpVUEtVREktMjAtRkhOTA==&google_push=AaAOQGE6cKhwJfPTpTMo0lIdC0E2QwfHbVO8Y1vKfbLAdbDdnJvtbp9w8nNSanK0_RZtUkoOoKKHK72HjtSSl__Oj5g0dWB7FaOcYQ

Requested by

Host: e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
URL: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Jul 2023 00:40:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEpVUEtVREktMjAtRkhOTA==&google_push=AaAOQGE6cKhwJfPTpTMo0lIdC0E2QwfHbVO8Y1vKfbLAdbDdnJvtbp9w8nNSanK0_RZtUkoOoKKHK72HjtSSl__Oj5g0dWB7FaOcYQ
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3319
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECHk7ZEUDBTlBX5ZYz58CYA&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECHk7ZEUDBTlBX5ZYz58CYA&google_hm=ZKoCGm7EqBWujoB1wBvybQAACFIAAAIB&google_nid=index&google_push=AaAOQGH7OF1nqOxMGMqhvH748qlEA2mj1PKOc...

170 B
188 B

36ms
36ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECHk7ZEUDBTlBX5ZYz58CYA&google_hm=ZKoCGm7EqBWujoB1wBvybQAACFIAAAIB&google_nid=index&google_push=AaAOQGH7OF1nqOxMGMqhvH748qlEA2mj1PKOco9K_WVlkfL2AtPp0CH8LiRw67F6sZSEpgQlFKFyXRNbHefHL28ChTnREa5R8InTzw

Requested by

Host: e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
URL: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Jul 2023 00:40:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 09 Jul 2023 00:40:58 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECHk7ZEUDBTlBX5ZYz58CYA&google_hm=ZKoCGm7EqBWujoB1wBvybQAACFIAAAIB&google_nid=index&google_push=AaAOQGH7OF1nqOxMGMqhvH748qlEA2mj1PKOco9K_WVlkfL2AtPp0CH8LiRw67F6sZSEpgQlFKFyXRNbHefHL28ChTnREa5R8InTzw
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 0
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3319
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEF38f6l7AH8OqWuL6Tetkyg&google_cver=1&google_push=AaAOQGGHwGWtTnflkpO53Tormp1kxidcVI8DPWgAZVOLxvoPSDVHoIZbW2Ft6tuoDTzFOsZR58weUsAhDyI0pmhP...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AaAOQGGHwGWtTnflkpO53Tormp1kxidcVI8DPWgAZVOLxvoPSDVHoIZbW2Ft6tuoDTzFOsZR58weUsAhDyI0pmhPJM9JzaTs5zaoEA

170 B
188 B

37ms
36ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AaAOQGGHwGWtTnflkpO53Tormp1kxidcVI8DPWgAZVOLxvoPSDVHoIZbW2Ft6tuoDTzFOsZR58weUsAhDyI0pmhPJM9JzaTs5zaoEA

Requested by

Host: e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
URL: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Jul 2023 00:40:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 09 Jul 2023 00:40:58 GMT
via: 1.1 c6b364b1181abfafd7a69f210841edca.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA6-C1
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AaAOQGGHwGWtTnflkpO53Tormp1kxidcVI8DPWgAZVOLxvoPSDVHoIZbW2Ft6tuoDTzFOsZR58weUsAhDyI0pmhPJM9JzaTs5zaoEA
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: -BORnZe51L9iqscu83GWu2TppCxq1raK_sppE-gUW6l6oaT4qzogWg==

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 3319 0
49 B 36ms
29ms Image
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J8UNK105T4O2nJlp2kf79ivRUJjzWLvQs3mWcTpNERFr0wAHgqdo2hgqbUmR9udn12Ok-z

Requested by

Host: e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
URL: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 00:40:58 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 55D4
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESELjz65Qx9MjueUoo2c3UIbY&google_cver=1&google_push=AaAOQGE_AsP-OL0Lo26XebErVtZFtgIbK-1TL1DxaQSEZXGbi2fUTsHHHPP4YuLWoq-LeufLKmGBDg6IB_ezL_E7YZ68Od5tOQ0
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjMyNjM0NzA4NDY3ODkwNzMyNw==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEMjbXoz9-86AYTSKejmloB4&google_cver=1

43 B
398 B

32ms
29ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEMjbXoz9-86AYTSKejmloB4&google_cver=1
Requested by: Host: e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
URL: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 09 Jul 2023 00:40:58 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Sun, 09 Jul 2023 00:40:58 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEMjbXoz9-86AYTSKejmloB4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 55D4
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEEdJ9b9qpqwmN6W-QZLcXUk&google_cver=1&google_push=AaAOQGEALAfZ2mkPeFa8ujM7Pr2Nd0SoNQFsIsdhBod3QDlmSQGLAC-znunJBKL44RnP1nY362ITPaRwDUWUN-CS...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGEALAfZ2mkPeFa8ujM7Pr2Nd0SoNQFsIsdhBod3QDlmSQGLAC-znunJBKL44RnP1nY362ITPaRwDUWUN-CS1qEUvvBt_A

170 B
188 B

33ms
33ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGEALAfZ2mkPeFa8ujM7Pr2Nd0SoNQFsIsdhBod3QDlmSQGLAC-znunJBKL44RnP1nY362ITPaRwDUWUN-CS1qEUvvBt_A

Requested by

Host: e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
URL: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Jul 2023 00:40:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 09 Jul 2023 00:40:58 GMT
Server: MT3 1031 59fd23a master cdg cdg-pixel-x15 config_version:"1438"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGEALAfZ2mkPeFa8ujM7Pr2Nd0SoNQFsIsdhBod3QDlmSQGLAC-znunJBKL44RnP1nY362ITPaRwDUWUN-CS1qEUvvBt_A
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 09 Jul 2023 00:40:57 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 55D4
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEMX-9ADTD10RecIL9NE3jjY&google_push=AaAOQGH6_dRd2bUhRsSemKqwJ_6Q4zcBd4p0wPvEt4mxisxPm8OYAO7_vY...

170 B
188 B

30ms
30ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEMX-9ADTD10RecIL9NE3jjY&google_push=AaAOQGH6_dRd2bUhRsSemKqwJ_6Q4zcBd4p0wPvEt4mxisxPm8OYAO7_vYRR0P1tGwSs9U2APHN4d8Boe-o4j5_duVmpn3gESy0

Requested by

Host: e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
URL: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Jul 2023 00:40:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-etou8220037-FRA
pragma: no-cache
date: Sun, 09 Jul 2023 00:40:58 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1688863259.512521,VS0,VE94
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEMX-9ADTD10RecIL9NE3jjY&google_push=AaAOQGH6_dRd2bUhRsSemKqwJ_6Q4zcBd4p0wPvEt4mxisxPm8OYAO7_vYRR0P1tGwSs9U2APHN4d8Boe-o4j5_duVmpn3gESy0
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 55D4 70 B
264 B 65ms
50ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEIy73bnhe5edAYexyzwLkGI&google_cver=1&google_push=AaAOQGFokyWkmWwSKBdEz-AqK-HvH1TbGAPmyNMLAQdZo_H2hFmeLvfg_8C8H5BlWQAz6dD5wc3tlOLXQMOXVCZx9bVBUFrwZDc
Requested by: Host: e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
URL: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 09 Jul 2023 00:40:58 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 55D4
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEI7BlYUEtBR-LjT1h7gKQ2o&google_cver=1&google_push=AaAOQGFfcvo-GmTkfsCQbBy_Gm84Bfdy2wJ4AyYK_dATIB5hyjQyAIn1NwIEuZNVv4btOtXKCcLFp7Rg5cCzN2FQ...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=orfTL8dsRHOdMwcbXN_etw2&google_push=AaAOQGFfcvo-GmTkfsCQbBy_Gm84Bfdy2wJ4AyYK_dATIB5hyjQyAIn1NwIEuZNVv4btOtXKCcLFp7Rg5cCzN2FQYvMZOkPxXps

170 B
188 B

35ms
35ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=orfTL8dsRHOdMwcbXN_etw2&google_push=AaAOQGFfcvo-GmTkfsCQbBy_Gm84Bfdy2wJ4AyYK_dATIB5hyjQyAIn1NwIEuZNVv4btOtXKCcLFp7Rg5cCzN2FQYvMZOkPxXps

Requested by

Host: e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
URL: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Jul 2023 00:40:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 09 Jul 2023 00:40:58 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=orfTL8dsRHOdMwcbXN_etw2&google_push=AaAOQGFfcvo-GmTkfsCQbBy_Gm84Bfdy2wJ4AyYK_dATIB5hyjQyAIn1NwIEuZNVv4btOtXKCcLFp7Rg5cCzN2FQYvMZOkPxXps
x-host: tde-deliveryengine-production-84d9bf65c-mhtln
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 55D4
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEDA2xx_FF42NYhEvlkXzn5U&google_cver=1&google_push=AaAOQGFzs0d1XojH1ikBmQrUEZqQZMVlcfLfb-I9e-qdGRuwceKbV7RxjMaOMUqv0Gn-2zBsQLEBQB5cdi32k6SW...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AaAOQGFzs0d1XojH1ikBmQrUEZqQZMVlcfLfb-I9e-qdGRuwceKbV7RxjMaOMUqv0Gn-2zBsQLEBQB5cdi32k6SW-Bif0gM9D0Y

170 B
188 B

37ms
37ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AaAOQGFzs0d1XojH1ikBmQrUEZqQZMVlcfLfb-I9e-qdGRuwceKbV7RxjMaOMUqv0Gn-2zBsQLEBQB5cdi32k6SW-Bif0gM9D0Y

Requested by

Host: e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
URL: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Jul 2023 00:40:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 09 Jul 2023 00:40:58 GMT
via: 1.1 c6b364b1181abfafd7a69f210841edca.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA6-C1
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AaAOQGFzs0d1XojH1ikBmQrUEZqQZMVlcfLfb-I9e-qdGRuwceKbV7RxjMaOMUqv0Gn-2zBsQLEBQB5cdi32k6SW-Bif0gM9D0Y
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: JybOY_E6iSAnD0p65ucs7DvwDCoSCSpaE536oUJ6RMklQ_uVuApiiw==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 55D4
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEFeVT_lHM7cFH3iwNfxmV9A&google_cver=1&google_push=AaAOQGHTIQAtlim5an7cKMKAgqEHsTDMce6JIj7Tylgru4OzJ0Apl05XxP3_boIJhrpudezLy0_q-cNdGYiL...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGHTIQAtlim5an7cKMKAgqEHsTDMce6JIj7Tylgru4OzJ0Apl05XxP3_boIJhrpudezLy0_q-cNdGYiLi9aIn3vPtWaG-Sk

170 B
188 B

36ms
36ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGHTIQAtlim5an7cKMKAgqEHsTDMce6JIj7Tylgru4OzJ0Apl05XxP3_boIJhrpudezLy0_q-cNdGYiLi9aIn3vPtWaG-Sk

Requested by

Host: e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
URL: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Jul 2023 00:40:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGHTIQAtlim5an7cKMKAgqEHsTDMce6JIj7Tylgru4OzJ0Apl05XxP3_boIJhrpudezLy0_q-cNdGYiLi9aIn3vPtWaG-Sk
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 55D4 0
40 B 35ms
27ms Image
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I0149fy1CfXtFyQxZEIJKpFoFfKTgYSHaUZpjTbiPnNs0NdwVpSDmKI8jCKWOdJX1ZRyuy

Requested by

Host: e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
URL: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 00:40:58 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 6D90 23 KB
8 KB 21ms
20ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 278114
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 7799
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 05 Jul 2023 19:25:44 GMT
expires: Thu, 04 Jul 2024 19:25:44 GMT
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 count
logger.virgul.com/ Frame 9F38 0
116 B 129ms
65ms Ping
image/jpeg 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://logger.virgul.com/count?m=adDataLoad&g=m&r=npm_nefisyemektarifleri:preroll:100&o=&iv=&wVID=&info=10710800@117240@117240@13:30@@&os=windows&dt=desktop
Requested by: Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=7/9/2023
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 09 Jul 2023 00:40:58 GMT
server: openresty/1.15.8.3
content-length: 0
access-control-allow-methods: GET, POST
content-type: image/jpeg

GET
H2 200 zoneview
ng.virgul.com/ Frame 9F38 0
222 B 63ms
63ms Image
text/plain 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/zoneview?c=&mt=1688863258452&v=https%3A%2F%2Fwww.nefisyemektarifleri.com%2Fetsiz-nohut-yemegi-248941%2F%26vi%3D10710800%40&r=153182:nefisyemektarifleri&userId=vnet13e653e2-9c07-45f2-b274-9cafc9d81d31&tp=&os=&call=&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc1,hf1,vv1,gpnyt%3D1%26video%3D1%26rec%3Dbakliyat-yemekleri%26rec_ing%3Ddomates%20sal%C3%A7as%C4%B1%40karabiber%40kuru%20so%C4%9Fan%40nohut%40pul%20biber%40s%C4%B1v%C4%B1%20ya%C4%9F%40sivri%20biber%40su%40tuz%26nyt_cat%3Dpost&info=&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&rdmt=0.7455658325590531
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: https://www.nefisyemektarifleri.com
date: Sun, 09 Jul 2023 00:40:58 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

POST
H2 200 count
logger.virgul.com/ Frame 9F38 0
116 B 126ms
64ms Ping
image/jpeg 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://logger.virgul.com/count?m=videoActivateError&g=m&r=npm_nefisyemektarifleri:windows:Chrome_114.0.5735.198&o=&iv=&wVID=&info=10710800@117240@117240@13:30@@&os=windows&dt=desktop
Requested by: Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=7/9/2023
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 09 Jul 2023 00:40:58 GMT
server: openresty/1.15.8.3
content-length: 0
access-control-allow-methods: GET, POST
content-type: image/jpeg

GET
DATA 200
OK truncated
/ Frame 9F38 1016 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6823cdc5c5bc297bd4ac06187687fecb2a5c110658ebd5efba820132571fe6a2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

206

10710800-480_2-170k.mp4
istr-n23.nktcdn.com/data/videos/10710/ Frame 9F38
Redirect Chain

https://istr.izlesene.com/data/videos/10710/10710800-480_2-170k.mp4?token=dX0k2OY4L6QJI8xioHu-zA&ts=1688953258&playername=npm_nefisyemektarifleri
https://istr-n23.nktcdn.com/data/videos/10710/10710800-480_2-170k.mp4?playername=npm_nefisyemektarifleri&token=EdsKSMic4FFFdMMAAn0-Cw&ts=1688949658

768 KB
0

253ms
58ms

Media
video/mp4

185.7.176.223

General

Check archive.org

Show headers Download Go to

Full URL: https://istr-n23.nktcdn.com/data/videos/10710/10710800-480_2-170k.mp4?playername=npm_nefisyemektarifleri&token=EdsKSMic4FFFdMMAAn0-Cw&ts=1688949658
Protocol: H2
Server: 185.7.176.223 -, , ASN (),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: *
Content-Range: bytes 0-22366387/22366388
date: Sun, 09 Jul 2023 00:40:58 GMT
last-modified: Tue, 06 Sep 2022 14:04:31 GMT
server: openresty/1.15.8.3
Content-Length: 22366388
content-type: video/mp4

Redirect headers

date: Sun, 09 Jul 2023 00:40:58 GMT
server: openresty/1.15.8.3
content-type: text/html
location: https://istr-n23.nktcdn.com/data/videos/10710/10710800-480_2-170k.mp4?playername=npm_nefisyemektarifleri&token=EdsKSMic4FFFdMMAAn0-Cw&ts=1688949658
access-control-allow-origin: *
cache-control: max-age=0
content-length: 151
expires: Sun, 09 Jul 2023 00:40:58 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 0699 0
54 B 145ms
144ms Ping
image/gif 2607:f8b0:4008:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~ljupkthr&c=5045136992859&slotId=2522568496429.5&qqid=CNr2-fOxgIADFQz-dwodANwJ9Q&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=988&mt=video%2Fmp4&vs=640x360&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.k7&ape=1&ple=1&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4008:814::2003 Riverview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Jul 2023 00:40:58 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 5e2588ac6f82ad050a013a34
ng2.virgul.com/tck/imp/ Frame 9F38 0
222 B 66ms
65ms Image
text/plain 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng2.virgul.com/tck/imp/5e2588ac6f82ad050a013a34?g=1&t=gb&r=153193@site_geneli@nefisyemektarifleri:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgpnyt%3D1%26video%3D1%26rec%3Dbakliyat-yemekleri%26rec_ing%3Ddomates+sal%C3%A7as%C4%B1%40karabiber%40kuru+so%C4%9Fan%40nohut%40pul+biber%40s%C4%B1v%C4%B1+ya%C4%9F%40sivri+biber%40su%40tuz%26nyt_cat%3Dpost&info=&mt=1688863256324&userId=vnet13e653e2-9c07-45f2-b274-9cafc9d81d31
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: https://www.nefisyemektarifleri.com
date: Sun, 09 Jul 2023 00:40:58 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 0A34 0
0 65ms
64ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C59reGQKqZJq8ELWmjuwPtdy-2Avmj96DaajR7pfxEJSUjqD_ChABIMCygmtglYKAgMgHoAHSn_DbA8gBCakCtmvPTG1msj7gAgCoAwHIA8sEqgScAk_QXX2HGjxwnIemjsF8-fd96WiMemjIGeQS7eqf8P8yh8Ur_pfRogiMkQVbNHrdsbObx1GgoKocb2IUktSJ1nq784WNypWpHjnWBgGLttBhFNAprKbfaagzT8Hmk-OYX4-LrpLgDXHyB6ePXWELLd2Lc1Iph9H-9mLZxYIGKKMmSsvPPN4OwCl6JwBSDqNpytZF4D0EN8Urbl86BUjci1sDcq3GsUkPgVOW4D89SoDDctxLQkLbZI8KTup0BlttzcghY-e29DHc1snApEWpoTb2C49Gt5jiCokccYCwgNBb0nLY5I7TyP2-Vugddh2Eauu0778Z8VSZQPl75-l-AAmBSyIBo2HUZr869oV7XADA2yu0T9uggOgY2fdYwASwzYvjqgHgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHluCPJKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAPIHBBDP7AHSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi02MTQ1NzYwOTg0MjgzMTMzgAoDyAsB2BMNiBQB0BUBmBYBgBcBshceChwIABIUcHViLTY1OTM1MjMyMTAwMTAxNTQY6sFt&sigh=CBqv0BQjFEI&uach_m=[UACH]&cid=CAQSOwBygQiD3GqPhJ1OibChZSNQGT-w2RvHGc4AuhQicP52kcEMwoqEQdo_BiJCW1F_Z7f_K4Ei33it_L6tGAE&template_id=494&cbvp=2&vis=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 oBMhIGozJCmZhanrY2s6Nzm7GdNkvCqEaGjKud4M6yI.js Show response
pagead2.googlesyndication.com/bg/ Frame 4E56 37 KB
14 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/oBMhIGozJCmZhanrY2s6Nzm7GdNkvCqEaGjKud4M6yI.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a01321206a3324299985a9eb636b3a3739bb19d364bc2a846868cab9de0ceb22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 06:31:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 151768
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14631
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 06 Jul 2024 06:31:30 GMT

GET
H3 206 file.mp4
r2---sn-4g5ednkl.c.2mdn.net/videoplayback/id/16b003e62bbfefe1/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1720399258/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame FBE7 2 MB
2 MB 46ms
20ms Media
video/mp4 2a00:1450:4001:29::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
URL: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:29::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

b6e72f4a20534c16961d7e632550425a47db3b94b00045cd912ec263e8c9bfd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Range: bytes=0-

Response headers

expires: Sun, 09 Jul 2023 00:40:58 GMT
date: Sun, 09 Jul 2023 00:40:58 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-1761563/1761564
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 1761564
last-modified: Fri, 07 Jul 2023 14:26:39 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
client-protocol: quic

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 544D 0
0 64ms
64ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CY1zaGQKqZMO8ENKmjuwPveusmAm6iLSPXJzX7u6pCMCNtwEQASAAYJWCgIDIB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJ4AIAqAMByAMCqgS1Ak_Q7V8YieYDHSMGyEIM-gUuALfSRP2bJ9O5W3b8FywXB_G5GlXTM3wwIJRVQwpgHZjXXhz4vV7YM8K6kh1ltuJHfmW95SaRldWQOjdjVHQ3SCBb68KIpRIOHJZMFs012jHcUl0zwamhy6KGDQ8K7pTKSgL6E_dZJxEcaboGnzmq5A6GKuVzH2RbXWV3y8k0PzzxRmTxt-X32giPJYtX6f3saaLDQQxPLhzevsncHNoF_KCa7khV-SmfrRcy0R-YgxJkvz52np3DG7W645Vf8w0UfOh2V0jZflmcPUGoI4UyejdFW99c6XmgXWicr2Nna9NcDMgbMsu-pY8Nu70KBYH55CK_9LOh9fEi4wMN9uAi8Kj59fck_Xllug1jM4Zc48sH9RFqTfXhO1fxdRWy75KnYUL7aOAEAYAGm-uK68aOgupLoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi02MTQ1NzYwOTg0MjgzMTMzgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTc5ODM2NTEyNTc4MzgyODIY6sFt&sigh=iV5gcVHoN9o&uach_m=[UACH]&cid=CAQSOwBpAlJWTVa6UwDsCkz8GLVR7P8OdSI-hG6kp_5dRTSe-jWSuXxrjvFPTaSTzde5Oo-l3k74TifjT9hIGAE&cbvp=2&vis=1
Requested by: Host: e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
URL: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H/1.1 200 a.gif
i.w55c.net/ Frame 544D 42 B
582 B 92ms
22ms Image
image/gif 52.29.25.103

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.w55c.net/a.gif?t=0&rtbhost=conf01-europe-west1.rtb.roku.com&rts=1&btid=N0RCRDUwMkVENUQ3MUY5Mjg4RERDMUJFMEU2REI4QTV8R0ZBODQ3VlBIbnwxNjg4ODYzMjU3MzkwfDF8WG1FS1o4a2t0eHxYUnpUZVRpNmdrfC0xODI5MTcxNDk3X0VYfDE2NzMwfHx8fC4wUHxVU0Q&ei=GOOGLE&wp_exchange=ZKoCGQAEHkMHg5NSAAs1valSoUTrzYTZK7716Q&ac=WFM2YVdYQTl2bjpYU1pHTkNKTWpzfDB8MHxFVVI7&psid=NTkzOTA4MTEyNTc&js=0&ob=0&ccw=SUFCMjQjMS4w&ci=Xmwo1n97Q8&fiu=WG1FS1o4a2t0eA&fid=XmEKZ8kktx&sd=nefisyemektarifleri.com&s=https%3A%2F%2Fwww.nefisyemektarifleri.com%2Fetsiz-nohut-yemegi-248941&ts=1688863257393&dvdp=i.w55c.net/dv.jpg&ai=0DaDXCcU00&c=DE&r=TH&m=0&pc=06577&rnd=4737955162650563&epid=R0wxNTIyMg&ct=b126c92c760c4964ba6058483a07fa14&os=Mm8wMDAy&dc=NzI4NWEyMmNjZmE2NGM1Y2JmMzBmYzExNmQzNGFhNGU&dv=MUxWSXJn&dm=MU1udVZVV21Ndg&l=dHJ8fA&ri=2rxtlU&cip=1&alg=TGcwMDA4&v=0&euid=Q0FFU0VDa2d6X3V3U2xpZVlFNjVZbG42cFM4&mt=2cmt0001&mi=d2Vi&dt=2dt0005&tz=RXVyb3BlL0Jlcmxpbg&sg=rxTyM3uJfbNcgYEsMlU9jQ&buid=Xdb4DXiaK1Q&hmt=1&hmdp=s.h.w55c.net/2/948461/analytics.gif&hmtiu=9484611643830741015000&uidu=CAESECkgz_uwSlieYE65Yln6pS8&spidu=GOOGLE&pidu=15222&hmpvu=93316644-050e-40a3-9c9f-adce697df8d7&hmtsu=3&odtu=2&mtfu=1&crdmu=300x250&cridu=XRzTeTi6gk&naoh=i.w55c.net/na.gif&ndgh=i.w55c.net/ng.gif&cbvp=2

Requested by

Host: e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
URL: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.29.25.103 -, , ASN (),

Reverse DNS

Software

PixelTracking/v2.0.30-782-g97d928b#rel-ec2-master i-0caa68a19e3c1fdac@eu-central-1a@dxedge-app-eu-central-1-prod-asg /

Resource Hash

47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 09 Jul 2023 00:40:58 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PixelTracking/v2.0.30-782-g97d928b#rel-ec2-master i-0caa68a19e3c1fdac@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Content-Type: image/gif
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 42
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 oBMhIGozJCmZhanrY2s6Nzm7GdNkvCqEaGjKud4M6yI.js Show response
pagead2.googlesyndication.com/bg/ Frame 6D90 37 KB
14 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/oBMhIGozJCmZhanrY2s6Nzm7GdNkvCqEaGjKud4M6yI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a01321206a3324299985a9eb636b3a3739bb19d364bc2a846868cab9de0ceb22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 06:31:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 151768
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14631
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 06 Jul 2024 06:31:30 GMT

GET
H3 200 ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 5FBD 21 KB
21 KB 21ms
20ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 06:34:45 GMT
x-content-type-options: nosniff
age: 583573
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21428
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:32:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 01 Jul 2024 06:34:45 GMT

GET
H3 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 5FBD 20 KB
20 KB 24ms
24ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 16:40:42 GMT
x-content-type-options: nosniff
age: 28816
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Jul 2024 16:40:42 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 5FBD 0
0 63ms
63ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CJICEGQKqZMyFEYra3wOfnYagDr2Npq9vn8yvrL8O6p_coNQBEAEgwLKCa2CVgoCAyAegAbC6odcDyAEJqQK2a89MbWayPuACAKgDAcgDywSqBKACT9Cj3zkREf76pcgfREzPd8qBdHG4-euqKLzvv4GnACsA7H6PZsuUXfcIicHQuag29Ad-34DHceP2FdF9jwUO1LuDZMH9IOupHWlumoiUM2r5Vr4KYZURT2KTcPJGBB3K_greK268vjmTxv5nVweRlghtT-nF0C6QS3JehQHhw8JeHs2sqqHOT5VYLmGNGZSoSE5ZtMaCBaIgeor4Q1Yv_kTvirD_6Vka9hqbY-36qsahzhR3hrmA_qBj6pU9h4uxFVIhjaYKtj7uAj8UMLN3wnLbJUL5qTY7SIfBIizPMwI5nPasqv-KlL95ViVAjZyvcl1x6JVxe4klHcMEqDS9Qn0p8jPlLTchWJBq6G_BS3ma49qwLGlusb3kSsc3jTRYwASpnKmq4APgBAGIBfjE1Og2kgUECAQYAZIFBAgFGASgBi6AB8X3rT6oB5CssQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwQQpIID0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNjE0NTc2MDk4NDI4MzEzM4AKA8gLAdgTDIgUAtAVAYAXAbIXHgocCAASFHB1Yi02NTkzNTIzMjEwMDEwMTU0GOrBbQ&sigh=9qa-m35E28w&uach_m=[UACH]&cid=CAQSOwBpAlJWKjdJoy_HbeuzYQSNYeum1vSYrOyC9ngT49TgUVmCl0erLm2congWHbpxUuCPjgghyLLlP3THGAE&template_id=494&cbvp=2&vis=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 oBMhIGozJCmZhanrY2s6Nzm7GdNkvCqEaGjKud4M6yI.js Show response
pagead2.googlesyndication.com/bg/ Frame C37E 37 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/oBMhIGozJCmZhanrY2s6Nzm7GdNkvCqEaGjKud4M6yI.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a01321206a3324299985a9eb636b3a3739bb19d364bc2a846868cab9de0ceb22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 06:31:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 151768
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14631
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 06 Jul 2024 06:31:30 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame FBE7 0
0 58ms
57ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C9UWUGQKqZPizELeKjuwP1cG42A3-0_evXM7PvdjqAsCNtwEQASAAYJWCgIDIB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEF4AIAqAMBqgSqAk_QENCcxjQBWvpkIhSQDpWhhbxwPft25_eoAxT9FWKI2i2St_PEJuCXisxONodVlb1ezxgymH1uKTfOcn4G_9WxtFpmyPzHblqv04tl08zl8xgwGDBv72Ebk8QDLogCoi197k0j8gekh2oqRMSu5GMJ7DJc2wdF6tskNNoUCYvn150Yo6H7BMP-ZDwVHxWgQhPzQZddzJV--kORC6A6ia-8hESPynHk3DzRpjVQEYGG1pLXx6-k60Z8jU0pSW5auFDNII47nlwXyK-9pSGZlES9dqkAep-4l_Qc_XrTcnyxTbJ6ikVFzQ7JSNqj0oavjWit4P6hEtdh_Wj8BwrrWxC03yWgLzNJv2WzfKsCg-BN3RnL_9BilSBM865tqz53GDsQMAXvFmGR2RngBAGABv3V1afSmZvFNKAGKqgHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNjE0NTc2MDk4NDI4MzEzM4AKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi03OTgzNjUxMjU3ODM4MjgyGOrBbQ&sigh=N8_rOe0FoCA&uach_m=[UACH]&cid=CAQSOwBygQiDtWUnnu_yLwWHjk_CV453VdmX_ugm7jUZscyn8OvEopEX3Iv23ZNzhtuinlCtHeu9CFPLNwP-GAE&vt=10&cbvp=2&vis=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6D90 0
20 B 58ms
57ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BJLffGgKqZJKtEuiskdUPr6SLwAMAAAAAOAHgBAI&bg=!0tGl0YXNAAb90kgr3dI7ADkAdvg8Wu3ZZUoveSLERFoHoJnu_5MJNUM-AIqByONLNmE8K0mfVnHcoTMhKpL9JVr1WYygioCBt3cCAAAAm1IAAAAFaAEHmQMr-5mjRsFJ0puHmxqtAwGf0jZynKZcdUyKF5IcGrhiK_aLqjX8uuQcuWGxln9XByFgZzYYN-U6b-IaZWciih1BZESCgXqYxuyeY5WFPFq1VEN2ETk3yayM3dfe1SDfc9gjKRU7xDV4z23fkEtX-DVEWNKAGRzBrC82urdTNJ82pGUdIS1aZNcLsdhwNWuIdS6giLLRWZrdZ1C65K_VlF76FgnceAn33b63ocqmgPRAiEPT-w1CZlaD0SSJ3hQbHy8b9rTR0IyoahlKTF-7QOgIQqcXVomkgrYxW6tM7CZ24-u-quScW0i3fztTK0spXvdAfrDgWB7l872RtL4buZ49Y8YfQreVDkNW4C2qz9G7Ps9IHJ4rD8-ZNM5_pyWalJ_B9bkZ524ZF-UJBeuSntafT41MdOYVVxNYYUG-v18AD0M-IgPUYGbq74klWpyqudSEI-tQdHMr2Tz5Xe7xyKELib2Ue_EudeEHkUF34h-WYM7U3L5Vhg7y5R8VTce1OVtgMgmoGkZrJNssENHJ57CiIbNf9edWkrw31EQwiC_eXIcA9kSropdr35-how7RnNBiyLN_WWRpPLpRMagw_2JcRyBweCjg4HUSRw4jk9ZNlIYkJL87jn5CDm6ovJeG6m5pco6teQeHjK0p8q8o79UYjlFmuxf4Bg7K6XKOhBSUspA2zs5oNNVgPrYPsKBa-KJJnU6KUiQ2wktyYEivB_sqBF9CPg38sh-8x_rcPvIbHR0R_xgppGq6F7b9yXn9lzHG8n9gH7CwVr1TI4w-htzcEov_6YEn5NutoexrwCBIGuaIqDfxgIZ15jeBoh1E5A2w3s6G6yo-4Lrv0HrsoWHnIkcKfKVnIWS7W2FT3ao-uIiTmZWk0zUW0CjYwD54ojkfUZvpx2CUUsvTaPPPnESPUgXiGH9uQML0V3pLksyUN4-kLWKDSRNiDs4D4jRsKDDAcFXZuS2OSphGFNgzRbAf3lAaLiQjSEeRFGVETrGU7n3PzXsXJ6Q2lS_94NFJo9jSGKIDWO4JYG7JDIk55eWmHRgm9sLfTXyCbBnWmqoCYgFHD5xVgHKenOOUdQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Jul 2023 00:40:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9F38 0
0 57ms
56ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202306290101&jk=1674499439926752&bg=!0dKl0obNAAb90kgr3dI7ADkAdvg8WoyZ3TTES4azwqwkpQW6t3Kp2krRFE_iCoxGqd6jhLyLenIyhq3_UOOWAKzKPLyW5HnwI4oCAAACh1IAAAAIaAEHCgBETdC22ctVfYIwkE70IXTZ2CS72mx0a00NNFTPF6t4ztsvBtHhQcuqUK3yI4AOjRpMVWPeizCTIy1mfPM_NAsGNAjXEfSZAuBlGHEXBPp8e-n8TVZyLSmP1m0ugCoE7c8BrIO7Ic0_p1Y4muecrEL2mbwIlhj4lDIfbp24ZnqBnyOWCCexEZijC4T4ViKH9ah0y-7w0qr3EV-yFJ75rxZjcl907oyYJ20iQvEvB3v1bluUzNsRPCIPIwCUuqR4PAR17woZNofbGvrcrwwmAevfIIUx3Jbx0kVtnR6PrciaMWe4lL4liealQuwj5Nw-Bng0asiJZEkR4xzeGTj3W2QQ4jenebBcZiAieoWy00AQJtCVInkqzgsANSsbGG80wrhBOV40Zqb2j35v0hvIqZVg6bBAgOzXkEYaBRpXx30t49F-_Op260INglKMluDWx358IifIGY-0sa9xIaF2V3opmkU4jElCyLwwntwMF2apK3zrl-98q5svtk8KcVE_23Ez80EfbsMyQx-UnMRxFeIn6RK3wBQaAojM38eI2_s4d7js9q96OOa-sjwh8Rc8AlcEs-r-WBG1pcDYWE2PjMJ6jwZWwr_YO2OZZUdaqqnIv9IYa2m4XSsqYoTrkoWe9C4QneCZZ0bOiJaD5i4YFfMyyVEV591oidB7e4-Hpao4F9gtyxNWVbSYhABEvUZTUk9Tazc2blvDMpOyg48xi_ob3V-fDJ9ig5SmuGA6ROWULiMgdKV21vyZ1p0FVpRCC0Q0RkIGcY8Yi0kpNKEpqR6A55FIAPXHs3y1xoXS9wkRqqgg27PwECA8jlTK9-Qd-K1QyByDdDQ4XaEY-SJEY7CXcf2OabvBdsdvzBitaUmu0S7GQ2f0JZh3x2kCXoPFAl5ahZOn4bdp8LQin4cmdtteo9JifTtyv4-dJg8omgGiXa9k73SZZl9FJ-I8Z5u3SDXq8ZxRJi3nvzIrH0RPNEry39980MErrm2KonVWhINxK5dS52Kozfm55H9r1OryotDqaDS6j0xcvfbV9vwKtwuMQzoGFL5cImmx_A_H73u1_o863I6HWu-R
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

POST
H2 200 count
logger.virgul.com/ Frame 9F38 0
116 B 59ms
59ms Ping
image/jpeg 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://logger.virgul.com/count?m=initBufferFull&g=h&r=npm_nefisyemektarifleri:n:10710800&o=&iv=&wVID=&info=10710800@117240@117240@13:30@@&os=windows&dt=desktop
Requested by: Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=7/9/2023
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 09 Jul 2023 00:40:59 GMT
server: openresty/1.15.8.3
content-length: 0
access-control-allow-methods: GET, POST
content-type: image/jpeg

POST
H2 200 count
logger.virgul.com/ Frame 9F38 0
116 B 59ms
59ms Ping
image/jpeg 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://logger.virgul.com/count?m=start&g=m&r=npm_nefisyemektarifleri:n:13::10710800&o=vnet13e653e2-9c07-45f2-b274-9cafc9d81d31:185:800-900::&iv=&wVID=&info=10710800@117240@117240@13:30@@&os=windows&dt=desktop
Requested by: Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=7/9/2023
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 09 Jul 2023 00:40:59 GMT
server: openresty/1.15.8.3
content-length: 0
access-control-allow-methods: GET, POST
content-type: image/jpeg

POST
H2 200 count
logger.virgul.com/ Frame 9F38 0
116 B 59ms
59ms Ping
image/jpeg 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://logger.virgul.com/count?m=adRequest&g=m&r=npm_nefisyemektarifleri:preroll&o=&iv=&wVID=&info=10710800@117240@117240@13:30@@&os=windows&dt=desktop
Requested by: Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=7/9/2023
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 09 Jul 2023 00:40:59 GMT
server: openresty/1.15.8.3
content-length: 0
access-control-allow-methods: GET, POST
content-type: image/jpeg

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 9F38 107 B
122 B 27ms
27ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.nefisyemektarifleri.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 00:40:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 9F38 985 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6efe7e4964448fbdd5349e5116703648d6692fc191736eb19b62515e21a7a3d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 1E02 156 B
575 B 290ms
271ms XHR
text/xml 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21728129623%2C21696649314%2Fweb_nyt_preroll_FP3&description_url=http%3A%2F%2Fnefisyemektarifleri.com&env=vp&correlator=2930855222941443&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&sz=640x360&unviewed_position_start=1&ad_type=audio_video&ppid=vnet13e653e29c0745f2b2749cafc9d81d31&cust_params=site%3Dnefisyemektarifleri%26env%3Dweb%26mt%3D1688863256324%26r%3D153182%40site_geneli%40nefisyemektarifleri%3Asite_geneli%26info%3D%26policy%3D0%26targetCtr%3D0%26viewable%3D2%26site%3Dnefisyemektarifleri%26plm%3Dnull%26pid%3Dvnet13e653e2-9c07-45f2-b274-9cafc9d81d31%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26nyt%3D1%26video%3D1%26rec%3Dbakliyat-yemekleri%26rec_ing%3Ddomates%20sal%C3%A7as%C4%B1%2Ckarabiber%2Ckuru%20so%C4%9Fan%2Cnohut%2Cpul%20biber%2Cs%C4%B1v%C4%B1%20ya%C4%9F%2Csivri%20biber%2Csu%2Ctuz%26nyt_cat%3Dpost%26hb_uuid%3Dundefined%26hb_cache_id%3Dundefined&sdkv=h.3.579.0&osd=2&frm=2&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70%2C728x90&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&adk=3738265048&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.579.0&sid=F3F0A8C0-2B82-4E3D-A2D2-75E1D3DEE7C9&nel=0&eid=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&dlt=1688863255648&idt=2483&dt=1688863259296&scor=3424056153375380&ged=ve4_td3_tt1_pd3_la3000_er551.315.704.615_vi0.0.1200.1600_vp100_eb24427

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.579.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 00:40:59 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame BFDE 42 B
64 B 63ms
63ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsts8yj-jpGdNT-jIAe7uJaYBVBi5XrR1x3JNPSDqK51GPKwOD3SRSaGrQ-5v7cGXfSwGzLDEJ73YXtQy4KmcQkKJoGCoh9MO57g-7tQk3p4QcWblFcBpRyv2jWT1MY2dyH6ftMyO03uRyBBcrFvXzsOFVZ1SSaw9fVB5Hv2L3k&sai=AMfl-YTZuanpEu8SYBuRNgX5pSuTQuJqLkTu68dxzzvevxCZLccyMWBLfPN7AU3EcuhBFx0jHjX575coH-2S8Kb3LLd4W4AXyuYTbv97Dp5i-itar_K7j5jEVQTr4Lc&sig=Cg0ArKJSzF5OVQBvkDBZEAE&cid=CAQSOwBpAlJWgxSrmQM1DsQkPRvwBeNVgyVMKeInEkliN0NnlvW-F8leSkMleSvZwLaZxhnhV0JsdVwawh0hGAE&id=ampim&o=0,251&d=970,250&ss=1600,1200&bs=970,250&mcvt=1004&mtos=0,0,0,1004,1004&tos=0,0,0,1004,0&tfs=716&tls=1720&g=100&h=100&tt=1720&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Jul 2023 00:40:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 5e2588d56f82ad050a013c2a
ng2.virgul.com/tck/imp/ Frame 9F38 0
222 B 63ms
63ms Image
text/plain 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng2.virgul.com/tck/imp/5e2588d56f82ad050a013c2a?g=1&t=dfpcode&r=153204@site_geneli@nefisyemektarifleri:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgpnyt%3D1%26video%3D1%26rec%3Dbakliyat-yemekleri%26rec_ing%3Ddomates+sal%C3%A7as%C4%B1%40karabiber%40kuru+so%C4%9Fan%40nohut%40pul+biber%40s%C4%B1v%C4%B1+ya%C4%9F%40sivri+biber%40su%40tuz%26nyt_cat%3Dpost&info=&mt=1688863256324&userId=vnet13e653e2-9c07-45f2-b274-9cafc9d81d31
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: https://www.nefisyemektarifleri.com
date: Sun, 09 Jul 2023 00:40:59 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0A34 42 B
64 B 63ms
63ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvJMlbETlt75VUx-Kt9PXu_BGgrMuIBv7fP-4W2Eth46rIiilSgOMgXWgY0Wdd0YRBYTxYXTlgirJOkIAPVSCDsXcx2LSma_u4TrCOcQsZMaGWK7yq0aQz-WgXDYuZsBo1B0R6ZbCDLj0unfYwwZOhYXwqwOFFjVmHDZjdQL-Bz&sai=AMfl-YT0Eqj9XG2jw8uM_3rWhUqijYQX3HISDpgOPTsLHxbh9urxJbH_hNwomOdj7W4mxDS9tl7eN-aWBDg11K60HdUD7xqzZmB-gdYS4NFvuxKN5_6RvpHKZE223VA&sig=Cg0ArKJSzOCFaA6fSuO9EAE&cid=CAQSOwBygQiD3GqPhJ1OibChZSNQGT-w2RvHGc4AuhQicP52kcEMwoqEQdo_BiJCW1F_Z7f_K4Ei33it_L6tGAE&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230705&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1855900369&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1688863257683&rpt=894&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Jul 2023 00:40:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 1E02 0
17 B 142ms
141ms Ping
image/gif 2607:f8b0:4008:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~ljupktyi&c=4770005594451&slotId=2385002797225.5&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.579.0_en.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4008:814::2003 Riverview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Jul 2023 00:40:59 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 count
logger.virgul.com/ Frame 9F38 0
116 B 61ms
60ms Ping
image/jpeg 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://logger.virgul.com/count?m=adError&g=m&r=npm_nefisyemektarifleri:preroll:1009:&o=&iv=&wVID=&info=10710800@117240@117240@13:30@@&os=windows&dt=desktop
Requested by: Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=7/9/2023
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 09 Jul 2023 00:40:59 GMT
server: openresty/1.15.8.3
content-length: 0
access-control-allow-methods: GET, POST
content-type: image/jpeg

POST
H2 200 count
logger.virgul.com/ Frame 9F38 0
116 B 61ms
60ms Ping
image/jpeg 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://logger.virgul.com/count?m=adRequest&g=m&r=npm_nefisyemektarifleri:preroll&o=&iv=&wVID=&info=10710800@117240@117240@13:30@@&os=windows&dt=desktop
Requested by: Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=7/9/2023
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 09 Jul 2023 00:40:59 GMT
server: openresty/1.15.8.3
content-length: 0
access-control-allow-methods: GET, POST
content-type: image/jpeg

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 9F38 107 B
122 B 28ms
28ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.nefisyemektarifleri.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 00:40:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 1E02 156 B
186 B 203ms
203ms XHR
text/xml 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21728129623%2C21696649314%2Fweb_nyt_preroll_FP2&description_url=http%3A%2F%2Fnefisyemektarifleri.com&env=vp&correlator=2930855222941443&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&sz=640x360&unviewed_position_start=1&ad_type=audio_video&ppid=vnet13e653e29c0745f2b2749cafc9d81d31&cust_params=site%3Dnefisyemektarifleri%26env%3Dweb%26mt%3D1688863256324%26r%3D153182%40site_geneli%40nefisyemektarifleri%3Asite_geneli%26info%3D%26policy%3D0%26targetCtr%3D0%26viewable%3D2%26site%3Dnefisyemektarifleri%26plm%3Dnull%26pid%3Dvnet13e653e2-9c07-45f2-b274-9cafc9d81d31%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26nyt%3D1%26video%3D1%26rec%3Dbakliyat-yemekleri%26rec_ing%3Ddomates%20sal%C3%A7as%C4%B1%2Ckarabiber%2Ckuru%20so%C4%9Fan%2Cnohut%2Cpul%20biber%2Cs%C4%B1v%C4%B1%20ya%C4%9F%2Csivri%20biber%2Csu%2Ctuz%26nyt_cat%3Dpost%26hb_uuid%3Dundefined%26hb_cache_id%3Dundefined&sdkv=h.3.579.0&osd=2&frm=2&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70%2C728x90&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&adk=3738265048&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.579.0&sid=F3F0A8C0-2B82-4E3D-A2D2-75E1D3DEE7C9&nel=0&eid=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&dlt=1688863255648&idt=2483&dt=1688863259604&scor=3424056153375380&ged=ve4_td4_tt2_pd4_la4000_er551.315.704.615_vi0.0.1200.1600_vp100_ts1_eb24427

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.579.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 00:40:59 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5FBD 42 B
64 B 63ms
62ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsulDePJFuSngnLdnJTPLBzcbwLRF_rEkBi_sjNWkPKviDtNE6nFIoI1qno_vH6A7oOE7UvlOL8G56doG7PHUyrN8Hybv5VO5I4idj8E7NbYeF_lC1_CnGfBvtQSZLnS7D_Uz3mp_zV_YRBp&sai=AMfl-YTd5DKrHAv5f3a0SjA_fFCfjdKxo_dehscAfo2xzqoFTCTOuPeT07c8XdHY6LnAXsoQAWebA9WLAvFWT-cGLxfvFH9LDwLb16tHnHlxFdfcxHu2rxj3PUv7WO8&sig=Cg0ArKJSzM8ANda3HB7xEAE&cid=CAQSOwBpAlJWKjdJoy_HbeuzYQSNYeum1vSYrOyC9ngT49TgUVmCl0erLm2congWHbpxUuCPjgghyLLlP3THGAE&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230705&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=4169634498&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1688863257819&rpt=789&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Jul 2023 00:40:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 5e25888d6f82ad050a0138d8
ng.virgul.com/tck/i_vb2/ Frame 9F38 0
222 B 60ms
59ms Image
text/plain 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/tck/i_vb2/5e25888d6f82ad050a0138d8?l=&r=153183@site_geneli@nefisyemektarifleri:site_geneli&cs=1688863259685&userId=vnet13e653e2-9c07-45f2-b274-9cafc9d81d31
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: https://www.nefisyemektarifleri.com
date: Sun, 09 Jul 2023 00:40:59 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H2 200 5e2588ae6f82ad050a013a58
ng.virgul.com/tck/i_vb2/ Frame 9F38 0
222 B 60ms
60ms Image
text/plain 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/tck/i_vb2/5e2588ae6f82ad050a013a58?l=&r=153184@site_geneli@nefisyemektarifleri:site_geneli&cs=1688863259685&userId=vnet13e653e2-9c07-45f2-b274-9cafc9d81d31
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: https://www.nefisyemektarifleri.com
date: Sun, 09 Jul 2023 00:40:59 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H2 200 5e2588ae6f82ad050a013a56
ng.virgul.com/tck/i_vb2/ Frame 9F38 0
222 B 60ms
60ms Image
text/plain 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/tck/i_vb2/5e2588ae6f82ad050a013a56?l=&r=153185@site_geneli@nefisyemektarifleri:site_geneli&cs=1688863259685&userId=vnet13e653e2-9c07-45f2-b274-9cafc9d81d31
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: https://www.nefisyemektarifleri.com
date: Sun, 09 Jul 2023 00:40:59 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

POST csi
csi.gstatic.com/ Frame 1E02 0
0

POST
H2 200 count
logger.virgul.com/ Frame 9F38 0
116 B 59ms
59ms Ping
image/jpeg 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://logger.virgul.com/count?m=adError&g=m&r=npm_nefisyemektarifleri:preroll:1009:&o=&iv=&wVID=&info=10710800@117240@117240@13:30@@&os=windows&dt=desktop
Requested by: Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=7/9/2023
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 09 Jul 2023 00:40:59 GMT
server: openresty/1.15.8.3
content-length: 0
access-control-allow-methods: GET, POST
content-type: image/jpeg

POST
H2 200 count
logger.virgul.com/ Frame 9F38 0
116 B 59ms
59ms Ping
image/jpeg 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://logger.virgul.com/count?m=adRequest&g=m&r=npm_nefisyemektarifleri:preroll&o=&iv=&wVID=&info=10710800@117240@117240@13:30@@&os=windows&dt=desktop
Requested by: Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=7/9/2023
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 09 Jul 2023 00:40:59 GMT
server: openresty/1.15.8.3
content-length: 0
access-control-allow-methods: GET, POST
content-type: image/jpeg

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 9F38 107 B
122 B 28ms
28ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.nefisyemektarifleri.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nefisyemektarifleri.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 00:40:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET ads
pubads.g.doubleclick.net/gampad/ Frame 1E02 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: csi.gstatic.com
URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~ljupkv61&c=4770005594451&slotId=2385002797225.5&ghmsh_eids=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275

Domain: pubads.g.doubleclick.net
URL: https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21728129623%2C21696649314%2Fweb_nyt_preroll_FP1&description_url=http%3A%2F%2Fnefisyemektarifleri.com&env=vp&correlator=2930855222941443&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&sz=640x360&unviewed_position_start=1&ad_type=audio_video&ppid=vnet13e653e29c0745f2b2749cafc9d81d31&cust_params=site%3Dnefisyemektarifleri%26env%3Dweb%26mt%3D1688863256324%26r%3D153182%40site_geneli%40nefisyemektarifleri%3Asite_geneli%26info%3D%26policy%3D0%26targetCtr%3D0%26viewable%3D2%26site%3Dnefisyemektarifleri%26plm%3Dnull%26pid%3Dvnet13e653e2-9c07-45f2-b274-9cafc9d81d31%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26nyt%3D1%26video%3D1%26rec%3Dbakliyat-yemekleri%26rec_ing%3Ddomates%20sal%C3%A7as%C4%B1%2Ckarabiber%2Ckuru%20so%C4%9Fan%2Cnohut%2Cpul%20biber%2Cs%C4%B1v%C4%B1%20ya%C4%9F%2Csivri%20biber%2Csu%2Ctuz%26nyt_cat%3Dpost%26hb_uuid%3Dundefined%26hb_cache_id%3Dundefined&sdkv=h.3.579.0&osd=2&frm=2&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70%2C728x90&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&adk=3738265048&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.579.0&sid=F3F0A8C0-2B82-4E3D-A2D2-75E1D3DEE7C9&nel=0&eid=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&dlt=1688863255648&idt=2483&dt=1688863259822&scor=3424056153375380&ged=ve4_td4_tt2_pd4_la4000_er551.315.704.615_vi0.0.1200.1600_vp100_ts0_eb24427

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

25 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-20 17:26:55	Name: APC Value: Aa3gxNo8TKKbJm4AU93h6_5fGlMeSHqCqgInyxPfmwzloA0Lezh3KQ
.doubleclick.net/	1970-01-20 22:29:19	Name: IDE Value: AHWqTUkqV73pxGkwilQTzJL4dzSls67ibok9Pl_G5Iv9S4ObEBO3zRT551w67TGWV4E
.doubleclick.net/	1970-01-20 13:07:46	Name: DSID Value: NO_DATA
.hspvst.com/	1969-12-31 23:59:59	Name: VI2677 Value: %7B%22time%22%3A1688863258%2C%22utid%22%3A%22f9c974f5956fba8bfd2e1195c0cee1ac%22%2C%22t%22%3A%22P%22%2C%22s%22%3A%22%22%7D
.hspvst.com/	1969-12-31 23:59:59	Name: VIP2677 Value: 1
.casalemedia.com/	1970-01-20 21:53:19	Name: CMID Value: ZKoCGm7EqBWujoB1wBvybQAA
.casalemedia.com/	1970-01-20 15:17:19	Name: CMPS Value: 2130
.casalemedia.com/	1970-01-20 15:17:19	Name: CMPRO Value: 2130
.de17a.com/	1970-01-20 21:46:07	Name: guid Value: 1.7480538676947842609
.turn.com/	1970-01-20 17:26:55	Name: uid Value: 2326347084678907327
.bidswitch.net/	1970-01-20 21:53:19	Name: c Value: 1688863258
.bidswitch.net/	1970-01-20 21:53:19	Name: tuuid_lu Value: 1688863258
.bidswitch.net/	1970-01-20 21:53:19	Name: tuuid Value: 767a5db1-3031-438c-8158-c977861112a3
.lijit.com/	1970-01-20 21:53:19	Name: ljt_reader Value: G8vIrGZHn5eb0xpRQ2OusBnI
.simpli.fi/	1970-01-20 21:54:45	Name: suid Value: 8AC69B0BFDB4484A9CA87824C94F5FD9
.tribalfusion.com/	1970-01-20 15:17:19	Name: ANON_ID Value: aPnoeUwZcF1voXarrecXfyYqqqSXaZbd2VndVxPZdZbT
.bidswitch.net/	1970-01-20 13:07:43	Name: google_push Value: AaAOQGG9FGj1WEZxX3XwgA_YpmYboMviQqFvs6fQH6JJN_p-RCmQvfriClrnNHLKIXETf0lIGEq7NnjOMgpGCmhsHGMiC72erGLH
.adform.net/	1970-01-20 13:52:21	Name: C Value: 1
.travelaudience.com/	1970-01-20 22:39:24	Name: _tracker Value: %7B%22UUID%22%3A%22A2B7D32F-C76C-4473-9D33-071B5CDFDEB7%22%7D
.w55c.net/	1970-01-20 22:39:24	Name: wfivefivec Value: 3tVNq2EJ1QiitY5
.mathtag.com/	1970-01-20 13:50:55	Name: mt_mop Value: 4:1688863258
.adform.net/	1970-01-20 14:34:07	Name: uid Value: 3228498774528257775
.yahoo.com/	1970-01-20 21:53:40	Name: A3 Value: d=AQABBBoCqmQCELnzFjFKrfSJT7ewSFrunm4FEgEBAQFTq2SzZAAAAAAA_eMAAA&S=AQAAAr8BqFHAB685dM-MhAjIC2I
.w55c.net/	1970-01-20 13:50:55	Name: matchgoogle Value: 5
.everesttech.net/	1970-01-20 21:53:19	Name: everest_g_v2 Value: g_surferid~ZKoCGgAAoR6x7gBa

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://pcloak.blob.core.windows.net/web/jquery.min.js Message: Failed to load resource: the server responded with a status of 404 (The specified blob does not exist.)
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3279755397&plat=1%3A512%2C2%3A512%2C3%3A512%2C4%3A512%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1081856%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688863256512&bpp=4&bdt=864&idt=219&shv=r20230705&mjsv=m202306290101&ptt=9&saldr=aa&nras=1&correlator=4770005594451&frm=24&ife=1&pv=2&ga_vid=21520935.1688863256&ga_sid=1688863257&ga_hid=2011909801&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1843544316&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759837%2C44759875%2C31075643%2C44785292%2C44788442%2C44796479&oid=2&pvsid=1674499439926752&tmod=1383711997&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.w36ovlukm9ku&fsb=1&dtd=234 Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
aax.amazon-adsystem.com
ad.turn.com
ads.travelaudience.com
ads.w55c.net
adservice.google.com
ampcid.google.com
ampcid.google.de
ap.lijit.com
bid.g.doubleclick.net
bitbeat7.com
c.amazon-adsystem.com
c.nefisyemektarifleri.com
c1.adform.net
c1.imgiz.com
cdn.ampproject.org
cm.g.doubleclick.net
connect.facebook.net
csi.gstatic.com
cti.w55c.net
d5p.de17a.com
dclk-match.dotomi.com
e32da42f507def89eb53267abf817ba8.safeframe.googlesyndication.com
encrypted-tbn2.gstatic.com
feed.pghub.io
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
i.nefisyemektarifleri.com
i.w55c.net
i2.nefisyemektarifleri.com
imasdk.googleapis.com
istr-n23.nktcdn.com
istr.izlesene.com
logger.virgul.com
match.adsrvr.org
mn.nytcdn.com
ng.virgul.com
ng2.virgul.com
onetag-sys.com
pagead2.googlesyndication.com
panel.izlesene.com
pcloak.blob.core.windows.net
pghub.io
pixel.rubiconproject.com
placehold.jp
pm.w55c.net
pr-bh.ybp.yahoo.com
pubads.g.doubleclick.net
r.turn.com
r2---sn-4g5ednkl.c.2mdn.net
r2---sn-4g5ednsr.c.2mdn.net
rtb.openx.net
s.ad.smaato.net
s.tribalfusion.com
s0.2mdn.net
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
static.virgul.com
sync-tm.everesttech.net
sync.mathtag.com
t.hspvst.com
tpc.googlesyndication.com
um.simpli.fi
www.cloakan.co
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.nefisyemektarifleri.com
x.bidswitch.net
csi.gstatic.com
pubads.g.doubleclick.net
108.138.1.25
108.138.9.235
15.197.193.217
151.101.2.49
154.58.197.185
160.16.238.49
172.217.18.2
173.194.76.156
18.66.147.114
185.29.134.248
185.7.176.221
185.7.176.222
185.7.176.223
185.7.176.4
185.80.39.216
20.60.220.36
2001:4860:4802:38::178
2001:678:cb4:bbbb::11
213.155.156.168
216.52.2.16
2600:9000:2057:6a00:1b:5138:8a40:93a1
2600:9000:2251:6800:3:4706:a6c0:93a1
2600:9000:2491:9000:1b:f040:3600:93a1
2606:4700:10::6814:e66f
2606:4700::6812:18ad
2607:f8b0:4008:814::2003
2a00:1450:4001:29::7
2a00:1450:4001:802::200a
2a00:1450:4001:806::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::2006
2a00:1450:4001:80b::2008
2a00:1450:4001:80b::200e
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2002
2a00:1450:4001:811::2003
2a00:1450:4001:813::2004
2a00:1450:4001:813::200e
2a00:1450:4001:827::2001
2a00:1450:4001:827::200a
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2002
2a00:1450:4001:830::200e
2a00:1450:401e:28::7
2a02:fa8:8806:20::2040
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a05:d018:d29:3605:dd30:da7f:d6fe:8bcf
2a06:98c1:3121::3
3.120.19.26
31.3.2.88
34.102.243.38
35.156.133.126
35.186.253.211
35.190.0.66
35.204.158.49
35.241.45.217
37.157.2.229
51.89.9.253
52.29.25.103
69.173.144.138
77.245.159.14
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
01204747c552676cceff27ecab875807de15fc28860715608db3d368ba736b3e
02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2
02e7535563110e913669c43b9233db020deb9a4b0eaff84ab9de1b55b8ad21c4
04ecc5072f5817c57f5ac22537748cc4715212791d3921aa30394f8ccf2b3641
06a4f350efd2f7070d82b804276d816dee436bc13c2d5cdd33960892090dbd17
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0b29697868cd68cfd1b5650054cc96ea755016b3242bd26469cdbd4e4f6fc18a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0fd0e821ef47075614e9500f81f2077fef9be630b5a63bd40a10b7922026aed7
1391ee29d055d15dd90f31f08dd272387c4782515e0e2e7fc75df309fea0197d
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1e5a886321d0e00c13f7abff03ca39fd782f42997fd34bcbf4fc93718f3670cc
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
1fe8f37df09fbf7be378ea021b1fd01c63c9a2cb3f071718a56b65a8c6dac6ba
23400831f9cf1f1a16cf5b5cb62db416c87cdf98ef103475fd16b2237289b288
27897bc609e2bcb7e25d7114b3f1ec7bc2466209f9dbd2587eed662acdd70cac
27961ab8c37cddad89230364167c048c6377a80e38542a5ffbca600faf4098ea
2af1b8e91e1ea0f27fab2f6bac1dd1d81867b7a2a8d7cef1084fa39309e0ac6f
2bf958c032ce083c26ae980ed92d0360c971e87c183d6bd988e770fc172786c7
2da988427b34614d705adbf808e2e61d91f67bf147db9049e34c99b3624171e8
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3625ea6f0ae28d039eaa7d379f304d45f396f9c6bcddcb3724ffd59faa690ab2
37a301845bb8112d2bf4f3f02b07dc9b4bb6dd7a289b4c4414ff567bc5cdcc96
38312b284a104dfa32e4ecfe73f542a66e04fb259e9bcd5e581e45bdeb677487
3a5fa3073b94aa8259d04802566504c897fd640610ea9f36654cfacc615f325e
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3ac22a80a1517c4b3751f554c5ea17e9906473d3fff568baa668e37588ba753d
3b9166033e13e81c852194510ca321d03a0f3e0f8196cc84858c874a32a0adf4
3e9569df702eb478e6e7699775a0f555b64ef9e89d89a81742bc97c7803dba96
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
4621960c2ce01b405da6b6652f322bd8904f3e0d867daf7db9dd5d5ad6cc6491
464be521d749b2ba1c7e8c1f87223b56a03ee0bd05484baa0e9067ce9eb9d2be
4651fd93f167c3620b534c30bc23ae2a2e7cf742621d8e6d12553c09c388284a
4681d619f677c1b314814309a6f00a5e0ec3f12968e807ee71def1cf42bd7808
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
47d8199865dfcfbad460b752d8a5ce4b85dfdf3f46d2d1bc3ef1715909caed5e
484ec1c347c17d7d3b98d5058aa5d90bb5c7315f3a67f44611e902de4be50831
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4d77fe1a9555985d6d3981209d00dbe2d28208cb42917322b57ec2f73b6e075b
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
52337cf2499996a25da3c2f17c8e0492c2d728c4b22bdd9b4da2089fcedac9ba
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
53df9c53aafbe70bf85c288f1baa06c1464fbe7e8d4b3feb4f2e91fd4018e58b
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5af185c4ee2f05f5e2f6407594cd75cb32129871c2ec0f0957be6d3129a8cf54
5bdd101f8bf9c73d54cfae7eca6016be98e6372257ba48a7d33d1fcd27eb4825
5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971
6053f47d2a9ed62ddef49dd170fcee1577cc6ccddf30f9875b55fa239a8f0483
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64bba7358df0b70cff3572ee3e5a2eee51ae741c86167cd529bc7af0e15682a6
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
66413d92e3b48b21f37de7968a4c6ee6dafb956f4963d0557959a3d10db2c492
6823cdc5c5bc297bd4ac06187687fecb2a5c110658ebd5efba820132571fe6a2
6b9df9c8837f7ec64225d7a66e9fb9dee225d35004d57a7da1472fc1adb7a7f7
6efe7e4964448fbdd5349e5116703648d6692fc191736eb19b62515e21a7a3d2
70460193365617fd3ac5ce9553db7851827830545f8e053c28c727746fff4842
70b9f9cb8f1feda701490e7fa560a0a2e0309ef259f9d74b301c9712e56efa56
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7876391f25f26ccf3297d78d34a1922dcc16c54fcaa51e8622e90bbc6fc96e80
7b17d2d0a88d045b86c025e6a7978189716ddd6776e975bb9de1ad43be17348f
7b6ad08a66b7925e557e069b9c9fcab676f04fbc22535b7b12c0d8eca8d48803
7d4095ea226f3f80d6d4fc62e3737dd5107fd9d4aa4a443cac11378b102f64b6
7ef7148f577d4b8db5481c0c82ec42fc53e2b2d3c7f83b2662977759f58477ea
817692600c883f0a924c19d8f23bb0497d710f6ed0b662e6eba4f8054446de12
8187dcb05ebcfc94502aeec0524c23c7d22afbafe17aff1d39acc1d59a3a52db
82ee1e40c5621a84f4cd861d9d7212c7bb94ffde5bdf1bc8cb1f4e32dff9c4e0
886a2ff3ff2a76e50d8387582d03539c71d06dbd4314cd8cc955ea08b5cf752f
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f2cea2ce8e18b163bc9f8f326eebb51f4b2436a5b7afac412330bbaf0e9581c
92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5
94cd90bf2dbf4193f0c22cb7bcb64f0c5539857c403549d8ef6eef6fd058b3fb
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b279f62d8ab632481b6d6fda4c49c8b9ee7fd77988c13e4b8baa7007d37b10c
9ef6bcec53afcb2f28701c02a39cd3e0c767b3f61c5d472611b913122f9a92ba
9f4c7f9d84c397947c6ac90a5e4f8cb251afd266e8ffa727cde8975e3b783c0e
a01321206a3324299985a9eb636b3a3739bb19d364bc2a846868cab9de0ceb22
a0314d7ab2bc19fbc234a2399a3c0d0d763649799ad6b166c222c6493ce1c79e
a1247b5c869ddd4b96f796ad1180bc1198a6faef5abf4f20d610963e5d9eb99d
a2ff6717bd218c66ffde415472bdaf58a1384725840a862a466317727eaaab1b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a883e74d2f7c31294beaf47eb691d0fa07414cc3ef857e53b768960c94f23a31
a9f55a9e4658a9960455f9485c446ea9874f2590ae283801311d84e908536cc2
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
add347e23d6d68d50f456f663e081078bf03026f868ca4aa31e6b0f8f5354e01
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
b6e72f4a20534c16961d7e632550425a47db3b94b00045cd912ec263e8c9bfd9
ba1467a1a64c9c26660dfbe269f639545fec5ee6da13770ba5a1224178cb92b2
bafff6290b412ffe80864a85d2fb8806f78ae228078eee0e1edfcaa651698ec9
bb18af60192870daa88455c18c62bfcf294e61a63bd48f1a754905f39ad6c817
bcd3ea17cbf6c1c1e8b723ac4013c9f23c5ec57085b27a38b3ac59f401890591
bd4d8b7f56b06140ad3542041b66f635d9cbd4e0da6cc7d17a0e16d014aa2498
bd5560109b9a45496e990f32b80084072cd174105c74537f08986ad44e6ab6b9
be0ea84c0a3e0441d58b3f2c4178347ef79f45543aa300b8d1006c8ea39b24db
bea17c8870ba8dae9515993b5c55b65437f03f0e2672e1c3d3dbe7872dd74e5c
c52e2a15cba5be54e6986bd808f5a6aa6705b0efffd9379feb005dabdb748e32
c81a7c3306e7400025b41acefc4906eddaf2d0e9763711263785988e25a73218
c8781b5c61ff8a63f9f9c3a72d809585cba0dc277848ec538739649dc54b9404
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cde2d86c6323204b3e715d09b58ab41ecf370b5a10cb1d61fa76b77e0a0a75c0
ce0b11a691f08e3b088bfb617d970b6b4f80f67b5e8a17dca8681f6befbc7b3d
ce1f77892412721157337d3b66628b2defbed37fdc1cac935fda4155e34b9417
cf906196a7c1414e11983955e101a051d55a864f2bc9fd52a453d952d92fd9b5
cff57bb539a961e5816127eb4b662175d6a1c92917effe0f943de85c35911101
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d1d2ab2b46dd1c66d08fe60b3390d4bb1f06b9e2e35576d2100c535f237cc349
d3002e63c4d3d76bb53d4618f047d2c0a50b692602ea8d6f19ef19bd1dfade34
d4167f83dc2b269d95736e40ae9860c4ec5194fa641c2cfbc85473c82f6b4245
d9fd0aeda423bd39a36871759ef7b17dab3d51e5981cd5839103f990b8b9ef60
dbc211260f3fb81e545fbebe8be8c367ebe670a585e60e1ec58524c06723ecbc
dd5ce63c1c040faef7b77ac6b9d94224ff31c44f2e758d6ef565bcfd378847c3
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0757fc98355b7ff4d0bdc506c1ef2aa69aac074686194c2e7690ffdc913035a
e172c259c4e34fdaf39a013cc389a24f90d59cacdf6536f2e92a1e3a6e7eccbe
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3cdd75780a94938ccfcb51bfae2c4a6d208bdd4c0678ba656b5e0ac7f34ac1c
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e8090651b52c256938df2fb0582f24521fe0476939aab81d01b7f31a7ac75beb
eb90e7e62356f01c39599caf410f7a3da61beabc98f984fe1c73cd54b64566f4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f09380b3dad001a4769894d45e348df559c8c546b07bb11c335adf51e7e35e2d
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f7709291e1d9e78fc75ff802ab7090e1c9e605b5e1ed0bf4da785b6edd919f45
f86c74a7863cd1fa2343f0371ccbac47085bdb301f0df1785c5a4337bd044d24
f99bc745cc2417fc3b9fa7813042d516d77385fdbf5e95ef870f2c1afcec9b6c

pcloak.blob.core.windows.net Open in urlscan Pro 20.60.220.36 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

270 Requests

89 %HTTPS

52 %IPv6

45 Domains

74 Subdomains

52 IPs

10 Countries

7698 kBTransfer

15175 kBSize

25 Cookies

0 Outgoing links

Redirected requests

270 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

pcloak.blob.core.windows.net Open in urlscan Pro
20.60.220.36 Public Scan

Screenshot
Live screenshot

Full Image

270
Requests

89 %
HTTPS

52 %
IPv6

45
Domains

74
Subdomains

52
IPs

10
Countries

7698 kB
Transfer

15175 kB
Size

25
Cookies

270 HTTP transactions
10 data transactions