URL: https://pcloak.blob.core.windows.net/web/6x67420x0229.html?fbclid=PAAaae-SdJFaTCe2X2Rz0YQJeaF_cmcYz8_lmUJJDaLttsAGULWuQIAYEIFUc_aem_A...
Submission: On July 11 via api from TR — Scanned from DE

Summary

This website contacted 60 IPs in 12 countries across 51 domains to perform 317 HTTP transactions. The main IP is 20.60.220.36, located in Tappahannock, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is pcloak.blob.core.windows.net.
TLS certificate: Issued by Microsoft RSA TLS CA 02 on March 22nd 2023. Valid for: a year.
This is the only time pcloak.blob.core.windows.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 20.60.220.36 8075 (MICROSOFT...)
2 77.245.159.14 42868 (NIOBEBILI...)
4 2606:4700:10:... 13335 (CLOUDFLAR...)
10 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 31.3.2.72 21245 (MEDIANOVA...)
27 185.7.176.221 42910 (PREMIERDC...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f08... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
12 2a00:1450:400... 15169 (GOOGLE)
40 2a00:1450:400... 15169 (GOOGLE)
3 108.138.37.209 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a03:2880:f17... 32934 (FACEBOOK)
14 2a00:1450:400... 15169 (GOOGLE)
1 35.241.45.217 15169 (GOOGLE)
1 18.173.159.32 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
4 185.7.176.222 42910 (PREMIERDC...)
4 99.84.88.66 16509 (AMAZON-02)
1 34.102.243.38 396982 (GOOGLE-CL...)
2 160.16.238.49 9370 (SAKURA-B ...)
5 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 35 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:20c... 16509 (AMAZON-02)
1 2600:9000:26d... 16509 (AMAZON-02)
1 154.58.197.185 174 (COGENT-174)
2 7 2a00:1450:400... 15169 (GOOGLE)
8 39 172.217.18.2 15169 (GOOGLE)
3 7 185.80.39.216 27381 (CASALE-MEDIA)
4 6 185.89.210.90 29990 (ASN-APPNEX)
4 2001:4860:480... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 142.250.13.154 15169 (GOOGLE)
26 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 34.248.62.209 16509 (AMAZON-02)
3 6 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 35.186.193.173 15169 (GOOGLE)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
5 5 198.47.127.19 3257 (GTT-BACKB...)
3 4 51.89.9.252 16276 (OVH)
3 3 18.203.168.4 16509 (AMAZON-02)
6 6 46.228.174.117 56396 (AMOBEE)
1 185.7.176.4 42910 (PREMIERDC...)
1 2 2620:116:800d... 16509 (AMAZON-02)
2 2 37.157.6.237 198622 (ADFORM)
2 2 13.248.245.213 16509 (AMAZON-02)
1 2 23.192.153.28 16625 (AKAMAI-AS)
1 2 52.212.148.89 16509 (AMAZON-02)
2 2 35.204.74.118 396982 (GOOGLE-CL...)
1 1 69.173.144.165 26667 (RUBICONPR...)
3 3 18.192.77.207 16509 (AMAZON-02)
1 1 185.29.132.245 30419 (MEDIAMATH...)
2 2 2a05:d018:d29... 16509 (AMAZON-02)
2 2 213.155.156.168 1299 (TWELVE99 ...)
2 35.227.252.103 15169 (GOOGLE)
1 185.86.139.102 201081 (SMARTADSE...)
4 142.250.185.130 15169 (GOOGLE)
1 213.202.235.9 24961 (MYLOC-AS ...)
1 178.250.1.9 44788 (ASN-CRITE...)
1 3.75.62.37 16509 (AMAZON-02)
3 2600:9000:26d... 16509 (AMAZON-02)
6 2600:1f13:800... ()
1 2 185.7.176.223 42910 (PREMIERDC...)
317 60
Apex Domain
Subdomains
Transfer
82 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 135
2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 160
696 KB
70 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 216
googleads.g.doubleclick.net — Cisco Umbrella Rank: 57
cm.g.doubleclick.net — Cisco Umbrella Rank: 254
bid.g.doubleclick.net — Cisco Umbrella Rank: 810
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 346
443 KB
29 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 325
gcdn.2mdn.net — Cisco Umbrella Rank: 1112
r1---sn-4g5ednss.c.2mdn.net
3 MB
27 virgul.com
static.virgul.com — Cisco Umbrella Rank: 81866
ng.virgul.com — Cisco Umbrella Rank: 65490
ng2.virgul.com — Cisco Umbrella Rank: 74231
logger.virgul.com — Cisco Umbrella Rank: 84088
246 KB
12 gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
www.gstatic.com
csi.gstatic.com
fonts.gstatic.com
234 KB
11 adsafeprotected.com
fw.adsafeprotected.com — Cisco Umbrella Rank: 951
static.adsafeprotected.com — Cisco Umbrella Rank: 624
dt.adsafeprotected.com
101 KB
10 google.com
ampcid.google.com — Cisco Umbrella Rank: 2261
adservice.google.com — Cisco Umbrella Rank: 113
www.google.com — Cisco Umbrella Rank: 10
2 KB
10 nytcdn.com
mn.nytcdn.com — Cisco Umbrella Rank: 431099
186 KB
7 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 635
5 KB
7 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 500
fonts.googleapis.com — Cisco Umbrella Rank: 88
598 KB
6 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 893
s.tribalfusion.com — Cisco Umbrella Rank: 1946
3 KB
6 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 257
secure.adnxs.com — Cisco Umbrella Rank: 469
5 KB
6 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 205
337 KB
6 nefisyemektarifleri.com
www.nefisyemektarifleri.com — Cisco Umbrella Rank: 320439
i.nefisyemektarifleri.com — Cisco Umbrella Rank: 406978
i2.nefisyemektarifleri.com — Cisco Umbrella Rank: 498374
c.nefisyemektarifleri.com
156 KB
5 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 812
2 KB
4 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 613
3 KB
4 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 857
1 KB
4 bitbeat7.com
bitbeat7.com — Cisco Umbrella Rank: 445250
36 KB
4 imgiz.com
c1.imgiz.com — Cisco Umbrella Rank: 136022
133 KB
4 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 353
aax.amazon-adsystem.com — Cisco Umbrella Rank: 438
62 KB
4 windows.net
pcloak.blob.core.windows.net
3 KB
3 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 481
ups.analytics.yahoo.com — Cisco Umbrella Rank: 338
2 KB
3 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 359
1 KB
3 360yield.com
match.360yield.com — Cisco Umbrella Rank: 2409
1 KB
3 w55c.net
cti.w55c.net — Cisco Umbrella Rank: 4192
ads.w55c.net — Cisco Umbrella Rank: 12943
i.w55c.net — Cisco Umbrella Rank: 2590
67 KB
3 facebook.com
www.facebook.com — Cisco Umbrella Rank: 100
297 B
2 openx.net
rtb.openx.net — Cisco Umbrella Rank: 982
348 B
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 5037
647 B
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 981
1 KB
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1425
449 B
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 422
957 B
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 633
1 KB
2 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 862
819 B
2 izlesene.com
panel.izlesene.com — Cisco Umbrella Rank: 982144
istr.izlesene.com — Cisco Umbrella Rank: 357056
1 KB
2 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1372
1 KB
2 placehold.jp
placehold.jp — Cisco Umbrella Rank: 350090
4 KB
2 pghub.io
pghub.io — Cisco Umbrella Rank: 2090
feed.pghub.io — Cisco Umbrella Rank: 2360
6 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 173
156 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 79
158 KB
2 cloakan.co
www.cloakan.co
742 B
1 nktcdn.com
istr-n23.nktcdn.com
1 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 608
363 B
1 exactag.com
m.exactag.com — Cisco Umbrella Rank: 11731
60 B
1 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 922
45 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 577
729 B
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 374
460 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1777
586 B
1 ctnsnet.com
gcm.ctnsnet.com — Cisco Umbrella Rank: 44074
610 B
1 hspvst.com
t.hspvst.com — Cisco Umbrella Rank: 188023
922 B
1 google.de
ampcid.google.de — Cisco Umbrella Rank: 52173
377 B
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 63
21 KB
317 51
Domain Requested by
40 pagead2.googlesyndication.com static.virgul.com
pagead2.googlesyndication.com
2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
googleads.g.doubleclick.net
imasdk.googleapis.com
tpc.googlesyndication.com
www.nefisyemektarifleri.com
s0.2mdn.net
www.googletagservices.com
securepubads.g.doubleclick.net
39 cm.g.doubleclick.net 8 redirects googleads.g.doubleclick.net
2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
www.nefisyemektarifleri.com
35 tpc.googlesyndication.com 1 redirects googleads.g.doubleclick.net
2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
imasdk.googleapis.com
pcloak.blob.core.windows.net
tpc.googlesyndication.com
s0.2mdn.net
securepubads.g.doubleclick.net
26 s0.2mdn.net 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
pcloak.blob.core.windows.net
imasdk.googleapis.com
s0.2mdn.net
www.nefisyemektarifleri.com
14 googleads.g.doubleclick.net pagead2.googlesyndication.com
2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
www.nefisyemektarifleri.com
12 securepubads.g.doubleclick.net static.virgul.com
securepubads.g.doubleclick.net
2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
10 ng.virgul.com static.virgul.com
www.nefisyemektarifleri.com
ng2.virgul.com
10 mn.nytcdn.com www.nefisyemektarifleri.com
mn.nytcdn.com
7 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
7 www.google.com 2 redirects 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
tpc.googlesyndication.com
7 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com securepubads.g.doubleclick.net
7 ng2.virgul.com static.virgul.com
www.nefisyemektarifleri.com
7 static.virgul.com www.nefisyemektarifleri.com
static.virgul.com
pcloak.blob.core.windows.net
6 dt.adsafeprotected.com 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
6 www.googletagservices.com googleads.g.doubleclick.net
2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
5 image6.pubmatic.com 5 redirects
5 ib.adnxs.com 3 redirects googleads.g.doubleclick.net
5 imasdk.googleapis.com c1.imgiz.com
2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
imasdk.googleapis.com
4 googleads4.g.doubleclick.net pcloak.blob.core.windows.net
4 sync.1rx.io 4 redirects
4 onetag-sys.com 3 redirects 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
4 csi.gstatic.com imasdk.googleapis.com
4 bitbeat7.com ng2.virgul.com
www.nefisyemektarifleri.com
bitbeat7.com
4 c1.imgiz.com static.virgul.com
c1.imgiz.com
www.nefisyemektarifleri.com
4 pcloak.blob.core.windows.net pcloak.blob.core.windows.net
3 logger.virgul.com c1.imgiz.com
3 static.adsafeprotected.com fw.adsafeprotected.com
2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
3 x.bidswitch.net 3 redirects
3 match.360yield.com 3 redirects
3 s.tribalfusion.com www.nefisyemektarifleri.com
2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
3 a.tribalfusion.com 3 redirects
3 fonts.gstatic.com fonts.googleapis.com
3 www.facebook.com www.nefisyemektarifleri.com
3 c.amazon-adsystem.com static.virgul.com
c.amazon-adsystem.com
2 rtb.openx.net 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
2 d5p.de17a.com 2 redirects
2 pr-bh.ybp.yahoo.com 2 redirects
2 um.simpli.fi 2 redirects
2 fw.adsafeprotected.com 1 redirects pcloak.blob.core.windows.net
2 sync.teads.tv 1 redirects www.nefisyemektarifleri.com
2 eb2.3lift.com 2 redirects
2 c1.adform.net 2 redirects
2 cms.quantserve.com 1 redirects 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
2 sync.targeting.unrulymedia.com 2 redirects
2 r1---sn-4g5ednss.c.2mdn.net www.nefisyemektarifleri.com
2 encrypted-tbn2.gstatic.com googleads.g.doubleclick.net
2 encrypted-tbn1.gstatic.com googleads.g.doubleclick.net
2 fonts.googleapis.com googleads.g.doubleclick.net
2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
2 placehold.jp www.nefisyemektarifleri.com
bitbeat7.com
2 adservice.google.com securepubads.g.doubleclick.net
2 connect.facebook.net pcloak.blob.core.windows.net
connect.facebook.net
2 c.nefisyemektarifleri.com www.nefisyemektarifleri.com
2 www.googletagmanager.com www.nefisyemektarifleri.com
www.googletagmanager.com
2 i.nefisyemektarifleri.com www.nefisyemektarifleri.com
2 www.cloakan.co pcloak.blob.core.windows.net
1 istr-n23.nktcdn.com www.nefisyemektarifleri.com
1 istr.izlesene.com 1 redirects
1 ups.analytics.yahoo.com 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
1 dis.criteo.com 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
1 m.exactag.com 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
1 ssbsync.smartadserver.com 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
1 sync.mathtag.com 1 redirects
1 secure.adnxs.com 1 redirects
1 pixel.rubiconproject.com 1 redirects
1 panel.izlesene.com c1.imgiz.com
1 dsp.adfarm1.adition.com 1 redirects
1 gcm.ctnsnet.com 1 redirects
1 i.w55c.net 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
1 gcdn.2mdn.net 1 redirects
1 bid.g.doubleclick.net imasdk.googleapis.com
1 t.hspvst.com 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
1 ads.w55c.net 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
1 cti.w55c.net 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
1 www.gstatic.com googleads.g.doubleclick.net
1 feed.pghub.io pghub.io
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 pghub.io static.virgul.com
1 ampcid.google.de www.google-analytics.com
1 ampcid.google.com www.google-analytics.com
1 www.google-analytics.com www.googletagmanager.com
1 i2.nefisyemektarifleri.com www.nefisyemektarifleri.com
1 www.nefisyemektarifleri.com www.cloakan.co
317 82

This site contains no links.

Subject Issuer Validity Valid
*.blob.core.windows.net
Microsoft RSA TLS CA 02
2023-03-22 -
2024-03-22
a year crt.sh
cpanel.cloakan.co
R3
2023-07-03 -
2023-10-01
3 months crt.sh
*.nefisyemektarifleri.com
Thawte RSA CA 2018
2022-06-24 -
2023-07-25
a year crt.sh
nytcdn.com
E1
2023-05-17 -
2023-08-15
3 months crt.sh
*.virgul.com
Sectigo RSA Domain Validation Secure Server CA
2022-10-24 -
2023-09-28
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-06-19 -
2023-09-11
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2023-04-20 -
2023-07-19
3 months crt.sh
*.google.com
GTS CA 1C3
2023-06-19 -
2023-09-11
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-06-19 -
2023-09-11
3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01
2023-02-28 -
2024-02-17
a year crt.sh
*.google.de
GTS CA 1C3
2023-06-19 -
2023-09-11
3 months crt.sh
*.pghub.io
DigiCert TLS RSA SHA256 2020 CA1
2023-02-09 -
2024-02-08
a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01
2023-03-16 -
2024-03-08
a year crt.sh
*.imgiz.com
Sectigo RSA Domain Validation Secure Server CA
2022-09-27 -
2023-09-09
a year crt.sh
bitbeat7.com
Amazon RSA 2048 M01
2023-02-28 -
2023-12-02
9 months crt.sh
placehold.jp
R3
2023-07-01 -
2023-09-29
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-06-19 -
2023-09-11
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-06-19 -
2023-09-11
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-06-19 -
2023-09-11
3 months crt.sh
*.w55c.net
Amazon RSA 2048 M02
2023-05-29 -
2024-06-25
a year crt.sh
*.hspvst.com
Gandi Standard SSL CA 2
2022-12-12 -
2023-12-09
a year crt.sh
www.google.com
GTS CA 1C3
2023-06-19 -
2023-09-11
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2023-06-19 -
2023-09-11
3 months crt.sh
*.izlesene.com
Sectigo RSA Domain Validation Secure Server CA
2023-07-05 -
2024-08-04
a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1
2022-08-09 -
2023-09-09
a year crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M02
2023-03-29 -
2024-04-27
a year crt.sh
*.openx.net
GeoTrust RSA CA 2018
2022-07-21 -
2023-08-21
a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2023-01-21 -
2024-01-23
a year crt.sh
*.exactag.com
Sectigo ECC Domain Validation Secure Server CA
2022-08-19 -
2023-09-15
a year crt.sh
*.c.docs.google.com
GTS CA 1C3
2023-07-04 -
2023-09-12
2 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-05-12 -
2023-08-10
3 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA
2023-02-21 -
2023-08-16
6 months crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02
2023-07-07 -
2024-08-04
a year crt.sh
dt.adsafeprotected.com
Amazon RSA 2048 M01
2023-05-09 -
2024-06-06
a year crt.sh

This page contains 41 frames:

Primary Page: https://pcloak.blob.core.windows.net/web/6x67420x0229.html?fbclid=PAAaae-SdJFaTCe2X2Rz0YQJeaF_cmcYz8_lmUJJDaLttsAGULWuQIAYEIFUc_aem_AWqMemsf4qpLbeZbkZhrgOzXLw4pKQpSKaow2V3Sax-iHPbhThvsND2Me74HsU0i7CvE1WRhY0ku0e2hAZgH8ddB
Frame ID: 2A21EF5D16FEC05D7DA9EAE9B892AC7A
Requests: 6 HTTP requests in this frame

Frame: https://www.nefisyemektarifleri.com/etsiz-nohut-yemegi-248941/
Frame ID: 82A32B119C15ECF067D52FEDCB00EA4B
Requests: 78 HTTP requests in this frame

Frame: https://static.virgul.com/theme/mockups/outside/str.html?v=2
Frame ID: 7549DC5BC0C3689316E393BB45817AE6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230710/r20190131/zrt_lookup.html
Frame ID: CA7A2BC969BE65F4A2B490C2168A0541
Requests: 1 HTTP requests in this frame

Frame: https://ng2.virgul.com/ic/5e73154be4b0016313fa90d5?g=1&t=cpc_annotation&r=154248@site_geneli@nefisyemektarifleri:site_geneli&l=&info=&mt=1689115883758&userId=vnetb9cf87df-44c8-4da2-82a0-503c8f3b7d9a&ext=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgpnyt%3D1%26video%3D1%26rec%3Dbakliyat-yemekleri%26rec_ing%3Ddomates+sal%C3%A7as%C4%B1%40karabiber%40kuru+so%C4%9Fan%40nohut%40pul+biber%40s%C4%B1v%C4%B1+ya%C4%9F%40sivri+biber%40su%40tuz%26nyt_cat%3Dpost
Frame ID: 3798C45E10E2F2BED5A3689693215B2B
Requests: 2 HTTP requests in this frame

Frame: https://ng2.virgul.com/adview?a=5e73154be4b0016313fa90d5&r=154248@site_geneli@nefisyemektarifleri:site_geneli&l=&ext=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgpnyt%3D1%26video%3D1%26rec%3Dbakliyat-yemekleri%26rec_ing%3Ddomates+sal%C3%A7as%C4%B1%40karabiber%40kuru+so%C4%9Fan%40nohut%40pul+biber%40s%C4%B1v%C4%B1+ya%C4%9F%40sivri+biber%40su%40tuz%26nyt_cat%3Dpost&info=&cs=1689115883874&mt=1689115883758&userId=vnetb9cf87df-44c8-4da2-82a0-503c8f3b7d9a&vmn=5e73154be4b0016313fa90d5___154248-194842644
Frame ID: 44A0BBD5B45CFBE804D2D77427A4EFE3
Requests: 4 HTTP requests in this frame

Frame: https://ng2.virgul.com/ic/5e73154be4b0016313fa90d5?g=1&t=cpc_annotation&r=154248@site_geneli@nefisyemektarifleri:site_geneli&l=&info=&mt=1689115883758&userId=vnetb9cf87df-44c8-4da2-82a0-503c8f3b7d9a&ext=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgpnyt%3D1%26video%3D1%26rec%3Dbakliyat-yemekleri%26rec_ing%3Ddomates+sal%C3%A7as%C4%B1%40karabiber%40kuru+so%C4%9Fan%40nohut%40pul+biber%40s%C4%B1v%C4%B1+ya%C4%9F%40sivri+biber%40su%40tuz%26nyt_cat%3Dpost
Frame ID: 23C7AB026EED5E5D7B6B252BAC56BE21
Requests: 2 HTTP requests in this frame

Frame: https://ng2.virgul.com/adview?a=5e73154be4b0016313fa90d5&r=154248@site_geneli@nefisyemektarifleri:site_geneli&l=&ext=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgpnyt%3D1%26video%3D1%26rec%3Dbakliyat-yemekleri%26rec_ing%3Ddomates+sal%C3%A7as%C4%B1%40karabiber%40kuru+so%C4%9Fan%40nohut%40pul+biber%40s%C4%B1v%C4%B1+ya%C4%9F%40sivri+biber%40su%40tuz%26nyt_cat%3Dpost&info=&cs=1689115883874&mt=1689115883758&userId=vnetb9cf87df-44c8-4da2-82a0-503c8f3b7d9a&vmn=5e73154be4b0016313fa90d5___154248-1948426442
Frame ID: BCAD84A553E1C4561A5BDBE6D85C6589
Requests: 4 HTTP requests in this frame

Frame: https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 1507D6A0C57626E992C91E272402111F
Requests: 1 HTTP requests in this frame

Frame: https://feed.pghub.io/tag?referrer_url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&page_url=https%3A%2F%2Fwww.nefisyemektarifleri.com%2Fetsiz-nohut-yemegi-248941%2F&owner=P%26G&bp_id=noktacommedya&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js&data=%7B%22category%22%3A%22site_geneli%22%7D
Frame ID: 8B39D89ED132571B4D4D7086A9C34665
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3279755397&plat=1%3A512%2C2%3A512%2C3%3A512%2C4%3A512%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1081856%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689115883954&bpp=4&bdt=683&idt=219&shv=r20230710&mjsv=m202306290101&ptt=9&saldr=aa&nras=1&correlator=3311523031480&frm=24&ife=1&pv=2&ga_vid=1596421245.1689115884&ga_sid=1689115884&ga_hid=71987472&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1843544316&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759875%2C44759926%2C31075758%2C31075881%2C44788442%2C21065724&oid=2&pvsid=413980555089297&tmod=845280809&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.i0yur3un8s5j&fsb=1&dtd=232
Frame ID: F50D1516B3FB8412E686566B7C7E0C9E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=280&slotname=6444949229&adk=4082077109&adf=3927512983&pi=t.ma~as.6444949229&w=970&fwrn=16&fwrnh=100&lmt=1689114300&rafmt=1&format=970x280&url=https%3A%2F%2Fwww.nefisyemektarifleri.com%2Fetsiz-nohut-yemegi-248941%2F&fwr=0&fwrattr=true&rw=970&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689115884002&bpp=2&bdt=731&idt=187&shv=r20230710&mjsv=m202306290101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3311523031480&frm=22&ife=1&pv=1&ga_vid=1596421245.1689115884&ga_sid=1689115884&ga_hid=71987472&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1843544316&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759875%2C44759926%2C31075758%2C31075881%2C44788442%2C21065724&oid=2&pvsid=413980555089297&tmod=845280809&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=2.1oxg8e5xb3ne&fsb=1&xpc=Ioj73wlDL6&p=https%3A//www.nefisyemektarifleri.com&dtd=193
Frame ID: E18385A1016F8FCD22C2479A67D28F06
Requests: 17 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 663AB51BCF0FDCDF0A30196E7D2A7535
Requests: 1 HTTP requests in this frame

Frame: https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: C278499CEADFAE1C0A269A530DC34CF9
Requests: 19 HTTP requests in this frame

Frame: https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: AA0EC663BE1BA659AE6C0289CA33B69B
Requests: 12 HTTP requests in this frame

Frame: https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 09D272381A592BAB455ACFC432E7986A
Requests: 13 HTTP requests in this frame

Frame: https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 63EC114CAF927564E9353CC0640CDF20
Requests: 21 HTTP requests in this frame

Frame: https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: D5D011EB06C63DFC2C63238484EF86E0
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQt9LfAhjFzOfbATAB&v=APEucNUt-QpygHiaz4OZ-f-2k7fVqARrtJWGkw3sE1Z4g8rV44e2BqTkT0iZyxUImRryeo_GgnN0qriWbJA0FfU9OF6B5wCzqkI5gie_ayqaQIiiYAJUmVj-P_jShAii0hQMkZw3QSYsnBH4EdvSIlOFHdAuHLXMbAcn_2ueJ1yHF6MOHOfij2A
Frame ID: 51D99FE021443729E14923CC6C018AB3
Requests: 5 HTTP requests in this frame

Frame: https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 276C16083EB14F4CFFCFF6E0AF042490
Requests: 30 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbIhtYEEM2TpN8EGPjkxe8BMAE&v=APEucNW0mhUJ4LlfMtwmf-p63pxMsTBl1JIKQ4unzFa-OgeNHi6DwSSvSk-D5EbaD8QrUVmxP2LZeEuarUXgzt0_jW8JpWSzsgkerCRxWnCphHYZzgjMBtwrAecUe6Tr3NF0HB5m2B7dJF-kkBxalh6O253KUoNpfVc4jz5lq9Zw80lIHo44X7I
Frame ID: BDBE0778007B79279971684A9ACD287B
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 179BED37E4F581E05073B6FD342B2846
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: B4923EA206B41AAB0429DF3B5B471E0D
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: BFAB7D3D78994C6864CE525BC9C02116
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/JuxDZWINa7otHwaisCqyMSq7iwQyCfHq_LhnNSU0b2U.js
Frame ID: 1F744AADF2AF5F8E4377719E55199D43
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: EA60BC6620C54F6B3C9B7A8A76838C35
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: DEBCE1BAEE40224C84BD75F0E4E99D3A
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B3EF65F4D37F75410210853ADE1806A3
Requests: 9 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.580.0_en.html
Frame ID: F7FC6CD4C3E4B30F52E973D644E8C661
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 2ADD1B016302CD6C45DB2AC32EE9661E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 249D8ED40517959A019A5526BDA48325
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3772DDA2540A663C014F4C358E0AD397
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/10776139036581716392/index.html?e=69&leftOffset=0&topOffset=0&c=WldR1jgurf&t=1&renderingType=2&ev=01_250
Frame ID: 942DC111516BD4B3D0E9248E1CDCEE4F
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B69B05E3916C5396AF346874C8ADB5D0
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 5ADD48C804DCE3565C523FA10C749EA3
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12339641061559367785/index.html?e=69&leftOffset=0&topOffset=0&c=rlPKL8Z2GL&t=1&renderingType=2&ev=01_250
Frame ID: 9B2A8353A458AFB80AE07674DB12E666
Requests: 12 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 9B6C905BB450E632BE2285ED1A500B16
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/JuxDZWINa7otHwaisCqyMSq7iwQyCfHq_LhnNSU0b2U.js
Frame ID: 8AE312FA0FF9BD4ABF45774C6AFDDD03
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/JuxDZWINa7otHwaisCqyMSq7iwQyCfHq_LhnNSU0b2U.js
Frame ID: 4C62DF77DF9537630C82F9D460436F03
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FF36E84AF4D779ACCB83102E5E05AF88
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F55F80E9B5859F3E54006E4902C9560C
Requests: 1 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

317
Requests

85 %
HTTPS

45 %
IPv6

51
Domains

82
Subdomains

60
IPs

12
Countries

6501 kB
Transfer

14106 kB
Size

37
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 85
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODKz-eDfhCwCRiwCTIIjV9upJawnso HTTP 301
  • https://tpc.googlesyndication.com/simgad/12902815231273958923
Request Chain 126
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJPOXT_2uhEdk3sIUx4g9Us&google_cver=1
Request Chain 127
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZK3c7JItjehVWzs..FW3SAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJPOXT_2uhEdk3sIUx4g9Us&google_cver=1&google_hm=2
Request Chain 128
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEN1_Ha_Sz1iFHuWeOKfGaU8&google_cver=1
Request Chain 129
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDk0MjM1OTA0NDEzMDE5MjMwOQ%3D%3D
Request Chain 161
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJPOXT_2uhEdk3sIUx4g9Us&google_cver=1
Request Chain 162
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZK3c7JItjehVWzs..FW3SAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJPOXT_2uhEdk3sIUx4g9Us&google_cver=1&google_hm=2
Request Chain 163
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEN1_Ha_Sz1iFHuWeOKfGaU8&google_cver=1
Request Chain 164
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDk0MjM1OTA0NDEzMDE5MjMwOQ%3D%3D
Request Chain 176
  • https://gcdn.2mdn.net/videoplayback/id/f8fd2e94061f0d97/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1720651885/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/0858F1F2CF540A5694C00E412379216B567DF259.50B67ACCD6E074DE8290EEEE6D0EF5F2D15711F2/key/ck2/file/file.mp4 HTTP 302
  • https://r1---sn-4g5ednss.c.2mdn.net/videoplayback/id/f8fd2e94061f0d97/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1720651885/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/1A47E32EE2C09EDF53A23C49736E02321F89D9EB.754592A5F564A60B8E05BF64B1C683669516B57B/key/cms1/cms_redirect/yes/mh/xb/mip/2001:1b60:1010:2:1012:39f8:745c:d74/mm/42/mn/sn-4g5ednss/ms/onc/mt/1689115415/mv/u/mvi/1/pl/29/file/file.mp4
Request Chain 186
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESECxj97dEpEbQOtd_-hVjwt8&google_cver=1&google_push=AaAOQGFuV8TDkZnJrLba8xEqkhT6Rbxp09FV1BdLv4O8V2wOGk7rC4uth-jP-dtq5QbzlqKUIl34XhaGYgJsUFbI45e9WI2owuHJTw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGFuV8TDkZnJrLba8xEqkhT6Rbxp09FV1BdLv4O8V2wOGk7rC4uth-jP-dtq5QbzlqKUIl34XhaGYgJsUFbI45e9WI2owuHJTw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESECxj97dEpEbQOtd_-hVjwt8&google_cver=1&google_push=AaAOQGFuV8TDkZnJrLba8xEqkhT6Rbxp09FV1BdLv4O8V2wOGk7rC4uth-jP-dtq5QbzlqKUIl34XhaGYgJsUFbI45e9WI2owuHJTw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGFuV8TDkZnJrLba8xEqkhT6Rbxp09FV1BdLv4O8V2wOGk7rC4uth-jP-dtq5QbzlqKUIl34XhaGYgJsUFbI45e9WI2owuHJTw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 187
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESECJsILMId5rW8dsgw4L83jg&google_cver=1&google_push=AaAOQGEqMUY4VR3S_EKQSdzEefO7EGBmfk7Q4UrzzbM5FYaKX1nuq60oc4BxjAlfFsDM9-ABQ-1bnXTq1XRXmyULoKgZL29ZFcvhSg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AaAOQGEqMUY4VR3S_EKQSdzEefO7EGBmfk7Q4UrzzbM5FYaKX1nuq60oc4BxjAlfFsDM9-ABQ-1bnXTq1XRXmyULoKgZL29ZFcvhSg&google_hm=4QgSJvLfQA6xgyGMiOtDcbc
Request Chain 188
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEMezLPIF41N67ll2BMddKS4&google_cver=1&google_push=AaAOQGGKxUXUqc7gr9QzAVY0NtWhw5wegTMUCb2Hq-7AuMUb3H4F9EXNZFcUMK1qZSyiuU14DnUJ5QOYrzggmDMWR_JxgsanMGU8Xw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI1NDY5NzQ4NTIzMjg5NjE1MQ%3D%3D&google_push=AaAOQGGKxUXUqc7gr9QzAVY0NtWhw5wegTMUCb2Hq-7AuMUb3H4F9EXNZFcUMK1qZSyiuU14DnUJ5QOYrzggmDMWR_JxgsanMGU8Xw
Request Chain 189
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEBIOMXEjg6GFzndS56UxOEQ&google_cver=1&google_push=AaAOQGHaHq6xZmvN-SNBkwP2SKKF5Qxke8dn8bMtZ1To2QQJ-A5sQwsYHCHiQrBLV2R_eBDx7qWpFQ6J4S0MccySlM0Z19YDmIwJ HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEBIOMXEjg6GFzndS56UxOEQ&google_cver=1&google_push=AaAOQGHaHq6xZmvN-SNBkwP2SKKF5Qxke8dn8bMtZ1To2QQJ-A5sQwsYHCHiQrBLV2R_eBDx7qWpFQ6J4S0MccySlM0Z19YDmIwJ&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=GaKNndidRR-jveUq6OgFrA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AaAOQGHaHq6xZmvN-SNBkwP2SKKF5Qxke8dn8bMtZ1To2QQJ-A5sQwsYHCHiQrBLV2R_eBDx7qWpFQ6J4S0MccySlM0Z19YDmIwJ
Request Chain 190
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEGoBeAkuCV-8nkdNvGGjDt8&google_cver=1&google_push=AaAOQGEm_ezOVfQjQGyFYBIXoDHjMiii0F77dAJOqKFO1v5T7HXIQoDDr8G-JX__Ssc5w50cFF8BvjKvp2NRlGXi0exYKd40xqQkgg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGEm_ezOVfQjQGyFYBIXoDHjMiii0F77dAJOqKFO1v5T7HXIQoDDr8G-JX__Ssc5w50cFF8BvjKvp2NRlGXi0exYKd40xqQkgg
Request Chain 191
  • https://match.360yield.com/match/ebda?google_gid=CAESEBmIT6GWn9D83sZQtSa_KwM&google_cver=1&google_push=AaAOQGG3P15tewfWiyYDW5nnztivslyKwI8X1JpyJD3Drt762EkZp6XMXGAiJQSRYcOx41JRkWNfcevBqX91_Q63EQ-dcG-z1peFog HTTP 302
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEBmIT6GWn9D83sZQtSa_KwM&google_cver=1&google_push=AaAOQGG3P15tewfWiyYDW5nnztivslyKwI8X1JpyJD3Drt762EkZp6XMXGAiJQSRYcOx41JRkWNfcevBqX91_Q63EQ-dcG-z1peFog HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=dGMJ18AAQxumdCjJzDMIpQ&google_push=AaAOQGG3P15tewfWiyYDW5nnztivslyKwI8X1JpyJD3Drt762EkZp6XMXGAiJQSRYcOx41JRkWNfcevBqX91_Q63EQ-dcG-z1peFog
Request Chain 192
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEILi9-X2egRsxJxQso_kJmg&google_cver=1&google_push=AaAOQGF-14aP1L_FDcTHj5dy11VoPduARQuhVDVp9wAH3CFdW1IQyBCnTOOGX6xigRfA_Gjv3x2ol_mjMmun0DssZoWsiI48tCCO HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AaAOQGF-14aP1L_FDcTHj5dy11VoPduARQuhVDVp9wAH3CFdW1IQyBCnTOOGX6xigRfA_Gjv3x2ol_mjMmun0DssZoWsiI48tCCO&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1689115885244 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-d31a465d-2612-4819-880a-62be39e763be-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAaAOQGF-14aP1L_FDcTHj5dy11VoPduARQuhVDVp9wAH3CFdW1IQyBCnTOOGX6xigRfA_Gjv3x2ol_mjMmun0DssZoWsiI48tCCO%26google_hm%3DA9MaRl0mEkgZiApivjnnY74 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AaAOQGF-14aP1L_FDcTHj5dy11VoPduARQuhVDVp9wAH3CFdW1IQyBCnTOOGX6xigRfA_Gjv3x2ol_mjMmun0DssZoWsiI48tCCO&google_hm=A9MaRl0mEkgZiApivjnnY74
Request Chain 207
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESENq0E6ZTNyMf8CcDGzF9Z20&google_cver=1&google_push=AaAOQGGWOs6zze_rTObWH9thpSRamw4xTx8tGkePHzvHJI_AK_IcU8NpgImLSBc1hCbFPTBLTdmtMbWPF2R3Vi8mM8NFL0S7N0wyWA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGGWOs6zze_rTObWH9thpSRamw4xTx8tGkePHzvHJI_AK_IcU8NpgImLSBc1hCbFPTBLTdmtMbWPF2R3Vi8mM8NFL0S7N0wyWA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENq0E6ZTNyMf8CcDGzF9Z20&google_cver=1&google_push=AaAOQGGWOs6zze_rTObWH9thpSRamw4xTx8tGkePHzvHJI_AK_IcU8NpgImLSBc1hCbFPTBLTdmtMbWPF2R3Vi8mM8NFL0S7N0wyWA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGGWOs6zze_rTObWH9thpSRamw4xTx8tGkePHzvHJI_AK_IcU8NpgImLSBc1hCbFPTBLTdmtMbWPF2R3Vi8mM8NFL0S7N0wyWA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 208
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEFeC7lRQDk8aakQfh9C8WmE&google_cver=1&google_push=AaAOQGF8VJty8-BksnGJ4uSzW-FA_IQpV8e5Ojujlz-FrS4o9AyryliNGV7KSglq8behX7P8PjeeLv5FBXqHNmiDSmDP6wd8UdP77A HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEFeC7lRQDk8aakQfh9C8WmE&google_cver=1&google_push=AaAOQGF8VJty8-BksnGJ4uSzW-FA_IQpV8e5Ojujlz-FrS4o9AyryliNGV7KSglq8behX7P8PjeeLv5FBXqHNmiDSmDP6wd8UdP77A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTE5MzU5MTgyMjAxNjMzMjk1Nw&google_push=AaAOQGF8VJty8-BksnGJ4uSzW-FA_IQpV8e5Ojujlz-FrS4o9AyryliNGV7KSglq8behX7P8PjeeLv5FBXqHNmiDSmDP6wd8UdP77A
Request Chain 209
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEIGnMY19IZfbbyaXrMdW3tY&google_cver=1&google_push=AaAOQGHOKE-GH0gYhMra6M3ioGsIVYB3oykqRjTVnDho8CenO41d46S4Mli9iT4zFRRqZLlIbjJWDFlAVYEed9Ck1wUzvxN6QjfL HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEIGnMY19IZfbbyaXrMdW3tY&google_cver=1&google_push=AaAOQGHOKE-GH0gYhMra6M3ioGsIVYB3oykqRjTVnDho8CenO41d46S4Mli9iT4zFRRqZLlIbjJWDFlAVYEed9Ck1wUzvxN6QjfL&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=R7dUWa-fRMqnnl7sVCyzPA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AaAOQGHOKE-GH0gYhMra6M3ioGsIVYB3oykqRjTVnDho8CenO41d46S4Mli9iT4zFRRqZLlIbjJWDFlAVYEed9Ck1wUzvxN6QjfL
Request Chain 210
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEJs0MlhhBJ2YPfvdMoaTJIA&google_cver=1&google_push=AaAOQGHrhDWTsl8u5nOJX8lk1f0Hkprp9-5VToW172XKHFTGiK3m68SEXYCrIPLE4PgcFdmGKCIzUFrqEDm1OolBwS3HC4Mi4oyNpw HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AaAOQGHrhDWTsl8u5nOJX8lk1f0Hkprp9-5VToW172XKHFTGiK3m68SEXYCrIPLE4PgcFdmGKCIzUFrqEDm1OolBwS3HC4Mi4oyNpw&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1689115885247 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-d31a465d-2612-4819-880a-62be39e763be-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAaAOQGHrhDWTsl8u5nOJX8lk1f0Hkprp9-5VToW172XKHFTGiK3m68SEXYCrIPLE4PgcFdmGKCIzUFrqEDm1OolBwS3HC4Mi4oyNpw%26google_hm%3DA9MaRl0mEkgZiApivjnnY74 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AaAOQGHrhDWTsl8u5nOJX8lk1f0Hkprp9-5VToW172XKHFTGiK3m68SEXYCrIPLE4PgcFdmGKCIzUFrqEDm1OolBwS3HC4Mi4oyNpw&google_hm=A9MaRl0mEkgZiApivjnnY74
Request Chain 211
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESELGa0H5TUgVdVrNdosKRLaY&google_cver=1&google_push=AaAOQGHlCamsY-212SA-gt_mUtRb5Khj6oEPe8Iv-owfhxEUfKjElYcNQHDFFqcAqiS_NlGTJg9SdrVn0Qy3dWrFCEBebVWPECLMSg HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AaAOQGHlCamsY-212SA-gt_mUtRb5Khj6oEPe8Iv-owfhxEUfKjElYcNQHDFFqcAqiS_NlGTJg9SdrVn0Qy3dWrFCEBebVWPECLMSg&google_gid=CAESELGa0H5TUgVdVrNdosKRLaY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzU1MDE3ODE0NTgzNzA4Njg0NzA4OQ%3D%3D&google_push=AaAOQGHlCamsY-212SA-gt_mUtRb5Khj6oEPe8Iv-owfhxEUfKjElYcNQHDFFqcAqiS_NlGTJg9SdrVn0Qy3dWrFCEBebVWPECLMSg
Request Chain 212
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEOuH_AIIpPiuK4esR_YK-l4&google_cver=1&google_push=AaAOQGFKpQzAbm0NKauL_YMKD21u5psX69VpYG57pbJwYWJb49bN6edtjXBg_N2uCa03bLkrck4TVM9UqWLS8HL9s9xIA4hc1_8vtw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AaAOQGFKpQzAbm0NKauL_YMKD21u5psX69VpYG57pbJwYWJb49bN6edtjXBg_N2uCa03bLkrck4TVM9UqWLS8HL9s9xIA4hc1_8vtw HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 220
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 223
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEDMz-MNS3AGJjQI9nmnikVw&google_cver=1&google_push=AaAOQGHdAlPOa23DNoBq-m4E63abrrYj3AeSVP1w10VyLVMRc1PClQWqBs25p-8d8ze9kEAcOA_uL2dt9aU-Yre_aht6CqTQB0A HTTP 302
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AaAOQGHdAlPOa23DNoBq-m4E63abrrYj3AeSVP1w10VyLVMRc1PClQWqBs25p-8d8ze9kEAcOA_uL2dt9aU-Yre_aht6CqTQB0A&google_hm=tBAKHyYpbJsqK7kcIGuisw
Request Chain 224
  • https://um.simpli.fi/gp_match?google_gid=CAESEAdmLEBnn6cWzUI45eJSxFA&google_cver=1&google_push=AaAOQGHIesXo-GD9z4YoEbL6EXXW4WzR2JKUgl2igZesTzMGsR1p3R0T5BpCGXx9CYO0zXeuJq4fwXWat6OVmiSEIbsht9PgBKU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=EA2ED22C10FA4FF8BBD9D899C80FC3DE&google_push=AaAOQGHIesXo-GD9z4YoEbL6EXXW4WzR2JKUgl2igZesTzMGsR1p3R0T5BpCGXx9CYO0zXeuJq4fwXWat6OVmiSEIbsht9PgBKU
Request Chain 225
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEC7x-78GRWhGWJbMZrfK9xI&google_cver=1&google_push=AaAOQGH162mLOVNu8PoajR4FME0WsZNX7-TVFGwyG5BUbJraf5v7Yeng-cZu2hd3_cENOWGhG3yOcwYfkn3DKG6J0SXjvnQlqfc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=R7dUWa-fRMqnnl7sVCyzPA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AaAOQGH162mLOVNu8PoajR4FME0WsZNX7-TVFGwyG5BUbJraf5v7Yeng-cZu2hd3_cENOWGhG3yOcwYfkn3DKG6J0SXjvnQlqfc
Request Chain 226
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMO7eI6_BdAYwVdH_S4b8fU&google_cver=1&google_push=AaAOQGHq7b0dtAAyttvEWTcA6BRvS2tgSpYC3CfKqIhqeIy-HSiGX_95y7Fbr3Gr_nlRmo4GlyzfiA-Ez5p8D9XcFCckyiFjIA0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEpZVlpJSjktMVotMk9GNw==&google_push=AaAOQGHq7b0dtAAyttvEWTcA6BRvS2tgSpYC3CfKqIhqeIy-HSiGX_95y7Fbr3Gr_nlRmo4GlyzfiA-Ez5p8D9XcFCckyiFjIA0
Request Chain 227
  • https://match.360yield.com/match/ebda?google_gid=CAESEEZ9X6br7v5jCVMm1OprUN4&google_cver=1&google_push=AaAOQGHbIzQwsjvg84u5C_j3MgpHi3nSxLVEuVc1UeldwhXuAP68Olk5T8CEsBjUbqQwITEUQYWuw2AqKuviqe64AtnIhOuzTug HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=dGMJ18AAQxumdCjJzDMIpQ&google_push=AaAOQGHbIzQwsjvg84u5C_j3MgpHi3nSxLVEuVc1UeldwhXuAP68Olk5T8CEsBjUbqQwITEUQYWuw2AqKuviqe64AtnIhOuzTug
Request Chain 228
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEPUuu4aI_skni67xljB62LY&google_cver=1&google_push=AaAOQGF-AOy-86RMiAymEMrzdIFDyWLxrfFqJ3MjcgxuWIR8z7KpNJ2tLoS2StbExI7c79tfFiDMc7-wE1OjmdBvZCaPAi7CD765 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NDk0MjM1OTA0NDEzMDE5MjMwOQ%3D%3D&google_gid=CAESEPUuu4aI_skni67xljB62LY&google_cver=1&google_push=AaAOQGF-AOy-86RMiAymEMrzdIFDyWLxrfFqJ3MjcgxuWIR8z7KpNJ2tLoS2StbExI7c79tfFiDMc7-wE1OjmdBvZCaPAi7CD765
Request Chain 229
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESENCljyD2J4Qnh6jyzN_dmVI&google_cver=1&google_push=AaAOQGGHvBF4C2n6E5iTqeyLpC4EQlEBGjsicWW07Mo8ImDX-mmMmLyzes3N_TsJYbLk4g7DlxqaiEfMXBhTQ6dsujGENiA3_4Sw HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESENCljyD2J4Qnh6jyzN_dmVI&google_cver=1&google_push=AaAOQGGHvBF4C2n6E5iTqeyLpC4EQlEBGjsicWW07Mo8ImDX-mmMmLyzes3N_TsJYbLk4g7DlxqaiEfMXBhTQ6dsujGENiA3_4Sw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=2c904e7c-1719-4cc0-a134-5aa114d71e23&%%GOOGLE_PUSH_PAIR%%
Request Chain 231
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEO6zwXUX5mLLtSbjpXeRFtI&google_cver=1&google_push=AaAOQGHgbQvwvrR1lVtANIwjxqF7k4ncsmzH5ij_5rsmjnUnjCh-xXxaYEdYd9vpIy9rBS6YyOsj_fEi71UTr4AJleUQg4I4kfqr HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGHgbQvwvrR1lVtANIwjxqF7k4ncsmzH5ij_5rsmjnUnjCh-xXxaYEdYd9vpIy9rBS6YyOsj_fEi71UTr4AJleUQg4I4kfqr
Request Chain 232
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEMnjClYZAOOYbGi_FzIvrq0&google_cver=1&google_push=AaAOQGEVKVwDQuu--u7OfbGXHQ8u83fwZr0LELAY5cJuSAW5QYiJLDpWAfnO6CpU1R6i-lLEjqelO6hmUbM9v80wDSSRAJN9YAk&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGEVKVwDQuu--u7OfbGXHQ8u83fwZr0LELAY5cJuSAW5QYiJLDpWAfnO6CpU1R6i-lLEjqelO6hmUbM9v80wDSSRAJN9YAk%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMnjClYZAOOYbGi_FzIvrq0&google_cver=1&google_push=AaAOQGEVKVwDQuu--u7OfbGXHQ8u83fwZr0LELAY5cJuSAW5QYiJLDpWAfnO6CpU1R6i-lLEjqelO6hmUbM9v80wDSSRAJN9YAk&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGEVKVwDQuu--u7OfbGXHQ8u83fwZr0LELAY5cJuSAW5QYiJLDpWAfnO6CpU1R6i-lLEjqelO6hmUbM9v80wDSSRAJN9YAk%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 233
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEMGXCrHGiTsssr72tCqNB24&google_cver=1&google_push=AaAOQGEjw7-QdjrPDlIcIUmMkM788vfeGf0gOPkqSUy8iYl_--oOw0IzrmJK902rJL_vhfPCg3Hal28BJfEWD9CEZg4rX8JVZG9G HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGEjw7-QdjrPDlIcIUmMkM788vfeGf0gOPkqSUy8iYl_--oOw0IzrmJK902rJL_vhfPCg3Hal28BJfEWD9CEZg4rX8JVZG9G&google_hm=eS1paTBWWXY5RTJwRzhxUGZyeGZaVXJNcVlUODVWODF1T35B
Request Chain 234
  • https://d5p.de17a.com/cookies/google?google_gid=CAESELJEf1NPBthlHXrU5y-wWXc&google_cver=1&google_push=AaAOQGEWn0JBvaNH_G7AkhBlSRVWsHT4k395L_6e2aHF0k7k_7UtIlphYM_bN7Xrq9ca6IXR3Sn98AM-1MHz4mh7C9l1dinJnEWH HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESELJEf1NPBthlHXrU5y-wWXc&google_cver=1&google_push=AaAOQGEWn0JBvaNH_G7AkhBlSRVWsHT4k395L_6e2aHF0k7k_7UtIlphYM_bN7Xrq9ca6IXR3Sn98AM-1MHz4mh7C9l1dinJnEWH HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AaAOQGEWn0JBvaNH_G7AkhBlSRVWsHT4k395L_6e2aHF0k7k_7UtIlphYM_bN7Xrq9ca6IXR3Sn98AM-1MHz4mh7C9l1dinJnEWH
Request Chain 237
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEC2lCEslld4rWCdZ1QSWUX0&google_cver=1&google_push=AaAOQGGrcBAOPL77-YvOLkLWq-f4yXdzfKpsdtONlwdtqRrMlasGjiPKf38zrMMSKWh-BgUsb63U0RaBRXwtngGq6gTr9QeHdlm60Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGGrcBAOPL77-YvOLkLWq-f4yXdzfKpsdtONlwdtqRrMlasGjiPKf38zrMMSKWh-BgUsb63U0RaBRXwtngGq6gTr9QeHdlm60Q HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 243
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 247
  • https://um.simpli.fi/gp_match?google_gid=CAESEKp4HQ6eLMzon9v8xsrwxEU&google_cver=1&google_push=AaAOQGFx-xjpF-TWZ0Rd031Z7rReAgquqKbfYhrO2FAyLGhYiOJcHgdLHdTBGlclEEs8vtrehgdUU-6Y9XMzvzZdcuaBeacRS7Mu HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=EA2ED22C10FA4FF8BBD9D899C80FC3DE&google_push=AaAOQGFx-xjpF-TWZ0Rd031Z7rReAgquqKbfYhrO2FAyLGhYiOJcHgdLHdTBGlclEEs8vtrehgdUU-6Y9XMzvzZdcuaBeacRS7Mu
Request Chain 248
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELU0-tf6_lKD0XoJXv6K35U&google_cver=1&google_push=AaAOQGEz-VCnf2KgORbf2ds1Q8lgEtWD23OHb6LvAklJFQe8G7smiZjN5pge1wdXkv1rCqkQcR_-eoKTLb9vqMi8BY2o5UBuBnJQag HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGEz-VCnf2KgORbf2ds1Q8lgEtWD23OHb6LvAklJFQe8G7smiZjN5pge1wdXkv1rCqkQcR_-eoKTLb9vqMi8BY2o5UBuBnJQag&google_hm=eS1paTBWWXY5RTJwRzhxUGZyeGZaVXJNcVlUODVWODF1T35B
Request Chain 251
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEF9evX3cJU0tuowrRXwdpbY&google_cver=1&google_push=AaAOQGFhP43jTJ938QJXNzOZTXdsXAEdwjTjPq-WTeUKHYn5EZKZ8p9rXqkhzuCZl_AJCkrasjMdyWmVbq1q4BYh4sBIXnQ6HER6 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGFhP43jTJ938QJXNzOZTXdsXAEdwjTjPq-WTeUKHYn5EZKZ8p9rXqkhzuCZl_AJCkrasjMdyWmVbq1q4BYh4sBIXnQ6HER6
Request Chain 253
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESENnErwH9AyF4e5aX3GoZn_A&google_cver=1&google_push=AaAOQGFtsKTDJM6OBT3IrZeHcPX_zzlmcaf5x8rfMRAqBMevkjmojcJXLCoRiYeDo2Yiel1oA_IDo7Pgb8mhrwzh5s6tpdvIyAVnGA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=2c904e7c-1719-4cc0-a134-5aa114d71e23&%%GOOGLE_PUSH_PAIR%%
Request Chain 276
  • https://fw.adsafeprotected.com/rfw/st/1534583/72389193/skeleton.js?adsafe_url=https%3A%2F%2Fpcloak.blob.core.windows.net&adsafe_type=g&adsafe_url=https%3A%2F%2Fwww.nefisyemektarifleri.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D1&adsafe_type=d&adsafe_jsinfo=,id:2dffbaa2-f741-71db-eb2d-2a6ebf9195ae,c:i6nEob,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-6cdfcd9489-x4rdp,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:227,mot:0,app:0,maw:0,fm:tJKe7jy+111%7C112%7C113%7C114%7C115%7C116%7C117%7C118%7C119%7C11a1%7C11b11%7C11c1%7C11d1%7C11d2%7C11e1%7C11e2%7C11e3%7C11e41%7C11f1%7C11f2%7C11g*.1534583-72389193%7C11g1%7C11g2%7C11g3%7C11g4%7C11h%7C11i1%7C11j,idMap:11g*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:252,oid:76d94b6f-203d-11ee-a3b0-9617c417f7a5,v:19.8.427,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/skeleton.js
Request Chain 289
  • https://istr.izlesene.com/data/videos/10710/10710800-480_2-170k.mp4?token=ghJqF0FTY48xkzVo1nmRhA&ts=1689205885&playername=npm_nefisyemektarifleri HTTP 302
  • https://istr-n23.nktcdn.com/data/videos/10710/10710800-480_2-170k.mp4?playername=npm_nefisyemektarifleri&token=BSSx8LbI3Jtom91JaiPM2g&ts=1689202286

317 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request 6x67420x0229.html
pcloak.blob.core.windows.net/web/
1 KB
2 KB
Document
General
Full URL
https://pcloak.blob.core.windows.net/web/6x67420x0229.html?fbclid=PAAaae-SdJFaTCe2X2Rz0YQJeaF_cmcYz8_lmUJJDaLttsAGULWuQIAYEIFUc_aem_AWqMemsf4qpLbeZbkZhrgOzXLw4pKQpSKaow2V3Sax-iHPbhThvsND2Me74HsU0i7CvE1WRhY0ku0e2hAZgH8ddB
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
add347e23d6d68d50f456f663e081078bf03026f868ca4aa31e6b0f8f5354e01

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
1321
Content-MD5
4ybI82/2lfG6TucYWk+Hdw==
Content-Type
text/html
Date
Tue, 11 Jul 2023 22:51:21 GMT
ETag
0x8DB5ED054FF7A83
Last-Modified
Sat, 27 May 2023 16:35:07 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-type
BlockBlob
x-ms-lease-status
unlocked
x-ms-request-id
d804f7f9-401e-003f-664a-b48aae000000
x-ms-version
2009-09-19
jquery.min.js
pcloak.blob.core.windows.net/web/
0
0
Script
General
Full URL
https://pcloak.blob.core.windows.net/web/jquery.min.js
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x67420x0229.html?fbclid=PAAaae-SdJFaTCe2X2Rz0YQJeaF_cmcYz8_lmUJJDaLttsAGULWuQIAYEIFUc_aem_AWqMemsf4qpLbeZbkZhrgOzXLw4pKQpSKaow2V3Sax-iHPbhThvsND2Me74HsU0i7CvE1WRhY0ku0e2hAZgH8ddB
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pcloak.blob.core.windows.net/web/6x67420x0229.html?fbclid=PAAaae-SdJFaTCe2X2Rz0YQJeaF_cmcYz8_lmUJJDaLttsAGULWuQIAYEIFUc_aem_AWqMemsf4qpLbeZbkZhrgOzXLw4pKQpSKaow2V3Sax-iHPbhThvsND2Me74HsU0i7CvE1WRhY0ku0e2hAZgH8ddB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-request-id
d804f8ab-401e-003f-044a-b48aae000000
Date
Tue, 11 Jul 2023 22:51:21 GMT
x-ms-version
2009-09-19
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-Length
215
Content-Type
application/xml
cloakan.js
pcloak.blob.core.windows.net/web/
308 B
717 B
Script
General
Full URL
https://pcloak.blob.core.windows.net/web/cloakan.js
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x67420x0229.html?fbclid=PAAaae-SdJFaTCe2X2Rz0YQJeaF_cmcYz8_lmUJJDaLttsAGULWuQIAYEIFUc_aem_AWqMemsf4qpLbeZbkZhrgOzXLw4pKQpSKaow2V3Sax-iHPbhThvsND2Me74HsU0i7CvE1WRhY0ku0e2hAZgH8ddB
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
4651fd93f167c3620b534c30bc23ae2a2e7cf742621d8e6d12553c09c388284a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pcloak.blob.core.windows.net/web/6x67420x0229.html?fbclid=PAAaae-SdJFaTCe2X2Rz0YQJeaF_cmcYz8_lmUJJDaLttsAGULWuQIAYEIFUc_aem_AWqMemsf4qpLbeZbkZhrgOzXLw4pKQpSKaow2V3Sax-iHPbhThvsND2Me74HsU0i7CvE1WRhY0ku0e2hAZgH8ddB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Tue, 11 Jul 2023 22:51:21 GMT
Last-Modified
Mon, 13 Jun 2022 14:36:49 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
zPiKctHo6j8i1UGOFPpInw==
ETag
0x8DA4D4A263C11C2
Content-Type
text/javascript
x-ms-request-id
d804f984-401e-003f-554a-b48aae000000
x-ms-version
2009-09-19
Content-Length
308
style.css
pcloak.blob.core.windows.net/web/
166 B
568 B
Stylesheet
General
Full URL
https://pcloak.blob.core.windows.net/web/style.css
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x67420x0229.html?fbclid=PAAaae-SdJFaTCe2X2Rz0YQJeaF_cmcYz8_lmUJJDaLttsAGULWuQIAYEIFUc_aem_AWqMemsf4qpLbeZbkZhrgOzXLw4pKQpSKaow2V3Sax-iHPbhThvsND2Me74HsU0i7CvE1WRhY0ku0e2hAZgH8ddB
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
cf906196a7c1414e11983955e101a051d55a864f2bc9fd52a453d952d92fd9b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pcloak.blob.core.windows.net/web/6x67420x0229.html?fbclid=PAAaae-SdJFaTCe2X2Rz0YQJeaF_cmcYz8_lmUJJDaLttsAGULWuQIAYEIFUc_aem_AWqMemsf4qpLbeZbkZhrgOzXLw4pKQpSKaow2V3Sax-iHPbhThvsND2Me74HsU0i7CvE1WRhY0ku0e2hAZgH8ddB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Tue, 11 Jul 2023 22:51:21 GMT
Last-Modified
Mon, 13 Jun 2022 14:36:49 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
9ruAIrm4XHnQO3/sM8J0AQ==
ETag
0x8DA4D4A26527CA0
Content-Type
text/css
x-ms-request-id
d804f91c-401e-003f-6f4a-b48aae000000
x-ms-version
2009-09-19
Content-Length
166
px.php
www.cloakan.co/
55 B
321 B
XHR
General
Full URL
https://www.cloakan.co/px.php?id=6x67420x0229
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x67420x0229.html?fbclid=PAAaae-SdJFaTCe2X2Rz0YQJeaF_cmcYz8_lmUJJDaLttsAGULWuQIAYEIFUc_aem_AWqMemsf4qpLbeZbkZhrgOzXLw4pKQpSKaow2V3Sax-iHPbhThvsND2Me74HsU0i7CvE1WRhY0ku0e2hAZgH8ddB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
77.245.159.14 , Turkey, ASN42868 (NIOBEBILISIMHIZMETLERI, TR),
Reverse DNS
stilgar.wlsrv.com
Software
LiteSpeed / PHP/7.3.33
Resource Hash
a9f55a9e4658a9960455f9485c446ea9874f2590ae283801311d84e908536cc2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pcloak.blob.core.windows.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 22:51:19 GMT
content-encoding
br
server
LiteSpeed
x-powered-by
PHP/7.3.33
vary
Accept-Encoding,User-Agent
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length
45
nv.php
www.cloakan.co/
275 B
421 B
Script
General
Full URL
https://www.cloakan.co/nv.php?id=6x67420x0229-m
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/cloakan.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
77.245.159.14 , Turkey, ASN42868 (NIOBEBILISIMHIZMETLERI, TR),
Reverse DNS
stilgar.wlsrv.com
Software
LiteSpeed / PHP/7.3.33
Resource Hash
64bba7358df0b70cff3572ee3e5a2eee51ae741c86167cd529bc7af0e15682a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pcloak.blob.core.windows.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 22:51:20 GMT
content-encoding
br
server
LiteSpeed
x-powered-by
PHP/7.3.33
vary
Accept-Encoding,User-Agent
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length
147
/
www.nefisyemektarifleri.com/etsiz-nohut-yemegi-248941/ Frame 82A3
289 KB
44 KB
Document
General
Full URL
https://www.nefisyemektarifleri.com/etsiz-nohut-yemegi-248941/
Requested by
Host: www.cloakan.co
URL: https://www.cloakan.co/nv.php?id=6x67420x0229-m
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:e66f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b29ef90ab1c7c70fc47d2d1806b5526c84d81a4053c41789fd0bd7842018038c
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pcloak.blob.core.windows.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1582
cf-cache-status
DYNAMIC
cf-ray
7e549c5ddf62997a-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 11 Jul 2023 22:51:23 GMT
last-modified
Tue, 11 Jul 2023 22:25:00 GMT
server
cloudflare
x-amp
no
x-cache
HIT
x-device
nmobile
x-xss-protection
1; mode=block
icon-set.ttf
mn.nytcdn.com/wp-content/themes/nytheme/dist/assets/fonts/ Frame 82A3
22 KB
22 KB
Font
General
Full URL
https://mn.nytcdn.com/wp-content/themes/nytheme/dist/assets/fonts/icon-set.ttf?v=20210129
Requested by
Host: www.nefisyemektarifleri.com
URL: https://www.nefisyemektarifleri.com/etsiz-nohut-yemegi-248941/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
886a2ff3ff2a76e50d8387582d03539c71d06dbd4314cd8cc955ea08b5cf752f
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nefisyemektarifleri.com/
Origin
https://www.nefisyemektarifleri.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 22:51:23 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3872
alt-svc
h3=":443"; ma=86400
content-length
22084
x-xss-protection
1; mode=block
last-modified
Thu, 24 Mar 2022 06:41:39 GMT
server
cloudflare
etag
"623c12a3-5644"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wr3n68SNMj2gV0%2B203nJySQFO0SLn7pgFWYBShlO%2FISkhA4OLWAdHmWIj1ryq4kQRSyjzne25%2BcZDAAjwidB98RM32LN%2B%2BqzOIcKjLH5CR4r5wfxRcvjqDI3Ulg%2BIORnHK6V8CeOmUOS3Ecy"}],"group":"cf-nel","max_age":604800}
x-varnish
1010264765 981221928
content-type
application/octet-stream
access-control-allow-origin
*
x-abc
s3
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7e549c5eeefc3832-FRA
x-nyt-cache
hit cached
single-recipe.css
mn.nytcdn.com/wp-content/themes/nytheme/dist/assets/css/ Frame 82A3
161 KB
28 KB
Stylesheet
General
Full URL
https://mn.nytcdn.com/wp-content/themes/nytheme/dist/assets/css/single-recipe.css?1680961699
Requested by
Host: www.nefisyemektarifleri.com
URL: https://www.nefisyemektarifleri.com/etsiz-nohut-yemegi-248941/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fd0e821ef47075614e9500f81f2077fef9be630b5a63bd40a10b7922026aed7
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nefisyemektarifleri.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 22:51:23 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4529
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 24 Mar 2023 10:00:42 GMT
server
cloudflare
etag
W/"641d74ca-28302"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W9GxFoFpybOyFZXGArA4xEzNRC8jVdwkaWQjAEYIJzDCxXlHpndzKyfBHroYnVyJa5TAiZHc%2Bo3SBf9tXv4rPzZafvNUmeSWSSH4F8Gv9WMzyggvdQiTxk%2Fdc9Hxlvl1tZnzg2UFmGyWGCVH"}],"group":"cf-nel","max_age":604800}
x-varnish
908258478 908153339
content-type
text/css
access-control-allow-origin
*
x-abc
s3
cache-control
max-age=14400
cf-ray
7e549c5ee8663a6c-FRA
x-nyt-cache
hit cached
single-vendor.css
mn.nytcdn.com/wp-content/themes/nytheme/dist/assets/css/ Frame 82A3
189 KB
30 KB
Stylesheet
General
Full URL
https://mn.nytcdn.com/wp-content/themes/nytheme/dist/assets/css/single-vendor.css?1687242409
Requested by
Host: www.nefisyemektarifleri.com
URL: https://www.nefisyemektarifleri.com/etsiz-nohut-yemegi-248941/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38312b284a104dfa32e4ecfe73f542a66e04fb259e9bcd5e581e45bdeb677487
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nefisyemektarifleri.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 22:51:23 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5962
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 20 Jun 2023 06:26:15 GMT
server
cloudflare
etag
W/"64914687-2f326"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dp%2B%2FFv7RhbCGLmOVnPH3xo%2BU3AJDQWPL41qZF%2FeNopbEBqUZ5qz9%2Fq1zCsagImRRaV4hgWmTkxRVHlDoV3QcomUlSIexthcBzTXmboXiOEzn2lO1LnaNS47IJ%2BDM%2BhmEnbUJGUyF4p1hGeLQ"}],"group":"cf-nel","max_age":604800}
x-varnish
204457102 204392002
content-type
text/css
access-control-allow-origin
*
x-abc
local
cache-control
max-age=14400
cf-ray
7e549c5ee8673a6c-FRA
x-nyt-cache
hit cached
1x1.gif
mn.nytcdn.com/wp-content/ Frame 82A3
42 B
391 B
Image
General
Full URL
https://mn.nytcdn.com/wp-content/1x1.gif
Requested by
Host: www.nefisyemektarifleri.com
URL: https://www.nefisyemektarifleri.com/etsiz-nohut-yemegi-248941/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nefisyemektarifleri.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 22:51:23 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5962
alt-svc
h3=":443"; ma=86400
content-length
42
x-xss-protection
1; mode=block
last-modified
Thu, 24 Mar 2022 06:41:37 GMT
server
cloudflare
etag
"623c12a1-2a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u6X1CyG42hJyfC1JErZph7oWG%2B1XrIBRq9uD%2BEsdDPP0T1qRvfCyL2dcgidnVgpKRsKw5p1qWDHolao0X3Kr2OYpoAjqwgr9YtItYEGkVDwSjdpDVnzG2jw4mHHCdOL2NJfhjxe5WQGDklkm"}],"group":"cf-nel","max_age":604800}
x-varnish
1002958177 987328424
content-type
image/gif
access-control-allow-origin
*
x-abc
s3
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7e549c5f28943a6c-FRA
x-nyt-cache
hit cached
profilo-tab-logo.png
i.nefisyemektarifleri.com/2022/01/06/ Frame 82A3
4 KB
4 KB
Image
General
Full URL
https://i.nefisyemektarifleri.com/2022/01/06/profilo-tab-logo.png
Requested by
Host: www.nefisyemektarifleri.com
URL: https://www.nefisyemektarifleri.com/etsiz-nohut-yemegi-248941/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.3.2.72 Frankfurt am Main, Germany, ASN21245 (MEDIANOVA-CDN, TR),
Reverse DNS
Software
MNCDN-2139 /
Resource Hash
4621960c2ce01b405da6b6652f322bd8904f3e0d867daf7db9dd5d5ad6cc6491
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nefisyemektarifleri.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Wed, 10 Jul 2024 22:51:23 GMT
date
Tue, 11 Jul 2023 22:51:23 GMT
age
12344
x-edge-location
DE-372
x-cache-status
Edge : HIT,
content-length
4162
x-xss-protection
1; mode=block
last-modified
Thu, 06 Jan 2022 13:11:21 GMT
server
MNCDN-2139
x-mnrequest-id
30a4a1490074f4de71be2fdef863a619
x-varnish
743064697 742473178
content-type
image/png
access-control-allow-origin
*
x-abc
local
cache-control
max-age=31536000
accept-ranges
bytes
x-mserver
2137
x-nyt-cache
hit cached
etsiz-nohut-yemegi-5.jpg
i.nefisyemektarifleri.com/2022/08/31/ Frame 82A3
101 KB
102 KB
Image
General
Full URL
https://i.nefisyemektarifleri.com/2022/08/31/etsiz-nohut-yemegi-5.jpg
Requested by
Host: www.nefisyemektarifleri.com
URL: https://www.nefisyemektarifleri.com/etsiz-nohut-yemegi-248941/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.3.2.72 Frankfurt am Main, Germany, ASN21245 (MEDIANOVA-CDN, TR),
Reverse DNS
Software
MNCDN-2139 /
Resource Hash
cde2d86c6323204b3e715d09b58ab41ecf370b5a10cb1d61fa76b77e0a0a75c0
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nefisyemektarifleri.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Wed, 10 Jul 2024 22:51:23 GMT
date
Tue, 11 Jul 2023 22:51:23 GMT
age
513
x-edge-location
DE-372
x-cache-status
Edge : HIT,
x-cache
X-MISS
content-length
103705
x-bn
default
x-xss-protection
1; mode=block
last-modified
Wed, 31 Aug 2022 10:31:01 GMT
server
MNCDN-2139
x-mnrequest-id
b61ab3ed1103243c78cef96db3e0f10d
x-varnish
250859771, 884143075 884140396
content-type
image/jpeg
access-control-allow-origin
*
x-abc
remote
cache-control
max-age=31536000
accept-ranges
bytes
x-mserver
2216
x-nyt-cache
hit cached
xa1555678923-751d43b96920b44a27ba4b25ad85fe3b-bpthumb.jpg
i2.nefisyemektarifleri.com/avatar/2019/04/19/3514/ Frame 82A3
4 KB
4 KB
Image
General
Full URL
https://i2.nefisyemektarifleri.com/avatar/2019/04/19/3514/xa1555678923-751d43b96920b44a27ba4b25ad85fe3b-bpthumb.jpg
Requested by
Host: www.nefisyemektarifleri.com
URL: https://www.nefisyemektarifleri.com/etsiz-nohut-yemegi-248941/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:e66f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0757fc98355b7ff4d0bdc506c1ef2aa69aac074686194c2e7690ffdc913035a
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nefisyemektarifleri.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 22:51:23 GMT
cf-cache-status
HIT
cf-polished
origSize=4099, status=webp_bigger
content-length
3656
x-xss-protection
1; mode=block
cf-bgj
imgq:100,h2pri
last-modified
Fri, 19 Apr 2019 13:02:03 GMT
server
cloudflare
etag
"5cb9c6cb-1003"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-abc
s3
cache-control
max-age=31536000
x-varnish
1042281636 1018566721
accept-ranges
bytes
cf-ray
7e549c5f68c3997a-FRA
x-nyt-cache
hit cached
ads.js
mn.nytcdn.com/wp-content/assets/js/ Frame 82A3
24 B
384 B
Script
General
Full URL
https://mn.nytcdn.com/wp-content/assets/js/ads.js
Requested by
Host: www.nefisyemektarifleri.com
URL: https://www.nefisyemektarifleri.com/etsiz-nohut-yemegi-248941/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b6ad08a66b7925e557e069b9c9fcab676f04fbc22535b7b12c0d8eca8d48803
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nefisyemektarifleri.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 22:51:23 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3648
alt-svc
h3=":443"; ma=86400
content-length
24
x-xss-protection
1; mode=block
last-modified
Thu, 24 Mar 2022 06:41:38 GMT
server
cloudflare
etag
"623c12a2-18"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qwZdPUuACOyhjqIfXeKKMtuN54%2FwqWYfCmRVYQY3B463zTUnUcuGVnUO5Rba2FF4S%2FRTbTXNyLbKLvk2RTowGCl%2FNkcbHzxMozOoAY5f0pRLFQxTgHUGfcNK3NDlWlzs4rbsYgFi8aAzzvUK"}],"group":"cf-nel","max_age":604800}
x-varnish
553057397 526533194
content-type
application/javascript
access-control-allow-origin
*
x-abc
s3
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7e549c5f58c13a6c-FRA
x-nyt-cache
hit cached
outside.js
static.virgul.com/theme/mockups/adcode/ Frame 82A3
75 KB
26 KB
Script
General
Full URL
https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19549
Requested by
Host: www.nefisyemektarifleri.com
URL: https://www.nefisyemektarifleri.com/etsiz-nohut-yemegi-248941/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
66413d92e3b48b21f37de7968a4c6ee6dafb956f4963d0557959a3d10db2c492

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nefisyemektarifleri.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 22:51:23 GMT
content-encoding
gzip
last-modified
Fri, 23 Jun 2023 06:55:07 GMT
server
openresty/1.15.8.3
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=43200
gtm.js
www.googletagmanager.com/ Frame 82A3
223 KB
74 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MFXWLS3
Requested by
Host: www.nefisyemektarifleri.com
URL: https://www.nefisyemektarifleri.com/etsiz-nohut-yemegi-248941/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c7992f89295dc516db9548282b34c7b6e8cfa345ce86f1ed4a6420389bd77bb0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nefisyemektarifleri.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 22:51:23 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
74905
x-xss-protection
0
last-modified
Tue, 11 Jul 2023 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 11 Jul 2023 22:51:23 GMT
olan-biten-dark.svg
c.nefisyemektarifleri.com/wp-content/themes/nytheme/dist/assets/img/svg/ Frame 82A3
949 B
611 B
Image
General
Full URL
https://c.nefisyemektarifleri.com/wp-content/themes/nytheme/dist/assets/img/svg/olan-biten-dark.svg
Requested by
Host: www.nefisyemektarifleri.com
URL: https://www.nefisyemektarifleri.com/etsiz-nohut-yemegi-248941/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:e66f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f86c74a7863cd1fa2343f0371ccbac47085bdb301f0df1785c5a4337bd044d24
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nefisyemektarifleri.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 22:51:23 GMT
content-encoding
br
cf-cache-status
HIT
age
62
x-xss-protection
1; mode=block
last-modified
Thu, 24 Mar 2022 06:41:39 GMT
server
cloudflare
etag
W/"623c12a3-3b5"
vary
Accept-Encoding
x-varnish
19305946 19860535
content-type
image/svg+xml
access-control-allow-origin
*
x-abc
local
cache-control
max-age=31536000
cf-ray
7e549c5f78ce997a-FRA
x-nyt-cache
hit cached
group(1).svg
c.nefisyemektarifleri.com/wp-content/themes/nytheme/dist/assets/img/svg/ Frame 82A3
4 KB
1 KB
Image
General
Full URL
https://c.nefisyemektarifleri.com/wp-content/themes/nytheme/dist/assets/img/svg/group(1).svg
Requested by
Host: www.nefisyemektarifleri.com
URL: https://www.nefisyemektarifleri.com/etsiz-nohut-yemegi-248941/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:e66f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70b9f9cb8f1feda701490e7fa560a0a2e0309ef259f9d74b301c9712e56efa56
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nefisyemektarifleri.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 22:51:23 GMT
content-encoding
br
cf-cache-status
HIT
age
1522
x-xss-protection
1; mode=block
last-modified
Thu, 24 Mar 2022 06:41:39 GMT
server
cloudflare
etag
W/"623c12a3-102c"
vary
Accept-Encoding
x-varnish
19303858
content-type
image/svg+xml
access-control-allow-origin
*
x-abc
local
cache-control
max-age=31536000
cf-ray
7e549c5f78cc997a-FRA
x-nyt-cache
miss cached
script-notlogin.js
mn.nytcdn.com/wp-content/themes/nytheme/ Frame 82A3
290 KB
89 KB
Script
General
Full URL
https://mn.nytcdn.com/wp-content/themes/nytheme/script-notlogin.js?v=1687242409
Requested by
Host: www.nefisyemektarifleri.com
URL: https://www.nefisyemektarifleri.com/etsiz-nohut-yemegi-248941/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd4d8b7f56b06140ad3542041b66f635d9cbd4e0da6cc7d17a0e16d014aa2498
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nefisyemektarifleri.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 22:51:23 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5094
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 20 Jun 2023 06:26:15 GMT
server
cloudflare
etag
W/"64914687-48777"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m4n26Xy0x0L0V0pUbtPZaIQCyqRG%2FaG%2B6qwIK9WMxX0CIW1q4qosEcXPq8QaXU%2BPn%2BcBuOb%2BPLIC6tGWtKFsaG2L50ZXypfOeU5yJy2hvUg%2BpPDRQ6eODcHs0s4g6ZR3PrJD7xbxUpdiD7IP"}],"group":"cf-nel","max_age":604800}
x-varnish
204392005 204612307
content-type
application/javascript
access-control-allow-origin
*
x-abc
s3
cache-control
max-age=14400
cf-ray
7e549c5fea7390d6-FRA
x-nyt-cache
hit cached
red-iconned-v2.png
mn.nytcdn.com/wp-content/themes/nytheme/dist/assets/img/png/ Frame 82A3
6 KB
6 KB
Image
General
Full URL
https://mn.nytcdn.com/wp-content/themes/nytheme/dist/assets/img/png/red-iconned-v2.png
Requested by
Host: mn.nytcdn.com
URL: https://mn.nytcdn.com/wp-content/themes/nytheme/dist/assets/css/single-vendor.css?1687242409
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2ff6717bd218c66ffde415472bdaf58a1384725840a862a466317727eaaab1b
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mn.nytcdn.com/wp-content/themes/nytheme/dist/assets/css/single-vendor.css?1687242409
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 22:51:23 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6304
alt-svc
h3=":443"; ma=86400
content-length
5986
x-xss-protection
1; mode=block
last-modified
Thu, 24 Mar 2022 06:41:39 GMT
server
cloudflare
etag
"623c12a3-1762"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X3iLYUfVPz3CSFjBZdXS%2FxDUjnYwiLLrDVKAYrTUZ1uQ9jEek3z9hCU1T0kNxPCFvqvrnCPOE1Qe%2FEsCNiuhLriZNreIc%2F9g3bqLZcTaLyd3P3FvUBRYn9QBNOfT%2FtDEj%2Fnpf%2F0B%2FhGw%2B5XA"}],"group":"cf-nel","max_age":604800}
x-varnish
806638575 785362051
content-type
image/png
access-control-allow-origin
*
x-abc
s3
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7e549c600a8290d6-FRA
x-nyt-cache
hit cached
analytics.js
www.google-analytics.com/ Frame 82A3
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFXWLS3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nefisyemektarifleri.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 11 Jul 2023 21:04:37 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
6406
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 11 Jul 2023 23:04:37 GMT
fbevents.js
connect.facebook.net/en_US/ Frame 82A3
171 KB
47 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x67420x0229.html?fbclid=PAAaae-SdJFaTCe2X2Rz0YQJeaF_cmcYz8_lmUJJDaLttsAGULWuQIAYEIFUc_aem_AWqMemsf4qpLbeZbkZhrgOzXLw4pKQpSKaow2V3Sax-iHPbhThvsND2Me74HsU0i7CvE1WRhY0ku0e2hAZgH8ddB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2da988427b34614d705adbf808e2e61d91f67bf147db9049e34c99b3624171e8
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nefisyemektarifleri.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 11 Jul 2023 22:51:23 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
46863
x-xss-protection
0
pragma
public
x-fb-debug
eHNpebX8QEFIpipM8tuxyKvUA+FaFdiOCnWcYmCtzBz5jazfOZ0ujo+T0kK8uJwDl88q5NjLPyopZ832qa3n/A==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/ Frame 82A3
248 KB
84 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-WGBDLK44E4&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFXWLS3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4d79af9825f1664a8d0a014d047a1b0c98e89648edd655de1f66143c9bbba534
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nefisyemektarifleri.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 22:51:23 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86207
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 11 Jul 2023 22:51:23 GMT
publisher:getClientId
ampcid.google.com/v1/ Frame 82A3
74 B
448 B
XHR
General
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.nefisyemektarifleri.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 11 Jul 2023 22:51:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.nefisyemektarifleri.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
94
x-xss-protection
0
1877570159153553
connect.facebook.net/signals/config/ Frame 82A3
384 KB
110 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1877570159153553?v=2.9.111&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a883e74d2f7c31294beaf47eb691d0fa07414cc3ef857e53b768960c94f23a31
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nefisyemektarifleri.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 11 Jul 2023 22:51:23 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
111683
x-xss-protection
0
pragma
public
x-fb-debug
xuKZbPLLI95SAwaSHXctWHJG13rwBBBVQTbg+G9o9KDBzGKEIwvnHW49UetZNreNyYgtlYjGyJhSYl5SsRUytw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 82A3
76 KB
26 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19549
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
08530601e844dcb94572748ea68fbf5b050c163d578ed8a20c2891e6c64fc064
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nefisyemektarifleri.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 22:51:23 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26055
x-xss-protection
0
server
cafe
etag
56 / 19549 / m202307060101 / config-hash: 4118934116534822147
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 11 Jul 2023 22:51:23 GMT
ads.js
static.virgul.com/theme/mockups/mockups/tracker/imp/collect/adview/ad/ Frame 82A3
120 B
306 B
Script
General
Full URL
https://static.virgul.com/theme/mockups/mockups/tracker/imp/collect/adview/ad/ads.js
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19549
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
d9fd0aeda423bd39a36871759ef7b17dab3d51e5981cd5839103f990b8b9ef60

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nefisyemektarifleri.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 22:51:23 GMT
last-modified
Wed, 21 Dec 2022 18:47:42 GMT
server
openresty/1.15.8.3
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=5184000
accept-ranges
bytes
content-length
120
str.html
static.virgul.com/theme/mockups/outside/ Frame 7549
891 B
1 KB
Document
General
Full URL
https://static.virgul.com/theme/mockups/outside/str.html?v=2
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19549
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
2af1b8e91e1ea0f27fab2f6bac1dd1d81867b7a2a8d7cef1084fa39309e0ac6f

Request headers

Referer
https://www.nefisyemektarifleri.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=5184000
content-length
891
content-type
text/html
date
Tue, 11 Jul 2023 22:51:23 GMT
last-modified
Wed, 28 Sep 2022 10:07:57 GMT
server
openresty/1.15.8.3
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 82A3
144 KB
48 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19549
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
201cf00ac07e77740f495f99ec55a485cab9215bf093f0139e731bc5d7595082
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nefisyemektarifleri.com/
Origin
https://www.nefisyemektarifleri.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 22:51:23 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49184
x-xss-protection
0
server
cafe
etag
5194792213129652272
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 11 Jul 2023 22:51:23 GMT
prebid7.38.0.js
static.virgul.com/theme/mockups/outside/ Frame 82A3
489 KB
182 KB
Script
General
Full URL
https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19549
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
cff57bb539a961e5816127eb4b662175d6a1c92917effe0f943de85c35911101

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nefisyemektarifleri.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 22:51:23 GMT
content-encoding
gzip
last-modified
Mon, 27 Mar 2023 14:56:06 GMT
server
openresty/1.15.8.3
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=5184000
apstag.js
c.amazon-adsystem.com/aax2/ Frame 82A3
236 KB
58 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19549
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.37.209 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-37-209.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dbc211260f3fb81e545fbebe8be8c367ebe670a585e60e1ec58524c06723ecbc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nefisyemektarifleri.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 22:37:58 GMT
content-encoding
gzip
via
1.1 75a13c74495137fb5435dc4030981df6.cloudfront.net (CloudFront), 1.1 beaace02cc7004781239800a1c484ca0.cloudfront.net (CloudFront)
last-modified
Thu, 29 Jun 2023 21:03:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, MUC50-P2
age
806
x-amz-server-side-encryption
AES256
etag
W/"9352f20e556bff9fea6fd0461aac850d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
qfpS8xwSXQ_nYFZpV5pftJKYjfGXCBWwhSQfhyBWoUhGSvjF_-npSA==
pageview
ng.virgul.com/ Frame 82A3
44 KB
7 KB
Script
General
Full URL
https://ng.virgul.com/pageview?c=site_geneli&mt=1689115883758&v=https%3A%2F%2Fwww.nefisyemektarifleri.com%2Fetsiz-nohut-yemegi-248941%2F%26vi%3D10710800%40&r=nefisyemektarifleri:site_geneli&userId=&tp=&os=&call=noktaad.ads.vvad&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc0,hf1,vv1,gpnyt%3D1%26video%3D1%26rec%3Dbakliyat-yemekleri%26rec_ing%3Ddomates%20sal%C3%A7as%C4%B1%40karabiber%40kuru%20so%C4%9Fan%40nohut%40pul%20biber%40s%C4%B1v%C4%B1%20ya%C4%9F%40sivri%20biber%40su%40tuz%26nyt_cat%3Dpost&info=&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&rdmt=0.8395512808408867
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19549
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
31fcf70b02f21d93a4b8d8fd817c7e0eff63c12c3665098f44a342f5bffe9a96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nefisyemektarifleri.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 22:51:23 GMT
content-encoding
gzip
server
openresty/1.15.8.3
vary
Accept-Encoding
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
access-control-allow-origin
https://www.nefisyemektarifleri.com
content-type
application/javascript
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
nefisyemektarifleri.js
static.virgul.com/theme/mockups/fallback/ Frame 82A3
15 KB
3 KB
Script
General
Full URL
https://static.virgul.com/theme/mockups/fallback/nefisyemektarifleri.js?dts=19549
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19549
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
3b9166033e13e81c852194510ca321d03a0f3e0f8196cc84858c874a32a0adf4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nefisyemektarifleri.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 22:51:23 GMT
content-encoding
gzip
last-modified
Tue, 20 Jun 2023 21:45:07 GMT
server
openresty/1.15.8.3
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=5184000
hb
ng.virgul.com/ Frame 82A3
60 KB
6 KB
Script
General
Full URL
https://ng.virgul.com/hb?call=noktaad.setHbParameters&site=nefisyemektarifleri&dts=469198
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19549
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
bac1442ad76b8ed33d4a4a61e05f8ea6284a31f65ca1fa9cb2a7ba8cb0c93c5b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nefisyemektarifleri.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 22:51:23 GMT
content-encoding
gzip
server
openresty/1.15.8.3
vary
Accept-Encoding
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
access-control-allow-origin
https://www.nefisyemektarifleri.com
content-type
application/javascript
cache-control
max-age=3600
access-control-allow-credentials
true
publisher:getClientId
ampcid.google.de/v1/ Frame 82A3
3 B
377 B
XHR
General
Full URL
https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.nefisyemektarifleri.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 11 Jul 2023 22:51:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.nefisyemektarifleri.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
/
www.facebook.com/tr/ Frame 82A3
0
185 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1877570159153553&ev=PageView&dl=https%3A%2F%2Fwww.nefisyemektarifleri.com%2Fetsiz-nohut-yemegi-248941%2F&rl=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&if=true&ts=1689115883811&sw=1600&sh=1200&v=2.9.111&r=stable&ec=0&o=30&cs_est=true&it=1689115883748&coo=false&rqm=GET
Requested by
Host: www.nefisyemektarifleri.com
URL: https://www.nefisyemektarifleri.com/etsiz-nohut-yemegi-248941/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nefisyemektarifleri.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 11 Jul 2023 22:51:23 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ Frame 82A3
0
31 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1877570159153553&ev=ViewContent&dl=https%3A%2F%2Fwww.nefisyemektarifleri.com%2Fetsiz-nohut-yemegi-248941%2F&rl=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&if=true&ts=1689115883813&cd[content_name]=Etsiz%20Nohut%20Yeme%C4%9Fi&cd[content_ids]=248941&cd[content_type]=recipe&cd[recipe_mainCategory]=Bakliyat%20Yemekleri&cd[recipe_subCategory]=Bakliyat%20Yemekleri&cd[recipe_claps]=27&cd[recipe_comments]=40&cd[recipe_cookDuration]=25dk&cd[recipe_cooked]=22&cd[recipe_cookType]=Ha%C5%9Flama&cd[recipe_hasVideo]=Hay%C4%B1r&cd[recipe_prepDuration]=20dk&cd[recipe_rating]=4.6&cd[recipe_saved]=10888&cd[recipe_serves]=2-4%20&cd[contributor_id]=3514&cd[contributor_followers]=50065&cd[contributor_city]=undefined&cd[contributor_recipes]=undefined&cd[user_id]=undefined&cd[user_gender]=undefined&cd[user_recipes]=undefined&cd[user_followers]=undefined&cd[user_followings]=undefined&cd[user_city]=undefined&cd[user_role]=undefined&cd[ingredients]=domates%20sal%C3%A7as%C4%B1%2Ckarabiber%2Ckuru%20so%C4%9Fan%2Cnohut%2Cpul%20biber%2Cs%C4%B1v%C4%B1%20ya%C4%9F%2Csivri%20biber%2Csu%2Ctuz&sw=1600&sh=1200&v=2.9.111&r=stable&ec=1&o=30&it=1689115883748&coo=false&rqm=GET
Requested by
Host: www.nefisyemektarifleri.com
URL: https://www.nefisyemektarifleri.com/etsiz-nohut-yemegi-248941/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nefisyemektarifleri.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 11 Jul 2023 22:51:23 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
config
c.amazon-adsystem.com/cdn/prod/ Frame 82A3
0
319 B
XHR
General
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.nefisyemektarifleri.com&pubid=e0a76a78-9ad1-46f2-a337-886c2e24ac91
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.37.209 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-37-209.muc50.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nefisyemektarifleri.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 20:38:27 GMT
via
1.1 beaace02cc7004781239800a1c484ca0.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
MUC50-P2
age
7975
x-cache
Hit from cloudfront
access-control-allow-origin
https://www.nefisyemektarifleri.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
WehKxFAwAIOqzEV7EuECaXRbbxTFgwxVn9ci6CnMSMIK3gGJJDUNlQ==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 82A3
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.37.209 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-37-209.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nefisyemektarifleri.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
rBtfgJUMGYsy5fZuQwMAU7hSD.fVdF76
content-encoding
gzip
via
1.1 ba1081cbdcd39cc4928b65493cb81558.cloudfront.net (CloudFront)
date
Tue, 11 Jul 2023 07:14:28 GMT
x-amz-cf-pop
MUC50-P2
age
56228
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Sat, 24 Jun 2023 09:19:11 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
kXH11cEPWRNVFqke9zJR0O5GP0RyAY1XDzzFDV33vAG9buVNiQWApA==
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306290101/ Frame 82A3
344 KB
118 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=www.nefisyemektarifleri.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
831c363d3e741b5551ee5bea6d427cdefb6303d735ff547ebcc7a1a5ffccff99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nefisyemektarifleri.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 22:51:24 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
121065
x-xss-protection
0
server
cafe
etag
15955793558472811128
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 11 Jul 2023 22:51:24 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230710/r20190131/ Frame CA7A
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230710/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nefisyemektarifleri.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
84005
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4544
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 10 Jul 2023 23:31:19 GMT
etag
12368291122986407432
expires
Mon, 24 Jul 2023 23:31:19 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
empowerwebplayer3.js
static.virgul.com/theme/mockups/outside/ Frame 82A3
10 KB
3 KB
Script
General
Full URL
https://static.virgul.com/theme/mockups/outside/empowerwebplayer3.js?v=20
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x67420x0229.html?fbclid=PAAaae-SdJFaTCe2X2Rz0YQJeaF_cmcYz8_lmUJJDaLttsAGULWuQIAYEIFUc_aem_AWqMemsf4qpLbeZbkZhrgOzXLw4pKQpSKaow2V3Sax-iHPbhThvsND2Me74HsU0i7CvE1WRhY0ku0e2hAZgH8ddB
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
3e9569df702eb478e6e7699775a0f555b64ef9e89d89a81742bc97c7803dba96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nefisyemektarifleri.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 22:51:24 GMT
content-encoding
gzip
last-modified
Tue, 13 Jun 2023 13:36:40 GMT
server
openresty/1.15.8.3
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=5184000
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307060101/ Frame 82A3
392 KB
125 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307060101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d076633408bf78e086b9125a46176d2fdeaf3a5d5b52bb9b3a9d562cea646006
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nefisyemektarifleri.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 15:51:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
25185
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
127592
x-xss-protection
0
server
cafe
etag
1084883806831873288
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 10 Jul 2024 15:51:38 GMT
5e73154be4b0016313fa90d5
ng2.virgul.com/ic/ Frame 3798
756 B
998 B
Document
General
Full URL
https://ng2.virgul.com/ic/5e73154be4b0016313fa90d5?g=1&t=cpc_annotation&r=154248@site_geneli@nefisyemektarifleri:site_geneli&l=&info=&mt=1689115883758&userId=vnetb9cf87df-44c8-4da2-82a0-503c8f3b7d9a&ext=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgpnyt%3D1%26video%3D1%26rec%3Dbakliyat-yemekleri%26rec_ing%3Ddomates+sal%C3%A7as%C4%B1%40karabiber%40kuru+so%C4%9Fan%40nohut%40pul+biber%40s%C4%B1v%C4%B1+ya%C4%9F%40sivri+biber%40su%40tuz%26nyt_cat%3Dpost
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19549
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
1150d8dd179e6cfc48aba67d1c483f57bc897e4bfb20aa1603366b666c9e0adf

Request headers

Referer
https://www.nefisyemektarifleri.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.nefisyemektarifleri.com
content-length
756
content-type
text/html
date
Tue, 11 Jul 2023 22:51:24 GMT
expires
Tue, 04 Jan 2022 10:49:40 GMT
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
server
openresty/1.15.8.3
adview
ng2.virgul.com/ Frame 44A0
868 B
1 KB
Script
General
Full URL
https://ng2.virgul.com/adview?a=5e73154be4b0016313fa90d5&r=154248@site_geneli@nefisyemektarifleri:site_geneli&l=&ext=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgpnyt%3D1%26video%3D1%26rec%3Dbakliyat-yemekleri%26rec_ing%3Ddomates+sal%C3%A7as%C4%B1%40karabiber%40kuru+so%C4%9Fan%40nohut%40pul+biber%40s%C4%B1v%C4%B1+ya%C4%9F%40sivri+biber%40su%40tuz%26nyt_cat%3Dpost&info=&cs=1689115883874&mt=1689115883758&userId=vnetb9cf87df-44c8-4da2-82a0-503c8f3b7d9a&vmn=5e73154be4b0016313fa90d5___154248-194842644
Requested by
Host: www.nefisyemektarifleri.com
URL: https://www.nefisyemektarifleri.com/etsiz-nohut-yemegi-248941/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
2ef84904ec7747868537822254d1191370aabad9d95ac86536390eb827fc0908

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nefisyemektarifleri.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 22:51:24 GMT
server
openresty/1.15.8.3
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
access-control-allow-origin
https://www.nefisyemektarifleri.com
content-type
application/javascript
access-control-allow-credentials
true
content-length
868
expires
Tue, 04 Jan 2022 10:49:40 GMT
5e73154be4b0016313fa90d5
ng2.virgul.com/ic/ Frame 23C7
756 B
998 B
Document
General
Full URL
https://ng2.virgul.com/ic/5e73154be4b0016313fa90d5?g=1&t=cpc_annotation&r=154248@site_geneli@nefisyemektarifleri:site_geneli&l=&info=&mt=1689115883758&userId=vnetb9cf87df-44c8-4da2-82a0-503c8f3b7d9a&ext=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgpnyt%3D1%26video%3D1%26rec%3Dbakliyat-yemekleri%26rec_ing%3Ddomates+sal%C3%A7as%C4%B1%40karabiber%40kuru+so%C4%9Fan%40nohut%40pul+biber%40s%C4%B1v%C4%B1+ya%C4%9F%40sivri+biber%40su%40tuz%26nyt_cat%3Dpost
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19549
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
1150d8dd179e6cfc48aba67d1c483f57bc897e4bfb20aa1603366b666c9e0adf

Request headers

Referer
https://www.nefisyemektarifleri.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.nefisyemektarifleri.com
content-length
756
content-type
text/html
date
Tue, 11 Jul 2023 22:51:24 GMT
expires
Tue, 04 Jan 2022 10:49:40 GMT
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
server
openresty/1.15.8.3
adview
ng2.virgul.com/ Frame BCAD
869 B
1 KB
Script
General
Full URL
https://ng2.virgul.com/adview?a=5e73154be4b0016313fa90d5&r=154248@site_geneli@nefisyemektarifleri:site_geneli&l=&ext=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgpnyt%3D1%26video%3D1%26rec%3Dbakliyat-yemekleri%26rec_ing%3Ddomates+sal%C3%A7as%C4%B1%40karabiber%40kuru+so%C4%9Fan%40nohut%40pul+biber%40s%C4%B1v%C4%B1+ya%C4%9F%40sivri+biber%40su%40tuz%26nyt_cat%3Dpost&info=&cs=1689115883874&mt=1689115883758&userId=vnetb9cf87df-44c8-4da2-82a0-503c8f3b7d9a&vmn=5e73154be4b0016313fa90d5___154248-1948426442
Requested by
Host: www.nefisyemektarifleri.com
URL: https://www.nefisyemektarifleri.com/etsiz-nohut-yemegi-248941/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
19876dc14b687dbd36c0a9fe05bc73a9ddfc34da771137be8d2ed93ab2585644

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nefisyemektarifleri.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 22:51:24 GMT
server
openresty/1.15.8.3
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
access-control-allow-origin
https://www.nefisyemektarifleri.com
content-type
application/javascript
access-control-allow-credentials
true
content-length
869
expires
Tue, 04 Jan 2022 10:49:40 GMT
nefisyemektarifleri.js
static.virgul.com/theme/mockups/sites/ Frame 82A3
37 KB
12 KB
Script
General
Full URL
https://static.virgul.com/theme/mockups/sites/nefisyemektarifleri.js?dts=469198
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19549
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
7ef7148f577d4b8db5481c0c82ec42fc53e2b2d3c7f83b2662977759f58477ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nefisyemektarifleri.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 22:51:24 GMT
content-encoding
gzip
last-modified
Thu, 27 Apr 2023 09:08:15 GMT
server
openresty/1.15.8.3
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=5184000
pandg-sdk.js
pghub.io/js/ Frame 82A3
17 KB
5 KB
Script
General
Full URL
https://pghub.io/js/pandg-sdk.js
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19549
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.45.217 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
217.45.241.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
27961ab8c37cddad89230364167c048c6377a80e38542a5ffbca600faf4098ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nefisyemektarifleri.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 22:21:43 GMT
content-encoding
gzip
age
1781
x-guploader-uploadid
ADPycdsy7jaPs5TbC64pyBiY2WcKJHa8XsCp0_GKI1TUNNXtA1gHaMd_ZGktMS4lkNnmgUWoau13LhI474rhM20lPg4UvA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5009
last-modified
Mon, 05 Jun 2023 16:36:50 GMT
server
UploadServer
etag
"47a886353056caf33a998c6041e20896"
vary
Accept-Encoding
x-goog-generation
1685983010517890
x-goog-hash
crc32c=aHj4lg==, md5=R6iGNTBWyvM6mYxgQeIIlg==
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public,max-age=3600
x-goog-stored-content-length
5009
accept-ranges
bytes
content-type
application/javascript
zoneview
ng.virgul.com/ Frame 82A3
0
222 B
Image
General
Full URL
https://ng.virgul.com/zoneview?c=&mt=1689115884022&v=https%3A%2F%2Fwww.nefisyemektarifleri.com%2Fetsiz-nohut-yemegi-248941%2F%26vi%3D10710800%40&r=153183@153193@153204@153190@153201@153187@154248@154248@153202@153184@153185@153186:nefisyemektarifleri&userId=vnetb9cf87df-44c8-4da2-82a0-503c8f3b7d9a&tp=&os=&call=&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc1,hf1,vv1,gpnyt%3D1%26video%3D1%26rec%3Dbakliyat-yemekleri%26rec_ing%3Ddomates%20sal%C3%A7as%C4%B1%40karabiber%40kuru%20so%C4%9Fan%40nohut%40pul%20biber%40s%C4%B1v%C4%B1%20ya%C4%9F%40sivri%20biber%40su%40tuz%26nyt_cat%3Dpost&info=&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&rdmt=0.29247544298120487
Requested by
Host: www.nefisyemektarifleri.com
URL: https://www.nefisyemektarifleri.com/etsiz-nohut-yemegi-248941/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nefisyemektarifleri.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin
https://www.nefisyemektarifleri.com
date
Tue, 11 Jul 2023 22:51:24 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
bid
aax.amazon-adsystem.com/e/dtb/ Frame 82A3
23 B
471 B
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&pr=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&pid=rxGdoc7xTUsX8&cb=0&ws=1600x1200&v=23.612.1758&t=1200&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1455783126174-15319321728129623web_nyt_malzemeler_yani_300x250%22%2C%22s%22%3A%5B%22300x250%22%2C%22250x250%22%2C%22200x200%22%5D%2C%22sn%22%3A%22%2F21728129623%2Fweb_nyt_malzemeler_yani_300x250%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1455783126174-15318521728129623web_nyt_right_tower%22%2C%22s%22%3A%5B%22300x600%22%2C%22160x600%22%2C%22120x600%22%2C%22300x250%22%2C%22250x250%22%5D%2C%22sn%22%3A%22%2F21728129623%2Fweb_nyt_right_tower%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1455783126174-15318421728129623web_nyt_left_tower%22%2C%22s%22%3A%5B%22300x600%22%2C%22160x600%22%2C%22120x600%22%2C%22300x250%22%2C%22250x250%22%5D%2C%22sn%22%3A%22%2F21728129623%2Fweb_nyt_left_tower%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1455783126174-15318721728129623web_nyt_sidebar_300x600%22%2C%22s%22%3A%5B%22300x600%22%2C%22160x600%22%2C%22120x600%22%2C%22300x250%22%2C%22250x250%22%5D%2C%22sn%22%3A%22%2F21728129623%2Fweb_nyt_sidebar_300x600%22%7D%5D&pubid=e0a76a78-9ad1-46f2-a337-886c2e24ac91&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.159.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-159-32.muc50.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nefisyemektarifleri.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 22:51:24 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 ca623c10f2a669c8a9af30362937ebac.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
MUC50-P3
x-amz-rid
NJ03R8E974ZHVNG03X64
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.nefisyemektarifleri.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
6rI0oDBSnMWfvPmIPdaGYpkt8hnrHYY2Nb-2BSfzyBOSzd2xPoXmng==
integrator.js
adservice.google.com/adsid/ Frame 82A3
107 B
456 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.nefisyemektarifleri.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nefisyemektarifleri.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 22:51:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 82A3
78 KB
20 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=413980555089297&correlator=4133225683535135&eid=21065724&output=ldjh&gdfp_req=1&vrg=202307060101&ptt=17&impl=fif&iu_parts=21728129623%3A21696649314%2Cweb_nyt_tarif_yapilis_sonrasi&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C615x60%7C468x60%7C600x200%7C300x250%7C250x250%7C200x200&fluid=height&ifi=3&adks=3912523020&sfv=1-0-40&eri=1&cust_params=amznbid%3D0%26amznp%3D0%26category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dnefisyemektarifleri%26mt%3D1689115883758%26pager%3D1%2540site_geneli%2540nefisyemektarifleri%253Asite_geneli%26policy%3D0%26host%3Dwww.nefisyemektarifleri.com%26url%3Dtsiz%2520nohut%2520yemegi%2520248941%2520%2526vi%253D10710800%2540%26targetCtr%3D0%26pid%3Dvnetb9cf87df-44c8-4da2-82a0-503c8f3b7d9a%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26nyt%3D1%26video%3D1%26rec%3Dbakliyat-yemekleri%26rec_ing%3Ddomates%2520sal%25C3%25A7as%25C4%25B1%252Ckarabiber%252Ckuru%2520so%25C4%259Fan%252Cnohut%252Cpul%2520biber%252Cs%25C4%25B1v%25C4%25B1%2520ya%25C4%259F%252Csivri%2520biber%252Csu%252Ctuz%26nyt_cat%3Dpost&ppid=vnetb9cf87df44c84da282a0503c8f3b7d9a&sc=1&cdm=www.nefisyemektarifleri.com&abxe=1&dt=1689115884097&lmt=1689114300&dlt=1689115883272&idt=790&adxs=486&adys=3356&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=5ltzsh5fqnce&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.nefisyemektarifleri.com%2Fetsiz-nohut-yemegi-248941%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=300x0&msz=656x0&fws=388&ohw=300&ga_vid=1596421245.1689115884&ga_sid=1689115884&ga_hid=71987472&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4cdcad98da3ff05ec728754dabdeaeaf5031bb1530f8cc418c820581e97b26f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nefisyemektarifleri.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 22:51:24 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
280300
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20160
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-mediationtag-id
429223
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.nefisyemektarifleri.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1507
6 KB
3 KB
Document
General
Full URL
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nefisyemektarifleri.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 11 Jul 2023 22:51:24 GMT
expires
Wed, 10 Jul 2024 22:51:24 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
5e73154be4b0016313fa90d5
ng.virgul.com/tck/imp/ Frame 3798
0
212 B
Script
General
Full URL
https://ng.virgul.com/tck/imp/5e73154be4b0016313fa90d5?userId=vnetb9cf87df-44c8-4da2-82a0-503c8f3b7d9a&sdr=&et=&r=154248@site_geneli@nefisyemektarifleri:site_geneli&mt=1689115883758&l=&info=&t=cpc_annotation&c=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgpnyt%3D1%26video%3D1%26rec%3Dbakliyat-yemekleri%26rec_ing%3Ddomates+sal%C3%A7as%C4%B1%40karabiber%40kuru+so%C4%9Fan%40nohut%40pul+biber%40s%C4%B1v%C4%B1+ya%C4%9F%40sivri+biber%40su%40tuz%26nyt_cat%3Dpost&os=
Requested by
Host: ng2.virgul.com
URL: https://ng2.virgul.com/ic/5e73154be4b0016313fa90d5?g=1&t=cpc_annotation&r=154248@site_geneli@nefisyemektarifleri:site_geneli&l=&info=&mt=1689115883758&userId=vnetb9cf87df-44c8-4da2-82a0-503c8f3b7d9a&ext=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgpnyt%3D1%26video%3D1%26rec%3Dbakliyat-yemekleri%26rec_ing%3Ddomates+sal%C3%A7as%C4%B1%40karabiber%40kuru+so%C4%9Fan%40nohut%40pul+biber%40s%C4%B1v%C4%B1+ya%C4%9F%40sivri+biber%40su%40tuz%26nyt_cat%3Dpost
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ng2.virgul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin
https://ng2.virgul.com
date
Tue, 11 Jul 2023 22:51:24 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
5e73154be4b0016313fa90d5
ng.virgul.com/tck/imp/ Frame 23C7
0
212 B
Script
General
Full URL
https://ng.virgul.com/tck/imp/5e73154be4b0016313fa90d5?userId=vnetb9cf87df-44c8-4da2-82a0-503c8f3b7d9a&sdr=&et=&r=154248@site_geneli@nefisyemektarifleri:site_geneli&mt=1689115883758&l=&info=&t=cpc_annotation&c=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgpnyt%3D1%26video%3D1%26rec%3Dbakliyat-yemekleri%26rec_ing%3Ddomates+sal%C3%A7as%C4%B1%40karabiber%40kuru+so%C4%9Fan%40nohut%40pul+biber%40s%C4%B1v%C4%B1+ya%C4%9F%40sivri+biber%40su%40tuz%26nyt_cat%3Dpost&os=
Requested by
Host: ng2.virgul.com
URL: https://ng2.virgul.com/ic/5e73154be4b0016313fa90d5?g=1&t=cpc_annotation&r=154248@site_geneli@nefisyemektarifleri:site_geneli&l=&info=&mt=1689115883758&userId=vnetb9cf87df-44c8-4da2-82a0-503c8f3b7d9a&ext=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgpnyt%3D1%26video%3D1%26rec%3Dbakliyat-yemekleri%26rec_ing%3Ddomates+sal%C3%A7as%C4%B1%40karabiber%40kuru+so%C4%9Fan%40nohut%40pul+biber%40s%C4%B1v%C4%B1+ya%C4%9F%40sivri+biber%40su%40tuz%26nyt_cat%3Dpost
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ng2.virgul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin
https://ng2.virgul.com
date
Tue, 11 Jul 2023 22:51:24 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
NoktaNpmPlayerApi.js
c1.imgiz.com/player_others/html5/ Frame 82A3
7 KB
3 KB
Script
General
Full URL
https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=19549
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/empowerwebplayer3.js?v=20
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
0b29697868cd68cfd1b5650054cc96ea755016b3242bd26469cdbd4e4f6fc18a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nefisyemektarifleri.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 22:51:24 GMT
content-encoding
gzip
last-modified
Wed, 13 Oct 2021 11:58:21 GMT
server
openresty/1.15.8.3
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
expires
Tue, 18 Jul 2023 22:51:24 GMT
t.js
bitbeat7.com/ Frame 44A0
65 KB
18 KB
Script
General
Full URL
https://bitbeat7.com/t.js?i=spt4ntkb5q5ru2l99px&cb=3788821689115884139
Requested by
Host: ng2.virgul.com
URL: https://ng2.virgul.com/adview?a=5e73154be4b0016313fa90d5&r=154248@site_geneli@nefisyemektarifleri:site_geneli&l=&ext=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgpnyt%3D1%26video%3D1%26rec%3Dbakliyat-yemekleri%26rec_ing%3Ddomates+sal%C3%A7as%C4%B1%40karabiber%40kuru+so%C4%9Fan%40nohut%40pul+biber%40s%C4%B1v%C4%B1+ya%C4%9F%40sivri+biber%40su%40tuz%26nyt_cat%3Dpost&info=&cs=1689115883874&mt=1689115883758&userId=vnetb9cf87df-44c8-4da2-82a0-503c8f3b7d9a&vmn=5e73154be4b0016313fa90d5___154248-194842644
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.88.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-88-66.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
82ee1e40c5621a84f4cd861d9d7212c7bb94ffde5bdf1bc8cb1f4e32dff9c4e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nefisyemektarifleri.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
zOoo2_h9TaVhAd990YG88tzvCQTcR.0W
content-encoding
gzip
via
1.1 5d6d1ee413c782ab05cc32e601576462.cloudfront.net (CloudFront)
date
Tue, 11 Jul 2023 01:54:28 GMT
last-modified
Tue, 27 Jun 2023 15:35:35 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-C1
age
75417
x-amz-server-side-encryption
AES256
etag
W/"cd7dd170485b6d0fa6991dfd6c25d426"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
jD-oP-oREm80oIYGDalBPIcfwLDKs6xTqbdtFGnbgUFKe4GsEUtzSA==
t.js
bitbeat7.com/ Frame BCAD
65 KB
18 KB
Script
General
Full URL
https://bitbeat7.com/t.js?i=spt4ntkb5q5ru2l99px&cb=4355071689115884140
Requested by
Host: ng2.virgul.com
URL: https://ng2.virgul.com/adview?a=5e73154be4b0016313fa90d5&r=154248@site_geneli@nefisyemektarifleri:site_geneli&l=&ext=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgpnyt%3D1%26video%3D1%26rec%3Dbakliyat-yemekleri%26rec_ing%3Ddomates+sal%C3%A7as%C4%B1%40karabiber%40kuru+so%C4%9Fan%40nohut%40pul+biber%40s%C4%B1v%C4%B1+ya%C4%9F%40sivri+biber%40su%40tuz%26nyt_cat%3Dpost&info=&cs=1689115883874&mt=1689115883758&userId=vnetb9cf87df-44c8-4da2-82a0-503c8f3b7d9a&vmn=5e73154be4b0016313fa90d5___154248-1948426442
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.88.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-88-66.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
82ee1e40c5621a84f4cd861d9d7212c7bb94ffde5bdf1bc8cb1f4e32dff9c4e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nefisyemektarifleri.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
zOoo2_h9TaVhAd990YG88tzvCQTcR.0W
content-encoding
gzip
via
1.1 5d6d1ee413c782ab05cc32e601576462.cloudfront.net (CloudFront)
date
Tue, 11 Jul 2023 01:54:28 GMT
last-modified
Tue, 27 Jun 2023 15:35:35 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-C1
age
75417
x-amz-server-side-encryption
AES256
etag
W/"cd7dd170485b6d0fa6991dfd6c25d426"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
Ia0bgTB4WF5UMnUrqNBsydfs6A6j3i4AVdVx_4BjL1ryFoSaZjJ4Lg==
tag
feed.pghub.io/ Frame 8B39
13 B
257 B
Document
General
Full URL
https://feed.pghub.io/tag?referrer_url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&page_url=https%3A%2F%2Fwww.nefisyemektarifleri.com%2Fetsiz-nohut-yemegi-248941%2F&owner=P%26G&bp_id=noktacommedya&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js&data=%7B%22category%22%3A%22site_geneli%22%7D
Requested by
Host: pghub.io
URL: https://pghub.io/js/pandg-sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.243.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.243.102.34.bc.googleusercontent.com
Software
/
Resource Hash
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
Security Headers
Name Value
Content-Security-Policy default-src 'none';img-src https://*.pghub.io https://match.adsrvr.org
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.nefisyemektarifleri.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
access-control-max-age
300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-store
content-security-policy
default-src 'none';img-src https://*.pghub.io https://match.adsrvr.org
content-type
text/html;charset=utf-8
date
Tue, 11 Jul 2023 22:51:24 GMT
strict-transport-security
max-age=31536000
via
1.1 google
zoneview
ng.virgul.com/ Frame 82A3
0
222 B
Image
General
Full URL
https://ng.virgul.com/zoneview?c=&mt=1689115884146&v=https%3A%2F%2Fwww.nefisyemektarifleri.com%2Fetsiz-nohut-yemegi-248941%2F%26vi%3D10710800%40&r=153995@153363:nefisyemektarifleri&userId=vnetb9cf87df-44c8-4da2-82a0-503c8f3b7d9a&tp=&os=&call=&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc1,hf1,vv1,gpnyt%3D1%26video%3D1%26rec%3Dbakliyat-yemekleri%26rec_ing%3Ddomates%20sal%C3%A7as%C4%B1%40karabiber%40kuru%20so%C4%9Fan%40nohut%40pul%20biber%40s%C4%B1v%C4%B1%20ya%C4%9F%40sivri%20biber%40su%40tuz%26nyt_cat%3Dpost&info=&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&rdmt=0.31731174149594277
Requested by
Host: www.nefisyemektarifleri.com
URL: https://www.nefisyemektarifleri.com/etsiz-nohut-yemegi-248941/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nefisyemektarifleri.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin
https://www.nefisyemektarifleri.com
date
Tue, 11 Jul 2023 22:51:24 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
zoneview
ng.virgul.com/ Frame 82A3
0
222 B
Image
General
Full URL
https://ng.virgul.com/zoneview?c=&mt=1689115884147&v=https%3A%2F%2Fwww.nefisyemektarifleri.com%2Fetsiz-nohut-yemegi-248941%2F%26vi%3D10710800%40&r=155307:nefisyemektarifleri&userId=vnetb9cf87df-44c8-4da2-82a0-503c8f3b7d9a&tp=&os=&call=&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc1,hf1,vv1,gpnyt%3D1%26video%3D1%26rec%3Dbakliyat-yemekleri%26rec_ing%3Ddomates%20sal%C3%A7as%C4%B1%40karabiber%40kuru%20so%C4%9Fan%40nohut%40pul%20biber%40s%C4%B1v%C4%B1%20ya%C4%9F%40sivri%20biber%40su%40tuz%26nyt_cat%3Dpost&info=&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&rdmt=0.04360770593887886
Requested by
Host: www.nefisyemektarifleri.com
URL: https://www.nefisyemektarifleri.com/etsiz-nohut-yemegi-248941/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nefisyemektarifleri.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin
https://www.nefisyemektarifleri.com
date
Tue, 11 Jul 2023 22:51:24 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
zoneview
ng.virgul.com/ Frame 82A3
0
222 B
Image
General
Full URL
https://ng.virgul.com/zoneview?c=&mt=1689115884151&v=https%3A%2F%2Fwww.nefisyemektarifleri.com%2Fetsiz-nohut-yemegi-248941%2F%26vi%3D10710800%40&r=153218:nefisyemektarifleri&userId=vnetb9cf87df-44c8-4da2-82a0-503c8f3b7d9a&tp=&os=&call=&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc1,hf1,vv1,gpnyt%3D1%26video%3D1%26rec%3Dbakliyat-yemekleri%26rec_ing%3Ddomates%20sal%C3%A7as%C4%B1%40karabiber%40kuru%20so%C4%9Fan%40nohut%40pul%20biber%40s%C4%B1v%C4%B1%20ya%C4%9F%40sivri%20biber%40su%40tuz%26nyt_cat%3Dpost&info=&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&rdmt=0.409754300008083
Requested by
Host: www.nefisyemektarifleri.com
URL: https://www.nefisyemektarifleri.com/etsiz-nohut-yemegi-248941/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nefisyemektarifleri.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin
https://www.nefisyemektarifleri.com
date
Tue, 11 Jul 2023 22:51:24 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
zoneview
ng.virgul.com/ Frame 82A3
0
222 B
Image
General
Full URL
https://ng.virgul.com/zoneview?c=&mt=1689115884152&v=https%3A%2F%2Fwww.nefisyemektarifleri.com%2Fetsiz-nohut-yemegi-248941%2F%26vi%3D10710800%40&r=153260:nefisyemektarifleri&userId=vnetb9cf87df-44c8-4da2-82a0-503c8f3b7d9a&tp=&os=&call=&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc1,hf1,vv1,gpnyt%3D1%26video%3D1%26rec%3Dbakliyat-yemekleri%26rec_ing%3Ddomates%20sal%C3%A7as%C4%B1%40karabiber%40kuru%20so%C4%9Fan%40nohut%40pul%20biber%40s%C4%B1v%C4%B1%20ya%C4%9F%40sivri%20biber%40su%40tuz%26nyt_cat%3Dpost&info=&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&rdmt=0.436601048352375
Requested by
Host: www.nefisyemektarifleri.com
URL: https://www.nefisyemektarifleri.com/etsiz-nohut-yemegi-248941/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nefisyemektarifleri.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin
https://www.nefisyemektarifleri.com
date
Tue, 11 Jul 2023 22:51:24 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
ads
googleads.g.doubleclick.net/pagead/ Frame F50D
603 B
218 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3279755397&plat=1%3A512%2C2%3A512%2C3%3A512%2C4%3A512%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1081856%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689115883954&bpp=4&bdt=683&idt=219&shv=r20230710&mjsv=m202306290101&ptt=9&saldr=aa&nras=1&correlator=3311523031480&frm=24&ife=1&pv=2&ga_vid=1596421245.1689115884&ga_sid=1689115884&ga_hid=71987472&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1843544316&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759875%2C44759926%2C31075758%2C31075881%2C44788442%2C21065724&oid=2&pvsid=413980555089297&tmod=845280809&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.i0yur3un8s5j&fsb=1&dtd=232
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=www.nefisyemektarifleri.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nefisyemektarifleri.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 11 Jul 2023 22:51:24 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame E183
129 KB
40 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=280&slotname=6444949229&adk=4082077109&adf=3927512983&pi=t.ma~as.6444949229&w=970&fwrn=16&fwrnh=100&lmt=1689114300&rafmt=1&format=970x280&url=https%3A%2F%2Fwww.nefisyemektarifleri.com%2Fetsiz-nohut-yemegi-248941%2F&fwr=0&fwrattr=true&rw=970&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689115884002&bpp=2&bdt=731&idt=187&shv=r20230710&mjsv=m202306290101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3311523031480&frm=22&ife=1&pv=1&ga_vid=1596421245.1689115884&ga_sid=1689115884&ga_hid=71987472&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1843544316&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759875%2C44759926%2C31075758%2C31075881%2C44788442%2C21065724&oid=2&pvsid=413980555089297&tmod=845280809&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=2.1oxg8e5xb3ne&fsb=1&xpc=Ioj73wlDL6&p=https%3A//www.nefisyemektarifleri.com&dtd=193
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=www.nefisyemektarifleri.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c37e721a803d1e37439533716bd2ae47c0369fe38a511b0eff753fcbd11ed973
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nefisyemektarifleri.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
41078
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 11 Jul 2023 22:51:24 GMT
expires
Tue, 11 Jul 2023 22:51:24 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.facebook.com/tr/ Frame 663A
0
81 B
Document
General
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.nefisyemektarifleri.com
URL: https://www.nefisyemektarifleri.com/etsiz-nohut-yemegi-248941/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.nefisyemektarifleri.com
Referer
https://www.nefisyemektarifleri.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.nefisyemektarifleri.com
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Tue, 11 Jul 2023 22:51:24 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
integrator.js
adservice.google.com/adsid/ Frame 82A3
107 B
165 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.nefisyemektarifleri.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nefisyemektarifleri.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 22:51:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 82A3
24 KB
11 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=413980555089297&correlator=4454954471745868&eid=21065724&output=ldjh&gdfp_req=1&vrg=202307060101&ptt=17&impl=fif&iu_parts=21728129623%3A21696649314%2Cweb_nyt_right_tower&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C160x600%7C120x600%7C120x240&fluid=height&ifi=4&adks=1855900369&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dnefisyemektarifleri%26mt%3D1689115883758%26pager%3D1%2540site_geneli%2540nefisyemektarifleri%253Asite_geneli%26policy%3D0%26host%3Dwww.nefisyemektarifleri.com%26url%3Dtsiz%2520nohut%2520yemegi%2520248941%2520%2526vi%253D10710800%2540%26targetCtr%3D0%26pid%3Dvnetb9cf87df-44c8-4da2-82a0-503c8f3b7d9a%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26nyt%3D1%26video%3D1%26rec%3Dbakliyat-yemekleri%26rec_ing%3Ddomates%2520sal%25C3%25A7as%25C4%25B1%252Ckarabiber%252Ckuru%2520so%25C4%259Fan%252Cnohut%252Cpul%2520biber%252Cs%25C4%25B1v%25C4%25B1%2520ya%25C4%259F%252Csivri%2520biber%252Csu%252Ctuz%26nyt_cat%3Dpost&ppid=vnetb9cf87df44c84da282a0503c8f3b7d9a&sc=1&cdm=www.nefisyemektarifleri.com&abxe=1&dt=1689115884343&lmt=1689114300&dlt=1689115883272&idt=790&adxs=1300&adys=159&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=6tidph4w74on&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.nefisyemektarifleri.com%2Fetsiz-nohut-yemegi-248941%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=0x-1&msz=0x-1&fws=900&ohw=1600&ga_vid=1596421245.1689115884&ga_sid=1689115884&ga_hid=71987472&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a774d6d69744d8d30c9c2e5139e5bc2dc55ebe47d5adc0c2a77d9ddebaae6370
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nefisyemektarifleri.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 22:51:24 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11486
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.nefisyemektarifleri.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 82A3
41 KB
16 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=413980555089297&correlator=3407643620975903&eid=21065724&output=ldjh&gdfp_req=1&vrg=202307060101&ptt=17&impl=fif&iu_parts=21728129623%3A21696649314%2Cweb_nyt_tarif_gorsel_en_alt_610x280&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C320x180%7C320x250%7C468x60%7C336x280%7C468x280%7C600x200%7C640x205%7C300x100%7C320x100&fluid=height&ifi=5&adks=3546791932&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dnefisyemektarifleri%26mt%3D1689115883758%26pager%3D1%2540site_geneli%2540nefisyemektarifleri%253Asite_geneli%26policy%3D0%26host%3Dwww.nefisyemektarifleri.com%26url%3Dtsiz%2520nohut%2520yemegi%2520248941%2520%2526vi%253D10710800%2540%26targetCtr%3D0%26pid%3Dvnetb9cf87df-44c8-4da2-82a0-503c8f3b7d9a%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26nyt%3D1%26video%3D1%26rec%3Dbakliyat-yemekleri%26rec_ing%3Ddomates%2520sal%25C3%25A7as%25C4%25B1%252Ckarabiber%252Ckuru%2520so%25C4%259Fan%252Cnohut%252Cpul%2520biber%252Cs%25C4%25B1v%25C4%25B1%2520ya%25C4%259F%252Csivri%2520biber%252Csu%252Ctuz%26nyt_cat%3Dpost&ppid=vnetb9cf87df44c84da282a0503c8f3b7d9a&sc=1&cdm=www.nefisyemektarifleri.com&abxe=1&dt=1689115884348&lmt=1689114300&dlt=1689115883272&idt=790&adxs=486&adys=6433&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=p9js4qrcka5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.nefisyemektarifleri.com%2Fetsiz-nohut-yemegi-248941%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=621x0&msz=656x0&fws=388&ohw=641&ga_vid=1596421245.1689115884&ga_sid=1689115884&ga_hid=71987472&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0d6a32dfb02fde613154a6937354aced12a0180e4c1fe6dec9e2cf4073b723bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nefisyemektarifleri.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 22:51:24 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16784
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.nefisyemektarifleri.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 82A3
117 KB
43 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=413980555089297&correlator=2157581263268285&eid=21065724&output=ldjh&gdfp_req=1&vrg=202307060101&ptt=17&impl=fif&iu_parts=21728129623%3A21696649314%2Cweb_nyt_malzemeler_yani_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C250x250%7C200x200%7C160x160%7C300x100&fluid=height&ifi=6&adks=1562665157&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dnefisyemektarifleri%26mt%3D1689115883758%26pager%3D1%2540site_geneli%2540nefisyemektarifleri%253Asite_geneli%26policy%3D0%26host%3Dwww.nefisyemektarifleri.com%26url%3Dtsiz%2520nohut%2520yemegi%2520248941%2520%2526vi%253D10710800%2540%26targetCtr%3D0%26pid%3Dvnetb9cf87df-44c8-4da2-82a0-503c8f3b7d9a%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26nyt%3D1%26video%3D1%26rec%3Dbakliyat-yemekleri%26rec_ing%3Ddomates%2520sal%25C3%25A7as%25C4%25B1%252Ckarabiber%252Ckuru%2520so%25C4%259Fan%252Cnohut%252Cpul%2520biber%252Cs%25C4%25B1v%25C4%25B1%2520ya%25C4%259F%252Csivri%2520biber%252Csu%252Ctuz%26nyt_cat%3Dpost&ppid=vnetb9cf87df44c84da282a0503c8f3b7d9a&sc=1&cdm=www.nefisyemektarifleri.com&abxe=1&dt=1689115884352&lmt=1689114300&dlt=1689115883272&idt=790&adxs=643&adys=2019&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=l1wo82je1q0j&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.nefisyemektarifleri.com%2Fetsiz-nohut-yemegi-248941%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=300x-1&msz=308x-1&fws=388&ohw=300&ga_vid=1596421245.1689115884&ga_sid=1689115884&ga_hid=71987472&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3f2a26d864ec17d1dddb16b99a884abfb77c315ee0c49522de958b06c0c3ee6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nefisyemektarifleri.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 22:51:24 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43883
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.nefisyemektarifleri.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 82A3
24 KB
11 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=413980555089297&correlator=1621145017530989&eid=21065724&output=ldjh&gdfp_req=1&vrg=202307060101&ptt=17&impl=fif&iu_parts=21728129623%3A21696649314%2Cweb_nyt_left_tower&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C160x600%7C120x600%7C120x240&fluid=height&ifi=7&adks=4169634498&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dnefisyemektarifleri%26mt%3D1689115883758%26pager%3D1%2540site_geneli%2540nefisyemektarifleri%253Asite_geneli%26policy%3D0%26host%3Dwww.nefisyemektarifleri.com%26url%3Dtsiz%2520nohut%2520yemegi%2520248941%2520%2526vi%253D10710800%2540%26targetCtr%3D0%26pid%3Dvnetb9cf87df-44c8-4da2-82a0-503c8f3b7d9a%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26nyt%3D1%26video%3D1%26rec%3Dbakliyat-yemekleri%26rec_ing%3Ddomates%2520sal%25C3%25A7as%25C4%25B1%252Ckarabiber%252Ckuru%2520so%25C4%259Fan%252Cnohut%252Cpul%2520biber%252Cs%25C4%25B1v%25C4%25B1%2520ya%25C4%259F%252Csivri%2520biber%252Csu%252Ctuz%26nyt_cat%3Dpost&ppid=vnetb9cf87df44c84da282a0503c8f3b7d9a&sc=1&cdm=www.nefisyemektarifleri.com&abxe=1&dt=1689115884355&lmt=1689114300&dlt=1689115883272&idt=790&adxs=140&adys=159&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=h6eqy1lnnghb&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.nefisyemektarifleri.com%2Fetsiz-nohut-yemegi-248941%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=0x-1&msz=0x-1&fws=900&ohw=1600&ga_vid=1596421245.1689115884&ga_sid=1689115884&ga_hid=71987472&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1f8d3780b783aec3093ff0950023e2f3da6ba5ff68297dd00b9c9ff0bdcdbda7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nefisyemektarifleri.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 22:51:24 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11320
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.nefisyemektarifleri.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 82A3
117 KB
43 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=413980555089297&correlator=3758243459657854&eid=21065724&output=ldjh&gdfp_req=1&vrg=202307060101&ptt=17&impl=fif&iu_parts=21728129623%3A21696649314%2Cweb_nyt_sidebar_300x600&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x600%7C160x600%7C120x600%7C300x250&fluid=height&ifi=8&adks=1631017644&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dnefisyemektarifleri%26mt%3D1689115883758%26pager%3D1%2540site_geneli%2540nefisyemektarifleri%253Asite_geneli%26policy%3D0%26host%3Dwww.nefisyemektarifleri.com%26url%3Dtsiz%2520nohut%2520yemegi%2520248941%2520%2526vi%253D10710800%2540%26targetCtr%3D0%26pid%3Dvnetb9cf87df-44c8-4da2-82a0-503c8f3b7d9a%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26nyt%3D1%26video%3D1%26rec%3Dbakliyat-yemekleri%26rec_ing%3Ddomates%2520sal%25C3%25A7as%25C4%25B1%252Ckarabiber%252Ckuru%2520so%25C4%259Fan%252Cnohut%252Cpul%2520biber%252Cs%25C4%25B1v%25C4%25B1%2520ya%25C4%259F%252Csivri%2520biber%252Csu%252Ctuz%26nyt_cat%3Dpost&ppid=vnetb9cf87df44c84da282a0503c8f3b7d9a&sc=1&cdm=www.nefisyemektarifleri.com&abxe=1&dt=1689115884358&lmt=1689114300&dlt=1689115883272&idt=790&adxs=972&adys=1466&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=ckndwzz8mr27&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.nefisyemektarifleri.com%2Fetsiz-nohut-yemegi-248941%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=300x600&msz=328x0&fws=388&ohw=300&ga_vid=1596421245.1689115884&ga_sid=1689115884&ga_hid=71987472&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f91e084516b5705858547aee3a7d3659a15c5af7fe56cb0c604d96838b4de112
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nefisyemektarifleri.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 22:51:24 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43688
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.nefisyemektarifleri.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
unfriendly.gif
bitbeat7.com/p/ Frame BCAD
0
357 B
Image
General
Full URL
https://bitbeat7.com/p/unfriendly.gif?i=spt4ntkb5q5ru2l99px
Requested by
Host: www.nefisyemektarifleri.com
URL: https://www.nefisyemektarifleri.com/etsiz-nohut-yemegi-248941/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.88.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-88-66.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nefisyemektarifleri.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 00:13:06 GMT
x-amz-version-id
EE9hgHBeXFHY2gb85mUsL1p1qwyR4gS_
via
1.1 5d6d1ee413c782ab05cc32e601576462.cloudfront.net (CloudFront)
last-modified
Mon, 14 Feb 2022 17:22:36 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-C1
age
81499
etag
"d41d8cd98f00b204e9800998ecf8427e"
vary
Origin
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
0
x-amz-cf-id
gJn7KPu3FZqjmxnT5pll4f1quFXB5mI2Gp863uH2_aaqB-hKnIvFCg==
300x18.png
placehold.jp/24/cccccc/000000/ Frame BCAD
2 KB
2 KB
Image
General
Full URL
https://placehold.jp/24/cccccc/000000/300x18.png
Requested by
Host: www.nefisyemektarifleri.com
URL: https://www.nefisyemektarifleri.com/etsiz-nohut-yemegi-248941/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
160.16.238.49 Tokyo, Japan, ASN9370 (SAKURA-B SAKURA Internet Inc., JP),
Reverse DNS
tk2-261-40045.vs.sakura.ne.jp
Software
Apache /
Resource Hash
7876391f25f26ccf3297d78d34a1922dcc16c54fcaa51e8622e90bbc6fc96e80

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nefisyemektarifleri.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 22:51:25 GMT
cache-control
max-age=31536000, public
last-modified
Wed, 01 Jan 2020 00:00:00 GMT
server
Apache
age
101398
content-length
1772
content-type
image/png
unfriendly.gif
bitbeat7.com/p/ Frame 44A0
0
358 B
Image
General
Full URL
https://bitbeat7.com/p/unfriendly.gif?i=spt4ntkb5q5ru2l99px
Requested by
Host: bitbeat7.com
URL: https://bitbeat7.com/t.js?i=spt4ntkb5q5ru2l99px&cb=3788821689115884139
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.88.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-88-66.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nefisyemektarifleri.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 00:13:06 GMT
x-amz-version-id
EE9hgHBeXFHY2gb85mUsL1p1qwyR4gS_
via
1.1 5d6d1ee413c782ab05cc32e601576462.cloudfront.net (CloudFront)
last-modified
Mon, 14 Feb 2022 17:22:36 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-C1
age
81499
etag
"d41d8cd98f00b204e9800998ecf8427e"
vary
Origin
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
0
x-amz-cf-id
IDDMJzZ1TOjTwU5RKyepU6bXngAUiTbUroXCTgiLpj_tzAPNqnyKYQ==
300x18.png
placehold.jp/24/cccccc/000000/ Frame 44A0
2 KB
2 KB
Image
General
Full URL
https://placehold.jp/24/cccccc/000000/300x18.png
Requested by
Host: bitbeat7.com
URL: https://bitbeat7.com/t.js?i=spt4ntkb5q5ru2l99px&cb=3788821689115884139
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
160.16.238.49 Tokyo, Japan, ASN9370 (SAKURA-B SAKURA Internet Inc., JP),
Reverse DNS
tk2-261-40045.vs.sakura.ne.jp
Software
Apache /
Resource Hash
7876391f25f26ccf3297d78d34a1922dcc16c54fcaa51e8622e90bbc6fc96e80

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nefisyemektarifleri.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 22:51:25 GMT
cache-control
max-age=31536000, public
last-modified
Wed, 01 Jan 2020 00:00:00 GMT
server
Apache
age
101398
content-length
1772
content-type
image/png
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 82A3
345 KB
119 KB
Script
General
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=19549
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cbcb528af7c43cf9a3bad6ba2c2539e89722848b62ea05d11be29ea1949eafd5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nefisyemektarifleri.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 22:51:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
121723
x-xss-protection
0
expires
Tue, 11 Jul 2023 22:51:24 GMT
NoktaPlayer.js
c1.imgiz.com/player_others/html5/ Frame 82A3
398 KB
128 KB
Script
General
Full URL
https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=7/11/2023
Requested by
Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=19549
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
bea17c8870ba8dae9515993b5c55b65437f03f0e2672e1c3d3dbe7872dd74e5c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nefisyemektarifleri.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 22:51:24 GMT
content-encoding
gzip
last-modified
Mon, 29 May 2023 18:51:56 GMT
server
openresty/1.15.8.3
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
expires
Tue, 18 Jul 2023 22:51:24 GMT
css
fonts.googleapis.com/ Frame E183
2 KB
975 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=280&slotname=6444949229&adk=4082077109&adf=3927512983&pi=t.ma~as.6444949229&w=970&fwrn=16&fwrnh=100&lmt=1689114300&rafmt=1&format=970x280&url=https%3A%2F%2Fwww.nefisyemektarifleri.com%2Fetsiz-nohut-yemegi-248941%2F&fwr=0&fwrattr=true&rw=970&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689115884002&bpp=2&bdt=731&idt=187&shv=r20230710&mjsv=m202306290101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3311523031480&frm=22&ife=1&pv=1&ga_vid=1596421245.1689115884&ga_sid=1689115884&ga_hid=71987472&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1843544316&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759875%2C44759926%2C31075758%2C31075881%2C44788442%2C21065724&oid=2&pvsid=413980555089297&tmod=845280809&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=2.1oxg8e5xb3ne&fsb=1&xpc=Ioj73wlDL6&p=https%3A//www.nefisyemektarifleri.com&dtd=193
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c4f393315ffc75417c9c350e709bbcca2d2e9d5640fa0925b32088ff1ed6c84f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 11 Jul 2023 22:51:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 11 Jul 2023 22:24:08 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 11 Jul 2023 22:51:24 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230710/r20110914/client/ Frame E183
2 KB
945 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230710/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=280&slotname=6444949229&adk=4082077109&adf=3927512983&pi=t.ma~as.6444949229&w=970&fwrn=16&fwrnh=100&lmt=1689114300&rafmt=1&format=970x280&url=https%3A%2F%2Fwww.nefisyemektarifleri.com%2Fetsiz-nohut-yemegi-248941%2F&fwr=0&fwrattr=true&rw=970&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689115884002&bpp=2&bdt=731&idt=187&shv=r20230710&mjsv=m202306290101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3311523031480&frm=22&ife=1&pv=1&ga_vid=1596421245.1689115884&ga_sid=1689115884&ga_hid=71987472&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1843544316&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759875%2C44759926%2C31075758%2C31075881%2C44788442%2C21065724&oid=2&pvsid=413980555089297&tmod=845280809&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=2.1oxg8e5xb3ne&fsb=1&xpc=Ioj73wlDL6&p=https%3A//www.nefisyemektarifleri.com&dtd=193
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 19:59:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
10330
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
865
x-xss-protection
0
server
cafe
etag
5051423035144352294
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 25 Jul 2023 19:59:14 GMT
shopping
encrypted-tbn1.gstatic.com/ Frame E183
19 KB
19 KB
Image
General
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRPQcxOzclBTlqbqehd7FK6DLfADIZJ9oIpB0ss22UOyRCuDyG2YOoSNsSZyw&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=280&slotname=6444949229&adk=4082077109&adf=3927512983&pi=t.ma~as.6444949229&w=970&fwrn=16&fwrnh=100&lmt=1689114300&rafmt=1&format=970x280&url=https%3A%2F%2Fwww.nefisyemektarifleri.com%2Fetsiz-nohut-yemegi-248941%2F&fwr=0&fwrattr=true&rw=970&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689115884002&bpp=2&bdt=731&idt=187&shv=r20230710&mjsv=m202306290101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3311523031480&frm=22&ife=1&pv=1&ga_vid=1596421245.1689115884&ga_sid=1689115884&ga_hid=71987472&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1843544316&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759875%2C44759926%2C31075758%2C31075881%2C44788442%2C21065724&oid=2&pvsid=413980555089297&tmod=845280809&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=2.1oxg8e5xb3ne&fsb=1&xpc=Ioj73wlDL6&p=https%3A//www.nefisyemektarifleri.com&dtd=193
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aeac4ebed11cf054b58fc877bbde0d561e61c2cc80f7ed01df60fa884c0dd13d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 08 Jul 2023 22:31:39 GMT
x-content-type-options
nosniff
age
260385
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19577
x-xss-protection
0
last-modified
Tue, 24 Aug 2021 09:00:42 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sun, 07 Jul 2024 22:31:39 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame E183
94 KB
95 KB
Image
General
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcSXgHl-vAHob9pe0coHqCgnRULJ1kkzjZwxS73uw1SgUXZi9o80tjqVWSI2t4E&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=280&slotname=6444949229&adk=4082077109&adf=3927512983&pi=t.ma~as.6444949229&w=970&fwrn=16&fwrnh=100&lmt=1689114300&rafmt=1&format=970x280&url=https%3A%2F%2Fwww.nefisyemektarifleri.com%2Fetsiz-nohut-yemegi-248941%2F&fwr=0&fwrattr=true&rw=970&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689115884002&bpp=2&bdt=731&idt=187&shv=r20230710&mjsv=m202306290101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3311523031480&frm=22&ife=1&pv=1&ga_vid=1596421245.1689115884&ga_sid=1689115884&ga_hid=71987472&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1843544316&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759875%2C44759926%2C31075758%2C31075881%2C44788442%2C21065724&oid=2&pvsid=413980555089297&tmod=845280809&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=2.1oxg8e5xb3ne&fsb=1&xpc=Ioj73wlDL6&p=https%3A//www.nefisyemektarifleri.com&dtd=193
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec71b67d2791201d5d8b71b62df5b5d299636fe9d721a818d4712139dd19d63b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 08 Jul 2023 19:48:27 GMT
x-content-type-options
nosniff
age
270177
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
96725
x-xss-protection
0
last-modified
Wed, 06 Apr 2022 02:29:24 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sun, 07 Jul 2024 19:48:27 GMT
shopping
encrypted-tbn1.gstatic.com/ Frame E183
34 KB
34 KB
Image
General
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQn494gDplYbNi95p87mg-YL9PAzYhYfLd9oVEZxF3EDpQA8mD-8zIR7k8vPg&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=280&slotname=6444949229&adk=4082077109&adf=3927512983&pi=t.ma~as.6444949229&w=970&fwrn=16&fwrnh=100&lmt=1689114300&rafmt=1&format=970x280&url=https%3A%2F%2Fwww.nefisyemektarifleri.com%2Fetsiz-nohut-yemegi-248941%2F&fwr=0&fwrattr=true&rw=970&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689115884002&bpp=2&bdt=731&idt=187&shv=r20230710&mjsv=m202306290101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3311523031480&frm=22&ife=1&pv=1&ga_vid=1596421245.1689115884&ga_sid=1689115884&ga_hid=71987472&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1843544316&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759875%2C44759926%2C31075758%2C31075881%2C44788442%2C21065724&oid=2&pvsid=413980555089297&tmod=845280809&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=2.1oxg8e5xb3ne&fsb=1&xpc=Ioj73wlDL6&p=https%3A//www.nefisyemektarifleri.com&dtd=193
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fed4ec348a9d1021f19419fe3ffee35e4aaca192ba7cb78571f5222265f0437d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 06 Jul 2023 01:52:01 GMT
x-content-type-options
nosniff
age
507563
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34570
x-xss-protection
0
last-modified
Thu, 19 Jan 2023 06:12:39 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Fri, 05 Jul 2024 01:52:01 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame E183
18 KB
19 KB
Image
General
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcReYNG10ow02M1OAxvdK25quwrvHBV6pF-W8lZ5bWP3wNnY7SfygRo-zF3IyA&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=280&slotname=6444949229&adk=4082077109&adf=3927512983&pi=t.ma~as.6444949229&w=970&fwrn=16&fwrnh=100&lmt=1689114300&rafmt=1&format=970x280&url=https%3A%2F%2Fwww.nefisyemektarifleri.com%2Fetsiz-nohut-yemegi-248941%2F&fwr=0&fwrattr=true&rw=970&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689115884002&bpp=2&bdt=731&idt=187&shv=r20230710&mjsv=m202306290101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3311523031480&frm=22&ife=1&pv=1&ga_vid=1596421245.1689115884&ga_sid=1689115884&ga_hid=71987472&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1843544316&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759875%2C44759926%2C31075758%2C31075881%2C44788442%2C21065724&oid=2&pvsid=413980555089297&tmod=845280809&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=2.1oxg8e5xb3ne&fsb=1&xpc=Ioj73wlDL6&p=https%3A//www.nefisyemektarifleri.com&dtd=193
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d22d46c8634370ea3db9cef192614da0f698628dd8625fda01ee205d74c2cddb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 07 Jul 2023 15:17:37 GMT
x-content-type-options
nosniff
age
372827
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18880
x-xss-protection
0
last-modified
Wed, 04 Aug 2021 01:55:22 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sat, 06 Jul 2024 15:17:37 GMT
12902815231273958923
tpc.googlesyndication.com/simgad/ Frame E183
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODKz-eDfhCwCRiwCTIIjV9upJawnso
  • https://tpc.googlesyndication.com/simgad/12902815231273958923
60 KB
60 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/12902815231273958923
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=280&slotname=6444949229&adk=4082077109&adf=3927512983&pi=t.ma~as.6444949229&w=970&fwrn=16&fwrnh=100&lmt=1689114300&rafmt=1&format=970x280&url=https%3A%2F%2Fwww.nefisyemektarifleri.com%2Fetsiz-nohut-yemegi-248941%2F&fwr=0&fwrattr=true&rw=970&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689115884002&bpp=2&bdt=731&idt=187&shv=r20230710&mjsv=m202306290101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3311523031480&frm=22&ife=1&pv=1&ga_vid=1596421245.1689115884&ga_sid=1689115884&ga_hid=71987472&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1843544316&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759875%2C44759926%2C31075758%2C31075881%2C44788442%2C21065724&oid=2&pvsid=413980555089297&tmod=845280809&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=2.1oxg8e5xb3ne&fsb=1&xpc=Ioj73wlDL6&p=https%3A//www.nefisyemektarifleri.com&dtd=193
Protocol
H2
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7031af00729209abd53f8e19a20c8b5970439a80d48990de31c8685ffe564fbd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 08 Jul 2023 21:28:39 GMT
x-content-type-options
nosniff
age
264165
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61527
x-xss-protection
0
last-modified
Wed, 08 Mar 2023 15:49:44 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 07 Jul 2024 21:28:39 GMT

Redirect headers

date
Tue, 11 Jul 2023 12:27:55 GMT
x-content-type-options
nosniff
server
cafe
age
37409
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/12902815231273958923
content-type
text/html; charset=UTF-8
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 10 Aug 2023 12:27:55 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230710/r20110914/ Frame E183
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230710/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=280&slotname=6444949229&adk=4082077109&adf=3927512983&pi=t.ma~as.6444949229&w=970&fwrn=16&fwrnh=100&lmt=1689114300&rafmt=1&format=970x280&url=https%3A%2F%2Fwww.nefisyemektarifleri.com%2Fetsiz-nohut-yemegi-248941%2F&fwr=0&fwrattr=true&rw=970&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689115884002&bpp=2&bdt=731&idt=187&shv=r20230710&mjsv=m202306290101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3311523031480&frm=22&ife=1&pv=1&ga_vid=1596421245.1689115884&ga_sid=1689115884&ga_hid=71987472&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1843544316&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759875%2C44759926%2C31075758%2C31075881%2C44788442%2C21065724&oid=2&pvsid=413980555089297&tmod=845280809&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=2.1oxg8e5xb3ne&fsb=1&xpc=Ioj73wlDL6&p=https%3A//www.nefisyemektarifleri.com&dtd=193
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 19:59:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
10330
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9104
x-xss-protection
0
server
cafe
etag
12939045362079141464
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 25 Jul 2023 19:59:14 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230710/r20110914/client/ Frame E183
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230710/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=280&slotname=6444949229&adk=4082077109&adf=3927512983&pi=t.ma~as.6444949229&w=970&fwrn=16&fwrnh=100&lmt=1689114300&rafmt=1&format=970x280&url=https%3A%2F%2Fwww.nefisyemektarifleri.com%2Fetsiz-nohut-yemegi-248941%2F&fwr=0&fwrattr=true&rw=970&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689115884002&bpp=2&bdt=731&idt=187&shv=r20230710&mjsv=m202306290101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3311523031480&frm=22&ife=1&pv=1&ga_vid=1596421245.1689115884&ga_sid=1689115884&ga_hid=71987472&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1843544316&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759875%2C44759926%2C31075758%2C31075881%2C44788442%2C21065724&oid=2&pvsid=413980555089297&tmod=845280809&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=2.1oxg8e5xb3ne&fsb=1&xpc=Ioj73wlDL6&p=https%3A//www.nefisyemektarifleri.com&dtd=193
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 19:59:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
10330
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 25 Jul 2023 19:59:14 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230710/r20110914/client/ Frame E183
20 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230710/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=280&slotname=6444949229&adk=4082077109&adf=3927512983&pi=t.ma~as.6444949229&w=970&fwrn=16&fwrnh=100&lmt=1689114300&rafmt=1&format=970x280&url=https%3A%2F%2Fwww.nefisyemektarifleri.com%2Fetsiz-nohut-yemegi-248941%2F&fwr=0&fwrattr=true&rw=970&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689115884002&bpp=2&bdt=731&idt=187&shv=r20230710&mjsv=m202306290101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3311523031480&frm=22&ife=1&pv=1&ga_vid=1596421245.1689115884&ga_sid=1689115884&ga_hid=71987472&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1843544316&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759875%2C44759926%2C31075758%2C31075881%2C44788442%2C21065724&oid=2&pvsid=413980555089297&tmod=845280809&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=2.1oxg8e5xb3ne&fsb=1&xpc=Ioj73wlDL6&p=https%3A//www.nefisyemektarifleri.com&dtd=193
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 19:59:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
10330
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8314
x-xss-protection
0
server
cafe
etag
15120507268597061312
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 25 Jul 2023 19:59:14 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E183
179 KB
57 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=280&slotname=6444949229&adk=4082077109&adf=3927512983&pi=t.ma~as.6444949229&w=970&fwrn=16&fwrnh=100&lmt=1689114300&rafmt=1&format=970x280&url=https%3A%2F%2Fwww.nefisyemektarifleri.com%2Fetsiz-nohut-yemegi-248941%2F&fwr=0&fwrattr=true&rw=970&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689115884002&bpp=2&bdt=731&idt=187&shv=r20230710&mjsv=m202306290101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3311523031480&frm=22&ife=1&pv=1&ga_vid=1596421245.1689115884&ga_sid=1689115884&ga_hid=71987472&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1843544316&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759875%2C44759926%2C31075758%2C31075881%2C44788442%2C21065724&oid=2&pvsid=413980555089297&tmod=845280809&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=2.1oxg8e5xb3ne&fsb=1&xpc=Ioj73wlDL6&p=https%3A//www.nefisyemektarifleri.com&dtd=193
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
79cbf9d3dc9d8df1616dd585c95022e1104e8b2700974ba07a9c1a26187bf3e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 22:51:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57331
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1688990556196721"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 11 Jul 2023 22:51:24 GMT
2a76cf1338a212cd33ad52adb05195b7.js
www.gstatic.com/mysidia/ Frame E183
33 KB
14 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/2a76cf1338a212cd33ad52adb05195b7.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=280&slotname=6444949229&adk=4082077109&adf=3927512983&pi=t.ma~as.6444949229&w=970&fwrn=16&fwrnh=100&lmt=1689114300&rafmt=1&format=970x280&url=https%3A%2F%2Fwww.nefisyemektarifleri.com%2Fetsiz-nohut-yemegi-248941%2F&fwr=0&fwrattr=true&rw=970&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689115884002&bpp=2&bdt=731&idt=187&shv=r20230710&mjsv=m202306290101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3311523031480&frm=22&ife=1&pv=1&ga_vid=1596421245.1689115884&ga_sid=1689115884&ga_hid=71987472&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1843544316&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759875%2C44759926%2C31075758%2C31075881%2C44788442%2C21065724&oid=2&pvsid=413980555089297&tmod=845280809&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=2.1oxg8e5xb3ne&fsb=1&xpc=Ioj73wlDL6&p=https%3A//www.nefisyemektarifleri.com&dtd=193
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3ac22a80a1517c4b3751f554c5ea17e9906473d3fff568baa668e37588ba753d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 06 Jul 2023 22:59:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
431509
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14183
x-xss-protection
0
last-modified
Thu, 06 Jul 2023 22:47:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 04 Oct 2023 22:59:35 GMT
container.html
2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C278
6 KB
3 KB
Document
General
Full URL
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nefisyemektarifleri.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 11 Jul 2023 22:51:24 GMT
expires
Wed, 10 Jul 2024 22:51:24 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame AA0E
6 KB
3 KB
Document
General
Full URL
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nefisyemektarifleri.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 11 Jul 2023 22:51:24 GMT
expires
Wed, 10 Jul 2024 22:51:24 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 09D2
6 KB
3 KB
Document
General
Full URL
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nefisyemektarifleri.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 11 Jul 2023 22:51:24 GMT
expires
Wed, 10 Jul 2024 22:51:24 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 63EC
6 KB
3 KB
Document
General
Full URL
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nefisyemektarifleri.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 11 Jul 2023 22:51:24 GMT
expires
Wed, 10 Jul 2024 22:51:24 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css
fonts.googleapis.com/ Frame C278
8 KB
823 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
URL: https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 11 Jul 2023 22:51:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 11 Jul 2023 21:52:11 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 11 Jul 2023 22:51:24 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/ Frame C278
15 KB
3 KB
Stylesheet
General
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.css
Requested by
Host: 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
URL: https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d4095ea226f3f80d6d4fc62e3737dd5107fd9d4aa4a443cac11378b102f64b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 07 Jul 2023 18:51:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
359975
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2883
x-xss-protection
0
last-modified
Wed, 17 May 2023 00:43:28 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 06 Jul 2024 18:51:49 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/ Frame C278
371 KB
127 KB
Script
General
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Requested by
Host: 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
URL: https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
464be521d749b2ba1c7e8c1f87223b56a03ee0bd05484baa0e9067ce9eb9d2be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 06 Jul 2023 10:39:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
475938
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
130330
x-xss-protection
0
last-modified
Wed, 17 May 2023 00:43:28 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 05 Jul 2024 10:39:06 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230710/r20110914/client/ Frame C278
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230710/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
URL: https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 19:59:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
10330
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8314
x-xss-protection
0
server
cafe
etag
15120507268597061312
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 25 Jul 2023 19:59:14 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame C278
24 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
URL: https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 05 Jul 2023 12:02:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
557313
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 04 Jul 2024 12:02:51 GMT
creative_add_on.js
cti.w55c.net/ct/ Frame AA0E
5 KB
3 KB
Script
General
Full URL
https://cti.w55c.net/ct/creative_add_on.js?w=300&h=250&zindex=0&ci=Xmwo1n97Q8&ei=GOOGLE&ob=0&ai=0DaDXCcU00&epid=R0wxNTIyMg&fiu=WG1FS1o4a2t0eA&s=https%3A%2F%2Fwww.nefisyemektarifleri.com%2Fetsiz-nohut-yemegi-248941&ciu=XROhqscfgR&btid=NzgwNDMyM0MxNUI2QTE1ODMzQThGODk0MTNEQTVEODV8R0ZRekJIMWJQSXwxNjg5MTE1ODg0NTAyfDF8WG1FS1o4a2t0eHxYUk9ocXNjZmdSfDE4NzI2NjI2NjVfRVh8NDcwNzJ8fHx8LjBQfFVTRA&c=DE&dt=2dt0005&sd=nefisyemektarifleri.com&cip=1&hmt=1&uidu=CAESEP_S1bUwbHSjSXduWYp6k4U&spidu=GOOGLE&pidu=15222&hmpvu=f9fc04c2-dc68-4a61-99f9-abca77ee38c5&hmtsu=3&odtu=2&mtfu=1&crdmu=300x250&cridu=XROhqscfgR&
Requested by
Host: 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
URL: https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20c3:bc00:3:4706:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e8090651b52c256938df2fb0582f24521fe0476939aab81d01b7f31a7ac75beb
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
0IYa12QvFdrNK.CC2JhaeEJAYjkhUjCe
content-encoding
gzip
via
1.1 c4c822c878c22be90d0bb70ab49a395a.cloudfront.net (CloudFront)
date
Mon, 10 Jul 2023 05:08:35 GMT
strict-transport-security
max-age=2592000; includeSubDomains
x-amz-cf-pop
MUC50-C1
age
150169
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Fri, 17 Sep 2021 21:17:39 GMT
server
AmazonS3
etag
W/"a6c8a5bdec77729759b220b95bf503f9"
vary
Accept-Encoding
content-type
application/javascript
cache-control
must-revalidate
x-amz-cf-id
cpS91vFXwc3vxmE3Yz8MynpmOB200mh8co2fzpaogZ00rYDKCbbgoA==
XassetCEYbEcSW.png
ads.w55c.net/t/d/ Frame AA0E
64 KB
64 KB
Image
General
Full URL
https://ads.w55c.net/t/d/XassetCEYbEcSW.png?at=0&rtbhost=conf01-europe-west1.rtb.roku.com&btid=NzgwNDMyM0MxNUI2QTE1ODMzQThGODk0MTNEQTVEODV8R0ZRekJIMWJQSXwxNjg5MTE1ODg0NTAyfDF8WG1FS1o4a2t0eHxYUk9ocXNjZmdSfDE4NzI2NjI2NjVfRVh8NDcwNzJ8fHx8LjBQfFVTRA&ei=GOOGLE&ac=WFM2YVdYQTl2bjpYU2YwU29uZW43fDB8MHxFVVI7&js=0&ob=0&ccw=SUFCMjQjMS4w&ci=Xmwo1n97Q8&psid=NTkzOTA4MTEyNTc&s=https%3A%2F%2Fwww.nefisyemektarifleri.com%2Fetsiz-nohut-yemegi-248941&ts=1689115884505&c=DE&r=G-BE&epid=R0wxNTIyMg&mi=d2Vi&wp_exchange=NWP
Requested by
Host: 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
URL: https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26da:1800:1b:f040:3600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7cc53b9adf139d3c48666f76e1d316281c5e9065f7eeaa3fb329057c397f83e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
pTSK_3aD6MH1NhuW2vrruciFx4wLs9g_
date
Tue, 11 Jul 2023 08:19:08 GMT
via
1.1 42dac3d09c367576dbfe5b6113ecddce.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P4
age
53933
x-amz-server-side-encryption
AES256
x-amz-meta-width
300
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
x-amz-meta-filesize
65085
x-amz-meta-height
250
content-length
65085
last-modified
Wed, 03 May 2023 17:26:36 GMT
server
AmazonS3
etag
"38988cf71c0e9e66d0bb0693f05250c3"
vary
Accept-Encoding
content-type
image/png
accept-ranges
bytes
x-amz-cf-id
-SySJJeVBf9h67Jxb5OCfDf2KzXvfEMm2qBYmllo0tApOZEX0iAG2w==
pixel.php
t.hspvst.com/ Frame AA0E
95 B
922 B
Image
General
Full URL
https://t.hspvst.com/pixel.php?id=2677&t=P&cb=8158759786028598
Requested by
Host: 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
URL: https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
154.58.197.185 , Indonesia, ASN174 (COGENT-174, US),
Reverse DNS
staticip-hv4m185.hispavista.com
Software
Apache / PHP/5.4.45-1~dotdeb+7.1
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Tue, 11 Jul 2023 22:51:24 GMT
Server
Apache
X-Powered-By
PHP/5.4.45-1~dotdeb+7.1
Transfer-Encoding
chunked
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Content-Type
image/png
Cache-Control
max-age=315360000
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Keep-Alive
timeout=3, max=1000
Expires
Fri, 08 Jul 2033 22:51:24 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230710/r20110914/client/ Frame AA0E
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230710/r20110914/client/window_focus_fy2021.js
Requested by
Host: 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
URL: https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 19:59:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
10330
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 25 Jul 2023 19:59:14 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230710/r20110914/client/ Frame AA0E
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230710/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
URL: https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 19:59:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
10330
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8314
x-xss-protection
0
server
cafe
etag
15120507268597061312
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 25 Jul 2023 19:59:14 GMT
l
www.google.com/ads/measurement/ Frame AA0E
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTkx9YH_e8Xb6wiOdBBaTewc1Xaf1yaAePgjPc5ORipY6S7FoSczDt4l9NxYqdnafLWrqweqVLL3kzA_ne8ozyfAOBKaA
Requested by
Host: 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
URL: https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame AA0E
24 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
URL: https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 05 Jul 2023 12:02:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
557313
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 04 Jul 2024 12:02:51 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame AA0E
179 KB
56 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
URL: https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
79cbf9d3dc9d8df1616dd585c95022e1104e8b2700974ba07a9c1a26187bf3e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 22:51:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57331
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1688990556196721"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 11 Jul 2023 22:51:24 GMT
m_js_controller_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230710/r20110914/client/ Frame 09D2
34 KB
13 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230710/r20110914/client/m_js_controller_fy2021.js
Requested by
Host: 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
URL: https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18e7f3232e16c5af1b4d3192ed6be46c39b4902ecef8717b7a1dc69da6b8fe34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 18:04:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
17233
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13672
x-xss-protection
0
server
cafe
etag
2805512053162071780
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 25 Jul 2023 18:04:11 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 09D2
24 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
URL: https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 05 Jul 2023 12:02:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
557313
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 04 Jul 2024 12:02:51 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 09D2
179 KB
56 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
URL: https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
79cbf9d3dc9d8df1616dd585c95022e1104e8b2700974ba07a9c1a26187bf3e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 22:51:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57331
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1688990556196721"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 11 Jul 2023 22:51:24 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230710/r20110914/ Frame 09D2
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230710/r20110914/abg_lite_fy2021.js
Requested by
Host: 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
URL: https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 19:59:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
10330
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9104
x-xss-protection
0
server
cafe
etag
12939045362079141464
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 25 Jul 2023 19:59:14 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230710/r20110914/client/ Frame 09D2
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230710/r20110914/client/window_focus_fy2021.js
Requested by
Host: 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
URL: https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 19:59:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
10330
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 25 Jul 2023 19:59:14 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230710/r20110914/client/ Frame 09D2
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230710/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
URL: https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 19:59:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
10330
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8314
x-xss-protection
0
server
cafe
etag
15120507268597061312
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 25 Jul 2023 19:59:14 GMT
l
www.google.com/ads/measurement/ Frame 09D2
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTYLFDoinObxzJVrkJl4JgxrngTS3bmDsiQg1uRPPOUh3NSmmTgBLLahEJjWPGmuOxOg5GYkxG_IL2yL9IDZ6Vu0mZMIQ
Requested by
Host: 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
URL: https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

container.html
2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D5D0
6 KB
3 KB
Document
General
Full URL
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nefisyemektarifleri.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 11 Jul 2023 22:51:24 GMT
expires
Wed, 10 Jul 2024 22:51:24 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 51D9
624 B
242 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQt9LfAhjFzOfbATAB&v=APEucNUt-QpygHiaz4OZ-f-2k7fVqARrtJWGkw3sE1Z4g8rV44e2BqTkT0iZyxUImRryeo_GgnN0qriWbJA0FfU9OF6B5wCzqkI5gie_ayqaQIiiYAJUmVj-P_jShAii0hQMkZw3QSYsnBH4EdvSIlOFHdAuHLXMbAcn_2ueJ1yHF6MOHOfij2A
Requested by
Host: 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
URL: https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 11 Jul 2023 22:51:24 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 63EC
85 KB
29 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
URL: https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4b5c05892bdce212e19d0503253b600faaeedca47fa2db97964d412c8c11934e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 22:51:24 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29781
x-xss-protection
0
server
cafe
etag
4315658989838864570
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 11 Jul 2023 22:51:24 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 63EC
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ArCksUU6-8SB1uoSNFwYORI4YhfMvJDpFws_rfVf7_vGgnPaKx_lych6KpjhP7aR94zENjrc3HbNxmvKyHLI8xkIUIYOY0Xod20Ax0PvUvejuWUsY
Requested by
Host: 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
URL: https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 22:51:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 63EC
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=1892159041868644298&x=1&ct=76
Requested by
Host: 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
URL: https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 22:51:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230710/r20110914/client/ Frame 63EC
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230710/r20110914/client/window_focus_fy2021.js
Requested by
Host: 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
URL: https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 19:59:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
10330
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 25 Jul 2023 19:59:14 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230710/r20110914/client/ Frame 63EC
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230710/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
URL: https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 19:59:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
10330
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8314
x-xss-protection
0
server
cafe
etag
15120507268597061312
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 25 Jul 2023 19:59:14 GMT
l
www.google.com/ads/measurement/ Frame 63EC
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSGK0y0qbIwdgnffGqm9Ev9KGxOxSeFlAG2odMpwYP92ecyK8Ptvsq5N4aYKt6zp17tVO5B2CAqJWsntfDh3LoBRZtJbQ
Requested by
Host: 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
URL: https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 63EC
179 KB
56 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
URL: https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
79cbf9d3dc9d8df1616dd585c95022e1104e8b2700974ba07a9c1a26187bf3e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 22:51:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57331
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1688990556196721"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 11 Jul 2023 22:51:24 GMT
truncated
/ Frame E183
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2c0b4cb7dced20c65ea2309b62a78e048f299549d8084e4eeadad4efdf1766a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
container.html
2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 276C
6 KB
3 KB
Document
General
Full URL
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nefisyemektarifleri.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 11 Jul 2023 22:51:24 GMT
expires
Wed, 10 Jul 2024 22:51:24 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rum
dsum-sec.casalemedia.com/ Frame 51D9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJPOXT_2uhEdk3sIUx4g9Us&google_cver=1
43 B
766 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJPOXT_2uhEdk3sIUx4g9Us&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQt9LfAhjFzOfbATAB&v=APEucNUt-QpygHiaz4OZ-f-2k7fVqARrtJWGkw3sE1Z4g8rV44e2BqTkT0iZyxUImRryeo_GgnN0qriWbJA0FfU9OF6B5wCzqkI5gie_ayqaQIiiYAJUmVj-P_jShAii0hQMkZw3QSYsnBH4EdvSIlOFHdAuHLXMbAcn_2ueJ1yHF6MOHOfij2A
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 11 Jul 2023 22:51:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 11 Jul 2023 22:51:24 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJPOXT_2uhEdk3sIUx4g9Us&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 51D9
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZK3c7JItjehVWzs..FW3SAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJPOXT_2uhEdk3sIUx4g9Us&google_cver=1&google_hm=2
43 B
766 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJPOXT_2uhEdk3sIUx4g9Us&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQt9LfAhjFzOfbATAB&v=APEucNUt-QpygHiaz4OZ-f-2k7fVqARrtJWGkw3sE1Z4g8rV44e2BqTkT0iZyxUImRryeo_GgnN0qriWbJA0FfU9OF6B5wCzqkI5gie_ayqaQIiiYAJUmVj-P_jShAii0hQMkZw3QSYsnBH4EdvSIlOFHdAuHLXMbAcn_2ueJ1yHF6MOHOfij2A
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 11 Jul 2023 22:51:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=495
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 11 Jul 2023 22:51:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJPOXT_2uhEdk3sIUx4g9Us&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 51D9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEN1_Ha_Sz1iFHuWeOKfGaU8&google_cver=1
43 B
840 B
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEN1_Ha_Sz1iFHuWeOKfGaU8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQt9LfAhjFzOfbATAB&v=APEucNUt-QpygHiaz4OZ-f-2k7fVqARrtJWGkw3sE1Z4g8rV44e2BqTkT0iZyxUImRryeo_GgnN0qriWbJA0FfU9OF6B5wCzqkI5gie_ayqaQIiiYAJUmVj-P_jShAii0hQMkZw3QSYsnBH4EdvSIlOFHdAuHLXMbAcn_2ueJ1yHF6MOHOfij2A
Protocol
H2
Server
185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 22:51:25 GMT
an-x-request-uuid
5678c6d2-09d8-458b-8d5e-8713830b9754
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
84.19.175.183; 84.19.175.183; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 11 Jul 2023 22:51:24 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEN1_Ha_Sz1iFHuWeOKfGaU8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 51D9
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDk0MjM1OTA0NDEzMDE5MjMwOQ%3D%3D
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDk0MjM1OTA0NDEzMDE5MjMwOQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQt9LfAhjFzOfbATAB&v=APEucNUt-QpygHiaz4OZ-f-2k7fVqARrtJWGkw3sE1Z4g8rV44e2BqTkT0iZyxUImRryeo_GgnN0qriWbJA0FfU9OF6B5wCzqkI5gie_ayqaQIiiYAJUmVj-P_jShAii0hQMkZw3QSYsnBH4EdvSIlOFHdAuHLXMbAcn_2ueJ1yHF6MOHOfij2A
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 22:51:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 11 Jul 2023 22:51:25 GMT
an-x-request-uuid
944e4004-bc6e-48f3-aff0-2d30a6e03db0
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDk0MjM1OTA0NDEzMDE5MjMwOQ%3D%3D
x-proxy-origin
84.19.175.183; 84.19.175.183; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
m_js_controller_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230710/r20110914/client/ Frame D5D0
34 KB
13 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230710/r20110914/client/m_js_controller_fy2021.js
Requested by
Host: 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
URL: https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18e7f3232e16c5af1b4d3192ed6be46c39b4902ecef8717b7a1dc69da6b8fe34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 18:04:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
17233
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13672
x-xss-protection
0
server
cafe
etag
2805512053162071780
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 25 Jul 2023 18:04:11 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame D5D0
24 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
URL: https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 05 Jul 2023 12:02:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
557313
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 04 Jul 2024 12:02:51 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D5D0
179 KB
56 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
URL: https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
79cbf9d3dc9d8df1616dd585c95022e1104e8b2700974ba07a9c1a26187bf3e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 22:51:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57331
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1688990556196721"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 11 Jul 2023 22:51:24 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230710/r20110914/ Frame D5D0
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230710/r20110914/abg_lite_fy2021.js
Requested by
Host: 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
URL: https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 19:59:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
10331
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9104
x-xss-protection
0
server
cafe
etag
12939045362079141464
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 25 Jul 2023 19:59:14 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230710/r20110914/client/ Frame D5D0
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230710/r20110914/client/window_focus_fy2021.js
Requested by
Host: 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
URL: https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 19:59:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
10331
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 25 Jul 2023 19:59:14 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230710/r20110914/client/ Frame D5D0
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230710/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
URL: https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 19:59:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
10330
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8314
x-xss-protection
0
server
cafe
etag
15120507268597061312
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 25 Jul 2023 19:59:14 GMT
csi
csi.gstatic.com/ Frame C278
0
234 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~ljyvzi24&c=7596939883806&slotId=3798469941903&qqid=CNyVi4Lfh4ADFdSh_QcdgVECqQ&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 22:51:24 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C278
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 08 Jul 2023 17:04:15 GMT
x-content-type-options
nosniff
age
280029
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 07 Jul 2024 17:04:15 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C278
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 08 Jul 2023 03:30:27 GMT
x-content-type-options
nosniff
age
328857
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 07 Jul 2024 03:30:27 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C278
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CqRU-7NytZNzvCtTD9u8PgaOJyAr-0_evXM7PvdjqAsCNtwEQASAAYJWCgICgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEF4AIAqAMByAMCqgTWAk_Q1upzr7cU4tfawJZTh9iRXSzNUV6NnERZduYV95IGYOSrBYptNs-LclMnnYYSO0vlMMCe2wmy2ucyc4RGvI4KsuV7QSh9TNOricHob3uagKCHi8vgmj9-PhyI3UuBCjhJmU4ijBTqIjUM-E9SMgUWPpGAFcRbuEbvXGi1_IQ_d0JsRxkzx5y04AfwRe2UeOhBt0-zQ1g5jyaKTZrciILuWUKUe8sUEAmJbLcMccS70fHIaAqhQ5XSf7XAx-Qh2jl1fntGDm0w1qCy-ezH3WmSQGFCuNg6G72BIZ31JJgzIJIFZhE2wAjlBxgPV-nYdbJz20tFFUizYDwD5hFtj3apN-zPJ4rYOPwgGqrAh_ouNVkAJlmNLq91CxaYlgoxREgCprkPAcsMDqoe08AOhBTwgpl5M229pjzrS5VST8iFJ_FWYV4CZ8enZfEcPvUSLPAwYPaocuAEAYAGibfA_vS0426gBiqoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTYxNDU3NjA5ODQyODMxMzP6CwIIAYAMAdAVAYAXAQ&eventType=clickstring&clientTime=1689115884884&ai=CqRU-7NytZNzvCtTD9u8PgaOJyAr-0_evXM7PvdjqAsCNtwEQASAAYJWCgICgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEF4AIAqAMByAMCqgTWAk_Q1upzr7cU4tfawJZTh9iRXSzNUV6NnERZduYV95IGYOSrBYptNs-LclMnnYYSO0vlMMCe2wmy2ucyc4RGvI4KsuV7QSh9TNOricHob3uagKCHi8vgmj9-PhyI3UuBCjhJmU4ijBTqIjUM-E9SMgUWPpGAFcRbuEbvXGi1_IQ_d0JsRxkzx5y04AfwRe2UeOhBt0-zQ1g5jyaKTZrciILuWUKUe8sUEAmJbLcMccS70fHIaAqhQ5XSf7XAx-Qh2jl1fntGDm0w1qCy-ezH3WmSQGFCuNg6G72BIZ31JJgzIJIFZhE2wAjlBxgPV-nYdbJz20tFFUizYDwD5hFtj3apN-zPJ4rYOPwgGqrAh_ouNVkAJlmNLq91CxaYlgoxREgCprkPAcsMDqoe08AOhBTwgpl5M229pjzrS5VST8iFJ_FWYV4CZ8enZfEcPvUSLPAwYPaocuAEAYAGibfA_vS0426gBiqoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTYxNDU3NjA5ODQyODMxMzP6CwIIAYAMAdAVAYAXAQ
Requested by
Host: 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
URL: https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 22:51:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame C278
0
54 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~ljyvzi39&c=7596939883806&slotId=3798469941903&qqid=CNyVi4Lfh4ADFdSh_QcdgVECqQ&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.m5&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 22:51:24 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame C278
31 KB
17 KB
XHR
General
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-DSGI4aIcT3DyE7mdZc2RNnTWpcXbchQwxR6guFD0C9zcu-gEtL84zkAOqgZ5svAQJlN4lbnSj-73_LRVeF3MC5fdsQww&cry=1&dbm_d=AKAmf-CewuN_w2tWWIFucIo4uu0XVf0z2nu9spDRkY_sJwGU2mSHpuSYWcFrpXljkm0CWM7bA7lVz8AWRA-7a1zteEG9BtzrNSzcDGYuNLJMznJtg3-7HgdF8rzX1xzkfqv3qeHYKKfEr7BbcUSyU9GDdszucdnRDI1tRc-863Czoj7lUtEAReYRIdGNNX1LklTe93xDSnYNgQ8Vu3Jc8walMBUfK3X18Dvwn9303qw3mDKgLQb1CMQNcoYTlsT_0HtTr1tywGwg6UjkyjqeNB6skrZ-AMnUZy-NjyY8zgiDcYaCbfaMZv49MRauKM52K8GOJBDBl9UZySCYDLTi5IYvWjLdAVHEvFIamWVy9e37reRIfpHjPSihf52QdRZmBgiAHWGo6Q3VC7FAUFxTHC4FjoSESMxKuciuIm-YqXCn4qmUxhVQ-5ccPfBQw3ho1aSVG1eOuswxi4zezymF6X8deI0CpsNlCIE3IpMuf3QaBwG1s1VdlrGukD9lCmJBr8oYK2RYACMxvHsgSB-0ERHQHKerpAb7V1ETFI0l5gIMIpn6_LqCd_QQBQKVBvkVr3k3EjQjrf7NQWIOnbMWYsPROTkKgh_mlX0TMsN8WSB6lbcJPo7wGbLg102ry3o9kT_BJkv7zDLoUCflfb2PJB_2AjLMKyLjgr-Rmz9JpZC4suh-e8IV0m6xKXaGm1O8fJ_79gWMDWq80Llbr8aQeOhAS7Ntzr4RFjl5kIGt5zSaIqB3bx37Fi695W1HLHC6z7vHYzSEKEF8SMa8D6oMhPrC0GCDsMcEoNjEHSRwFto4j3e4pD09Ev6EXTwVVv_HZKn2MX_7fVzy9PAgj7HZHATSHQ6V5ZepYW9VCba1uuMKPFulfkSgdqyN2dvB3gjRl-ahM6Nnya72pPJBzP7VtsIbVo3t8NOT5uRi_2e2nLUIDmMfVy-B8rmQPinHUnF-UWf31A_z3OaOAyVHZRlQsR9zkjyFzr2bA4nOcOqjyZYWZ61L_wHB-q9vODo14lg3fy6KFzLTXnGQvH6YQaMMDPbd7U4b1qV-MV56y9NgiJv3tLxzIQvCtopFINbgEe5uyPRwMo4tFzIej6sq3COPKfUxJsb_fjZDn5dqSOJiAKt04ml0TBCPtVXEHJ6qUeU_GLz59IxgYw8SBebSvXbL3wolsoY_BUUc8kElZrPXSOjcW87Vwol2DrZghJoqOaIMmREayzZNjeK57vYqLTAUkZV-xADFW8PN1KLdYRnT7FHAovnvTIvPK2KilSeL6z3uZ_U3SrKxt6y6YRUhnZuoLbeP8NMxqifLhdbiSGm7yZFnuXCp-tHzaIx9puytOTrNQH0H62O_WRW-cAasQeVWgxtZ71b1XDURzDqU2v-LcpXK0TD1k5tatM4lU6jjzdA1Swu7vscVZ2fVxE9oMEHX9PaGYNN7uVy_9ut4nAAplRx68f2qaCqzVp2VV_jDgoesDeOXB7D-x_wPZosO7ajoP0oSbOsskP4vKdSad7ZukuAxYSyB-7pdXDXoMbyW1YHLYriuXA-5ap7fii1X4XZChwD6hcnxmR2w8ymx06D5OkwylsfqbWrvRJguVcKS3RXP-2auAxvTOuKW8tGPJ__c60iCy47FPYoNPuyGRW21wrSz1OvDZpqZ01HilhhEyQPES5iSpzE95e-W2du74oj1eTw86m1CEfRsKdHzBLhRbxCPCrxPygQNpVZKJwBU8Jfw6Ih28pq8KhYk-Ulsvob2eYdbRic679FcIYQQYFkOc9FdkBCSE3UKNlcA9GDUGelwYWfLRrgY7no-v2K20-vwIfm7V6Gzj5pfjPVLqLBC7LdXbScKWLgk9627147M1FzUmvr1-43IV6V84t6RvORLStpnbNWyaxRgObxYvmxhHcG-5lyTCBHXYO7GDB9VjsA7bOfkwF-GlnC6dkWrSwoD_s-Da97fRe5iwFBzHM4jxszkz7GuD1yaxvK3a9YuB-il8hlz0UxKnKBf2BRqWSSmQhyr1hM9jzK7v6VXf4IbDDa1l6vbgJD-aeTTWa9FgY79Bmy06cCYA08Zi_usclEqxB27VMMYKVPmIk1f3_QzdE6xWQ83i8ZK_eE3PtCFavl468irH7NcP8mko5pj3wqgO4uEXFt4gbrceX5KRTez5cmy9n_m0WmYkTbHW-QKEXiQ2qXjNMIZynqTMUy8JN8cV3F_sd_6relACNluenY4O41r5MJ5_bDkl5UJT-cjM8Ww-RSR6azqAM_8HKUUCy9_TgP9vOxGBv3KKL6GDf_QHBl2TgaxerMfNr-MOvqZiCWPq0ItsdoNIOc9tZaNCBxenX1z1rbP-Oyh_sWznzUhfjD6P3g_a3qcVdY5nyefa7AYArbcqLlhyQDJdsZawVtlvPO9iPktn2XbMxGDtb-EsfhPJ3_XfU8G7rNOEm6QZaxvYmEIYuG6eOzRmhMXtJGS4frMDc4S48ZhHf177R1qHk2PZppzWK4jX-iHC9nOA_Ibo_evRvO3czFAHBpUAAt65Yc2Tck7brLHkp9WBiWdw2gfNmLvfugVlgSGWFfGWfHvzyqi13PzU1Y_-fvv4wjaWlAPT2ZnYc_sfdDXuzkxYPyLIYKOin4YxE1_NUr2f39oZgUo5Q5EisWfT2N6xRFJPoIbLK9o923Vqe2CkkkUAdDMPcQ3GN4OKq0hEQ-PcOJl9G3EMK4lGVtszRts5bYSN8T-7gBEp7vxUdtIFfpZ7ud5BeRySuRZZX89PeBTbHYk3AgSokFOMS4FiterH7-kZBaj4o5008_o5mVoODPEeRnQSrEaIKEIuaasb6ibd9wT7lFAC73MrfVTW8ITSIgs4r5HQU3W-rI84NijAGTbjRCe3XibuiDaBoPRZeQcT6pOp8XKlOxMzZlM_aaGpZWpl3rhFccGeVI41IYnzlpqFugEPsWifc2FP10ZmJUO7Yh1GYhkwYj_sTojEyxoCWxP_Lnf-hRXZkYxHCtGDPE0xgOZEf_onZ3_Rdn5CKx9BBFs04Z2KZ1fqASdhUv9obkL8ky1e6SyXlxngII7yL9SjKiptj7biLu-Ij5iAwQfi8bBgsLk98R28-UFFlzVzN9ICne4XE-hfmr3OzRYMT6A_h2deplN2LsonjBW3-q4mxS7puVR5CKT-gkI52ZAJTTBMfhJNOZ1rcujjWJUynlYvBR-5nWoAiGAIrobIeP0KoMA3mqMCUBT0-uKd7JQbOcC8eHm4GtIMH5E3kfHFQker5hKuLwN66S0WU9V0P9gxu-ZCsvt2B-cN5Nb7QnAR-ifgu2TmYfxKkoAQS2pvlR7P2vvN7OXZt2IUrIF92ijNWKT9wHTSStXJLiqs9xeQj3TRXNU1_XS8SBZGbKTSQ7IlR9BUhmVq0NsXAUOr4ppy80LCGCC-rnP9MdPBvwkVuhjbnQ83GTia71NcupAx0sG9WRpwYA_8w3RtYQUvv6sIxGk6vAbKpMTbXlSA74dhm3XHTKw_3Px-U5OWwAMAv0UGSkY1WzJ3R6bQXIjSqU0fxwJ_ys9HQOt7GDUXC8bZ9Ecu12ntFi8nSp3vkK0ZlDuYHR3Uv6NE2qZGCRQl0v-OEYgyPyXTKijjd0oDnz4-jzrox4IbtQ-arheVZU8lks8TrXgsdGPf9vcTA8bT6M7yRp2HN2rQj0o95YcZumMDPBD_5lT6KXlY-1Pow&cid=CAQSGwBpAlJWdsuQLMvGC8z8o8JOBoBKVjD7HLf2xBgB&pr=8%3AF49C3BBC4F2F695B&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.13.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
we-in-f154.1e100.net
Software
cafe /
Resource Hash
f6da869b814fa204f7109593d8e47387126a282befa031432539fbae24e81cd3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 22:51:24 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16857
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame E183
20 KB
20 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 08 Jul 2023 16:40:42 GMT
x-content-type-options
nosniff
age
281442
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20784
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:21:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 07 Jul 2024 16:40:42 GMT
15629682945020113348
s0.2mdn.net/simgad/ Frame 09D2
73 KB
73 KB
Image
General
Full URL
https://s0.2mdn.net/simgad/15629682945020113348
Requested by
Host: 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
URL: https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
01809882be6214883d2ace81489261074e4f535c00b81fef0a8e740a62bbdc21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 14:55:15 GMT
x-content-type-options
nosniff
age
28569
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
74838
x-xss-protection
0
last-modified
Tue, 11 Jul 2023 09:33:22 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 10 Jul 2024 14:55:15 GMT
2508361087320220711
s0.2mdn.net/simgad/ Frame 09D2
15 KB
16 KB
Image
General
Full URL
https://s0.2mdn.net/simgad/2508361087320220711
Requested by
Host: 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
URL: https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3da90bde27fee4f5ade69c8712a93955fa6f00fe97577a7f26a0496b9d51b121
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 14:55:15 GMT
x-content-type-options
nosniff
age
28569
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15797
x-xss-protection
0
last-modified
Tue, 11 Jul 2023 09:33:14 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 10 Jul 2024 14:55:15 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame C278
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=ChgwT7NytZNzvCtTD9u8PgaOJyAr-0_evXM7PvdjqAsCNtwEQASAAYJWCgICgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEF4AIAqAMBqgTTAk_Q1upzr7cU4tfawJZTh9iRXSzNUV6NnERZduYV95IGYOSrBYptNs-LclMnnYYSO0vlMMCe2wmy2ucyc4RGvI4KsuV7QSh9TNOricHob3uagKCHi8vgmj9-PhyI3UuBCjhJmU4ijBTqIjUM-E9SMgUWPpGAFcRbuEbvXGi1_IQ_d0JsRxkzx5y04AfwRe2UeOhBt0-zQ1g5jyaKTZrciILuWUKUe8sUEAmJbLcMccS70fHIaAqhQ5XSf7XAx-Qh2jl1fntGDm0w1qCy-ezH3WmSQGFCuNg6G72BIZ31JJgzIJIFZhE2wAjlBxgPV-nYdbJz20tFFUizYDwD5hFtj3apN-zPJ4rYOPwgGqrAh_ouNVkAJlmNLq91CxaYlgoxREgCprkPAcsMDqoe08AOxhbQEEzi2FkWTX9Wn4vrs3-5D_h4ef6pq9kek08CEu3FkwMEy-AEAYAGibfA_vS0426gBiqoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTYxNDU3NjA5ODQyODMxMzOACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNzk4MzY1MTI1NzgzODI4MhjqwW0&sigh=aQg3zfNdNms&uach_m=[UACH]&cid=CAQSLQBpAlJW9a-_N3gFuYcQWzm7lILKjR3nadDWvUIDItWRv03V7Ce_qnAFXYx60RgB&vt=10
Requested by
Host: 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
URL: https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pixel
googleads.g.doubleclick.net/xbbe/ Frame BDBE
624 B
242 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbIhtYEEM2TpN8EGPjkxe8BMAE&v=APEucNW0mhUJ4LlfMtwmf-p63pxMsTBl1JIKQ4unzFa-OgeNHi6DwSSvSk-D5EbaD8QrUVmxP2LZeEuarUXgzt0_jW8JpWSzsgkerCRxWnCphHYZzgjMBtwrAecUe6Tr3NF0HB5m2B7dJF-kkBxalh6O253KUoNpfVc4jz5lq9Zw80lIHo44X7I
Requested by
Host: 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
URL: https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 11 Jul 2023 22:51:24 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 276C
85 KB
29 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
URL: https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4b5c05892bdce212e19d0503253b600faaeedca47fa2db97964d412c8c11934e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 22:51:24 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29781
x-xss-protection
0
server
cafe
etag
4315658989838864570
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 11 Jul 2023 22:51:24 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 276C
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D4VYZVcQ3MuOf_6SKTta2YTwHCXvv6Uo6gO6uhXHGL0tnzIRPWCEuD_zgCJcHKn-W2aCMGRyDEUkYdmfMjnwWzc9xZSI0_lCyypthB_8dIJnbHkP0
Requested by
Host: 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
URL: https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 22:51:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 276C
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=2536823769720020102&x=1&ct=76
Requested by
Host: 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
URL: https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 22:51:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230710/r20110914/client/ Frame 276C
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230710/r20110914/client/window_focus_fy2021.js
Requested by
Host: 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
URL: https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 19:59:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
10330
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 25 Jul 2023 19:59:14 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230710/r20110914/client/ Frame 276C
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230710/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
URL: https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 19:59:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
10330
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8314
x-xss-protection
0
server
cafe
etag
15120507268597061312
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 25 Jul 2023 19:59:14 GMT
l
www.google.com/ads/measurement/ Frame 276C
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQpqvTucUOexgvZRkbCkQjdDnsPvMG4wvDktcSEgze0KQB6e-dm2yr4ZJ-VFK1g0XCFtfwqhZaVx7k8lD9z5-b_yoCkaA
Requested by
Host: 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
URL: https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 276C
179 KB
56 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
URL: https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
79cbf9d3dc9d8df1616dd585c95022e1104e8b2700974ba07a9c1a26187bf3e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 22:51:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57331
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1688990556196721"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 11 Jul 2023 22:51:24 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 63EC
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2753371522020&version=m202306200101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 22:51:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 63EC
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2753371522020&version=m202306200101&ct=76&x=1&cor=1892159041868644400
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 22:51:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 63EC
98 KB
39 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DbeE3W2OiLHGXeWMeUuo57_GWcGIs-hUmjAVJDexOahovZD_F1u8FhLN_cXX_lm4Byfur3otZsho-45xJHEzk3VAIbyytOeF9kAsKiBpqrZWQ6x08&cry=1&dbm_d=AKAmf-D6GACynMarnSPqdmyww_UtWj2FKcbLVYhEJ-wY98YT2Ha_Clrm-67dJO-xqQdgNuAh0346ZH0bwNUgOdMBMGi_ii7SXXfbj8yIvBKaBVJBuwX-87r2K4gkoa6oMLgAtoC4f0EiMPCkk-bE-a28ePjU0FBjpmlMzEUDpdwuYmQO_fmIQkJ8Um6uOFSWjGVDKVPeulMDZ-XbFpHJKOlOGogeRa1C821HDJuBYqgc1xVdUUQFuAIzCcaKJCLKcgNrVkhETWkYC_pQ8aZqG0uk_01gxefWOIOHFP2SPr4KkU38iDX5KPPibSyIu05GVOGfWzTHy83ab_r7eoEOV4mF65WnkRv4ZF2tDmJvdK0NQwfOrT-syHCHls2oe9OLvF-6EW5sLGjgZzMa_XBPK5e61hLPgQoerSu_D2ggTXiyS8TAfO2PqCEj9sgGICd40at6cJL9ahai-kTkfZpZl8wTWl7MFW0tAdzh4SDY3RmJTEHgC_u2OMvN_gW4ziejkpGE1F_oEy-vr0hkNl48_i02RQuuN3DXZTP-SVmKShPhKOsFz64eoIaoOfl3vtGk2zvFFy7qu9HpIihzdCRtOcAUa-W5xa3FPw4A3sEouslI30LHx6nGIlaHBagxcn-f0aqcySs6LYThemUi3UJyALmrOr9DCPvajEgHE8eXoSlPPV5ybPu_rrm9ssL5bet4Z_iWB8CwuTco_pGs3aOXTJCi2QdOQC8qgLGEQEiwf3wLgRI_IE77Pa4OGp5KE6zGZJ5YXkgxLKUPd79V_V2YowzYNQNHXiH64zHmlLwrtCAC2_oW3lJKVAGKew6yp6eiTBXx_ilV6blfsTZnQ1MA48Q5v-GiQOfUGVcx6kOXcxPbl-DpSYSnlbKYxxn2uBKJq6KUB9_ve51BHHgNqcw7HYboyf6aqfmnEeRqQtOCGsdkyIvVvOi1dmqCEqXOBHrgKvPMFTXeG-hkXxCBmBYW_zFE5KDGFgG-1oaustxFf0-RZCWuX17kxAWRZRTui12BfAuPGqZHyPkT2V0Gp73YMmRJx3KHrB-1PbhocWaBVVp6nV_xKih4ff7qx8-P4thrkVFFgg5L7moVVrg658fUbpyVqi11klVvv_12eJtGN7gpdTWrSmFyZP3a5O8zHbpmmJwYMI09IuyWFFiATH9R9ksLezotqgIVEVb6_V21jB2KcCgTj8o48ZLRWBGmkST0Csu7SoKq5Izm_RTsF1kqBb_pxTblnOfCn5nnMRsGhdb9dRtat0mrkgvKAbnWH4Rg-giRk0J66JgtwbQBy6xDTf8sjq-GUKoGaJl4RJU9Z7M_Mrd46DToeypAAKiCl8FJfvJhKc8yIKqUfW8mkJV-OdxQfNVae2D07lnm4MoWZH_3ESVV_QaIQDsNzFGbyEleCh_DIA50bG_bfe-AM9iyIAXgvCor0offkHY0AC8F7y7Nf-az_Ou0PSQP65Z9KihX97fp3AGo7qa36So3PjoNRHKHWyrd-1okGI4k0kRYSoyBwtLduCbmpm4sWtSl-EFm_BOmGwY4UwHiS8kazRaWEJ7GEmtroUlkzGZFX_8VmKJJCus9dMryz19o30TKIT-VyBzAk3ra5XeVEKSoyNOj5fd-LelroyGVAhd1OQhcwP7usAcG0y8DvDY_9CsH3Z1OQY8wMlF59D7XOBuFXNPd6Vh7RpfupG4flcZZnCbwt4pqqqDWbcBS8DlxCCmcBTSCjdUDw3uUPoqy_wGENfGqL0iJitF_u2Ju2tgX5sfE-LqOWRUHI6hqLFR9SSOOvfP_0fuep-nj86bfnk-IOTH9aKh3_aFpoOsnAkONslR9rHrg1G4H5XPvz-fOl6-slBAoDzxrzbrQEXWfdedFD8gI1KsBUcw_b9SRPvJrzjDvYKgjsQecCSFAdOLuL3tp_IJaTtOivmMaOxc5O1JYxTji470WTzABv6c5YpMVtGxSqi3EV7dhfmvaIhlIIc474ZgM9qba6hs8H9l8BFl6GyGoUPSnHwNdRx0Cqmq36XINQ1HPwLGquTA4SCsETHWRSafW5DmhXm569Jq3rzLuypeGt2Y8K_9YECdxn7J-2K5CFM_yNIxRRCpSWfSD6_IRZsriZbKUY2fkNpb5b797VrVcBRk6a28CBGW75J1AbJz7y5pbSqXsGzSxi9fFfyuqsJA4uPJaZiQNzhkMpiM_zIdSj_PTtz8wYCUir5kUJbpDkR-2shrn9TUDGfGPyzZT4LGTPAshdXn9HRccU_eAA6ybue8YPpEbDJjq7QdzvDx1L7AKddJWszpBUcINWxbW9WU_ETKjucEOiLNEL-4E2LjFsvw2H9wwiRPUUMWJrggFoCI5DOlyFYo67qMGVQW_uyE2J5y2rc1m0DtAp0QjM_qUn-CVLgR-o9ErgmGAZI39n3BCqyeJvT1qXsXObU9uCdrzyhhpBrZjQ7hM0swpfFR1tsXkX61bCBprqwFXoC85Ed8alBGNOfy8rFXA5ULkYVa5A_yOOarPjmdN9SbIIA303QRNR15ke9krzXa4KzXjuJTqaUUeP-REYKhnMyoTkGW4Gvt5Z2TPI29jSS4ulJbo8tZgKAbh5ZoXv2NQ18guMbznzCdIXMDhaMow2DPAJ-5aP_UzCFkfD6e38D3OveS3TYghSjJmSED9f1adcwwi2VKlL91Bx4mW-dmcQknl0t37IbYXAO_QHL1XaAPW5sH01vxw3yCPhX3IlYUIirSEMG8JlT-CCBzCM2A28vb_CpiNRFprkZsL76dLxQP307Ic2h90k4eHDDTrWhdAud4vSSFhyTdkDjAEBh9oSeeDzA2mXhtOC8Wfn4UvwHD_LYCD6tMnl1c36IbykkkHcHFxvq4qQ1ORu24eBGqTJH97hx_fXFerIb0KM8l3GYNIedqiJzlgh0YrSPm3_ExqnVhXWWbIIS064N_1BuXoWkJO2UOUv7nj06SFaW1_wOGUVL2lLbPcfaOOmDaXZI47IgJcYHxV6a3A6IC8wvcwteKsuwhzKWS6OxXbvqBe1naknF_JuBAR_vIKH-1boEIZgmU2_aC40L2PyDrfmNnG5xeB7C9EVhPtyEgayFAOS6xQK1fg5mVBvSz7Kfq5clnJDgz_HmvzAeZ4V3-XKpvJHRGAGj2rawOy-XSL3AI-VocgFEd0i80oyfgumrPT5TsTSA4-78L8rCb6KXImUFo5CcUpd3SiLlJSPOFzxGzYZ8mlGkqY-BwZik3n5HRni7rP258osQhC4xaH-aP9swqwES5kC3PZ9pEiqp-vQpQfhyt-6GZmQ4hOItvgY4EVwS6BnknELYfO35dSAuKo6pise9Dhnc6lNLSTzd8_JC_QFSgTIktXiMJBjpWvYfXXJx6qsb8x80CKE2hS9ROjVEEsPOE0Y60JCtP9XBFH7nZPMhSfw9-mA6yTnO2DwVpJQ9o1wQOJhOXgwo1yy3dD1_3Y_dPZiuzBrZuDQFaHlil5oi7Pw7UAR-s97UQQ1R1DeLpiU0i_rNOXe-3W2UXBIXQoHAY9mLfy3p-N-1rF5RjBW0jZI7RD2pyPG2P1XaH9zU9sZCKR6VlJrB4HrfaqFDZgQh-3ibmHpBlH8xVdvYgmoGr1JBT_m6nqhXyEV-7qLoW6xveyGY0j2084I3vbHG0&cid=CAQSOwBpAlJWGRlRduoLJVDvI4dLCYM0Y0A0xIwDcjzBBK2YD1ZZ6FAmZwORfTb9VycXaVd73wiB1VrZvVq0GAE&dv3_ver=m202306200101&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=1892159041868644400&adk=3563752640&idt=94&cac=0&dtd=16
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a2c2dc02f807ed24b4676773299c7934e0e1b746bb37b41a088902abecfdcb34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 22:51:24 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39518
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame C278
210 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4cd8527ea46e45c657ae0a65f4b2cef4e3fd6a5acd68f436a6ceaf7ad12eebed

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
64072230e4b01f2c7579523a
ng2.virgul.com/tck/imp/ Frame 82A3
0
222 B
Image
General
Full URL
https://ng2.virgul.com/tck/imp/64072230e4b01f2c7579523a?g=1&t=adsensecode&r=153183@site_geneli@nefisyemektarifleri:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgpnyt%3D1%26video%3D1%26rec%3Dbakliyat-yemekleri%26rec_ing%3Ddomates+sal%C3%A7as%C4%B1%40karabiber%40kuru+so%C4%9Fan%40nohut%40pul+biber%40s%C4%B1v%C4%B1+ya%C4%9F%40sivri+biber%40su%40tuz%26nyt_cat%3Dpost&info=&mt=1689115883758&userId=vnetb9cf87df-44c8-4da2-82a0-503c8f3b7d9a
Requested by
Host: www.nefisyemektarifleri.com
URL: https://www.nefisyemektarifleri.com/etsiz-nohut-yemegi-248941/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nefisyemektarifleri.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin
https://www.nefisyemektarifleri.com
date
Tue, 11 Jul 2023 22:51:25 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 179B
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
URL: https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
21528
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 11 Jul 2023 16:52:36 GMT
etag
48472445140208031
expires
Wed, 12 Jul 2023 16:52:36 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame AA0E
218 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
175c106d387520c55fa4e30c138847d3da86b2ab8f70f2a3168801fc48b0e5f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
rum
dsum-sec.casalemedia.com/ Frame BDBE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJPOXT_2uhEdk3sIUx4g9Us&google_cver=1
43 B
766 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJPOXT_2uhEdk3sIUx4g9Us&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbIhtYEEM2TpN8EGPjkxe8BMAE&v=APEucNW0mhUJ4LlfMtwmf-p63pxMsTBl1JIKQ4unzFa-OgeNHi6DwSSvSk-D5EbaD8QrUVmxP2LZeEuarUXgzt0_jW8JpWSzsgkerCRxWnCphHYZzgjMBtwrAecUe6Tr3NF0HB5m2B7dJF-kkBxalh6O253KUoNpfVc4jz5lq9Zw80lIHo44X7I
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 11 Jul 2023 22:51:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 11 Jul 2023 22:51:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJPOXT_2uhEdk3sIUx4g9Us&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame BDBE
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZK3c7JItjehVWzs..FW3SAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJPOXT_2uhEdk3sIUx4g9Us&google_cver=1&google_hm=2
43 B
632 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJPOXT_2uhEdk3sIUx4g9Us&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbIhtYEEM2TpN8EGPjkxe8BMAE&v=APEucNW0mhUJ4LlfMtwmf-p63pxMsTBl1JIKQ4unzFa-OgeNHi6DwSSvSk-D5EbaD8QrUVmxP2LZeEuarUXgzt0_jW8JpWSzsgkerCRxWnCphHYZzgjMBtwrAecUe6Tr3NF0HB5m2B7dJF-kkBxalh6O253KUoNpfVc4jz5lq9Zw80lIHo44X7I
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 11 Jul 2023 22:51:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 11 Jul 2023 22:51:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJPOXT_2uhEdk3sIUx4g9Us&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame BDBE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEN1_Ha_Sz1iFHuWeOKfGaU8&google_cver=1
43 B
839 B
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEN1_Ha_Sz1iFHuWeOKfGaU8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbIhtYEEM2TpN8EGPjkxe8BMAE&v=APEucNW0mhUJ4LlfMtwmf-p63pxMsTBl1JIKQ4unzFa-OgeNHi6DwSSvSk-D5EbaD8QrUVmxP2LZeEuarUXgzt0_jW8JpWSzsgkerCRxWnCphHYZzgjMBtwrAecUe6Tr3NF0HB5m2B7dJF-kkBxalh6O253KUoNpfVc4jz5lq9Zw80lIHo44X7I
Protocol
H2
Server
185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 22:51:25 GMT
an-x-request-uuid
b71ef870-2317-45ce-8491-07b94eb79831
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
84.19.175.183; 84.19.175.183; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 11 Jul 2023 22:51:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEN1_Ha_Sz1iFHuWeOKfGaU8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame BDBE
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDk0MjM1OTA0NDEzMDE5MjMwOQ%3D%3D
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDk0MjM1OTA0NDEzMDE5MjMwOQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbIhtYEEM2TpN8EGPjkxe8BMAE&v=APEucNW0mhUJ4LlfMtwmf-p63pxMsTBl1JIKQ4unzFa-OgeNHi6DwSSvSk-D5EbaD8QrUVmxP2LZeEuarUXgzt0_jW8JpWSzsgkerCRxWnCphHYZzgjMBtwrAecUe6Tr3NF0HB5m2B7dJF-kkBxalh6O253KUoNpfVc4jz5lq9Zw80lIHo44X7I
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 22:51:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 11 Jul 2023 22:51:25 GMT
an-x-request-uuid
27d65df2-63f9-4a53-871f-09a88c1f430a
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDk0MjM1OTA0NDEzMDE5MjMwOQ%3D%3D
x-proxy-origin
84.19.175.183; 84.19.175.183; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame E183
0
19 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CIH787NytZOCKDoGZywXJqpz4A8Gdrs5x4dWUuegR8qif1po5EAEg37fwaWCVgoCAoAegAfuUlcoDyAEJqQKZ6G7ZRneyPqgDAcgDywSqBIMCT9C7SC31oXGPubFplhAR-LNTixLO2f9KkRWY1F17uLroXr3Lm82jHNGxfiiBhtuMgeyrYrE2KBURPtJHvVtXQarJD66Du3iGjKcLlzJuiX6WShJsIMigE99sne5vT9hwoi6aEFqQwREb65v1cJfGUAAludBtzYEidbW3QSVsjkfzkmI9yUP-uJVHk6uKf5UmJDW0LRYM57U_BBcPWasMR1eelhlCZxLs4ELxCc-Yto1pong4YByKRazmWbWqHj-BmYd7ujjmRktgwvFYguCRUNNcGEmXEVXLR49nnCcp563-DnV8f_Wv4mY-LvPCL36SYuUXkra4s_-BrExZz-y5i65gY8AEmOjPtdEBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB7_mpoEBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEEK7pAtIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwHYEwuIFAHQFQGAFwGyFxwKGggAEhRwdWItNjU5MzUyMzIxMDAxMDE1NBgA&sigh=bh0g5lDc-cE&uach_m=[UACH]&cid=CAQSGwBpAlJW-kw_mC-yGQ0bPaks-1JyHyfIGRLQmxgB&template_id=494&cbvp=2&vis=1
Requested by
Host: www.nefisyemektarifleri.com
URL: https://www.nefisyemektarifleri.com/etsiz-nohut-yemegi-248941/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=280&slotname=6444949229&adk=4082077109&adf=3927512983&pi=t.ma~as.6444949229&w=970&fwrn=16&fwrnh=100&lmt=1689114300&rafmt=1&format=970x280&url=https%3A%2F%2Fwww.nefisyemektarifleri.com%2Fetsiz-nohut-yemegi-248941%2F&fwr=0&fwrattr=true&rw=970&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689115884002&bpp=2&bdt=731&idt=187&shv=r20230710&mjsv=m202306290101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3311523031480&frm=22&ife=1&pv=1&ga_vid=1596421245.1689115884&ga_sid=1689115884&ga_hid=71987472&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1843544316&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759875%2C44759926%2C31075758%2C31075881%2C44788442%2C21065724&oid=2&pvsid=413980555089297&tmod=845280809&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=2.1oxg8e5xb3ne&fsb=1&xpc=Ioj73wlDL6&p=https%3A//www.nefisyemektarifleri.com&dtd=193
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 11 Jul 2023 22:51:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame B492
143 B
166 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
URL: https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2379
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 11 Jul 2023 22:11:46 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame BFAB
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
URL: https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
21529
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 11 Jul 2023 16:52:36 GMT
etag
48472445140208031
expires
Wed, 12 Jul 2023 16:52:36 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
15629682945020113348
s0.2mdn.net/simgad/ Frame D5D0
73 KB
73 KB
Image
General
Full URL
https://s0.2mdn.net/simgad/15629682945020113348
Requested by
Host: 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
URL: https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
01809882be6214883d2ace81489261074e4f535c00b81fef0a8e740a62bbdc21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 14:55:15 GMT
x-content-type-options
nosniff
age
28570
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
74838
x-xss-protection
0
last-modified
Tue, 11 Jul 2023 09:33:22 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 10 Jul 2024 14:55:15 GMT
2508361087320220711
s0.2mdn.net/simgad/ Frame D5D0
15 KB
15 KB
Image
General
Full URL
https://s0.2mdn.net/simgad/2508361087320220711
Requested by
Host: 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
URL: https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3da90bde27fee4f5ade69c8712a93955fa6f00fe97577a7f26a0496b9d51b121
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 14:55:15 GMT
x-content-type-options
nosniff
age
28570
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15797
x-xss-protection
0
last-modified
Tue, 11 Jul 2023 09:33:14 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 10 Jul 2024 14:55:15 GMT
truncated
/ Frame 09D2
218 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
53fe8422ed4742589fa5494ec2615bc58525c89a62a54755f77778dd8661630f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
JuxDZWINa7otHwaisCqyMSq7iwQyCfHq_LhnNSU0b2U.js
pagead2.googlesyndication.com/bg/ Frame 1F74
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/JuxDZWINa7otHwaisCqyMSq7iwQyCfHq_LhnNSU0b2U.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=280&slotname=6444949229&adk=4082077109&adf=3927512983&pi=t.ma~as.6444949229&w=970&fwrn=16&fwrnh=100&lmt=1689114300&rafmt=1&format=970x280&url=https%3A%2F%2Fwww.nefisyemektarifleri.com%2Fetsiz-nohut-yemegi-248941%2F&fwr=0&fwrattr=true&rw=970&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689115884002&bpp=2&bdt=731&idt=187&shv=r20230710&mjsv=m202306290101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3311523031480&frm=22&ife=1&pv=1&ga_vid=1596421245.1689115884&ga_sid=1689115884&ga_hid=71987472&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1843544316&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759875%2C44759926%2C31075758%2C31075881%2C44788442%2C21065724&oid=2&pvsid=413980555089297&tmod=845280809&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=2.1oxg8e5xb3ne&fsb=1&xpc=Ioj73wlDL6&p=https%3A//www.nefisyemektarifleri.com&dtd=193
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
26ec4365620d6bba2d1f06a2b02ab2312abb8b043209f1eafcb8673525346f65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 11:40:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
126649
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14572
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 15:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 09 Jul 2024 11:40:36 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 09D2
42 B
63 B
Image
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C8vWUC-Bt-Hw_UI_exFXQmsoYF0dIjEf-jv06joaEniL5rmmm3Pq-aHnQQbJWgmJ4nxdaQugsEQoLEsY-TrTjyr5iqLmnYuB9gYS_icZxBgdLRedCIxev2uoWaihTPt0qVYqSNn66ylizQ6OBZhdr5xKNdHw&dbm_d=AKAmf-AGc2ByF-jnwUZw_oIBH0Gp8arY83so9wdUBjykTUn5UtKQERMZXOBaRmnoEsnCayilM2_inxbE4pjwnBH4RYO1JGgnYXZ5zYx5R4e1XZomk17C-kyK57mJt3T56uWzsWCv4eyM4jDEj3DyRgBhetH2WeO4fbpGbFTDF-PwDQ_rGSkFbRJXjNcV7lon3Y4x-79grvlc7u4fSiLrgqWqWJa_Xqo-Ekp8LP1G_S7RQwgH-NQGJ6XlM2ZIgRP1aOfN5NavLLUIL3IWSoYKn_mliwlnSpb-OkLT9wHf5YBpHT2SlpVxR2WisLl8G6QagBDZt-QgXLbB-OZjIFfOJ5Hwyrf05PXKTIcedoDLh0R43wtW57mMJk534SoeMKbkEeVvO7segPmByXF6kr9LN9b_3-fm_JwkTPaaZLkuEKW8zSVUO1V-A6LQZs3sHsMQiBsn2Y4OmDObe6uaTmKgteyMXeSd0Uz67T0UJiNcZL1ofQ0pbpzn8pwReSYlms9wUFwXTSOoaSC-kdWLfDXC9ffUnsfSj-Ff8VrEgOid_QtTiQGCWvGAklvKMGsVleHulw9kfDm4nSbJY5QSR2T1ieE4XFyFv5Oo0MwHkgUjbxayNPC-lk5JJMB6Y95bVLJmSpFu0t1qy5P8kzlq_uZwPmMOPd_sNHfoK6-3d6ijqaiVtYEAM-_Y2r_EZrEO9cyFPTbWP4GEKvnNHXKh98DBjB7GYHZiUP9nZGzw4DpTw8H9HpCb5y60C05dw3Ko0tbYdZM5q9DRjU6he5YqNxbqm3_sgbgrm9OEUp0gpUXeudwGvh5edt6ykhqs6I-J1sYT89DOpA7HAVyoC36_u9fVmK6gPSxOxjBroSyxV0EQO02oJWePPOwBB5BXEj-FpiK0XCZnCfUuhxDBPEKm4sLgNQmALgg_o-GZYrARBDBhN9zq8g0GpAH7TMLYbJjhIcAsljvNGKimdMPFTG6eFWDrs37fzgvN_5cJ_fzdkraYuTiE522sCvMy_1EZFc5d-pFvVt0wdNZzslzEY5yaza2H0IcLNYjsuGibmk-FsMVIgwS64QgH03hqJNYdrN5aAH7gTuMW2gtjMA4KJkcG8_ExDkXTJbHcjd93uQHXBtXJ82cBWaDmxVs_kODnxYNi0rzISG-rI9tC32xhRQUhLVkUCEfDgNocCOKTO6bsmP4yfR14gBoyIPVBkQ_mN5876R3S0qDsUggQ7whY50vsjoTrGF_hqU5WpYBjxhGbvIJxMZHzFq6HRkEj88UdbabtuD0gN3lxxz8umamBAIc4Sus1kzRP05l68jwujAbztI7QipN67dfl_jI0-gwQTer3EPkeM9x3rKOxs-jAkMe-hQW-EI-axdUySlWNsQl-FEq-B5b7v1vx3WXmdIEtQ4XeHAbD58125kl3Si_ZKdraFx6nEkwvM1k4qa7k2WTiq_R4_ifJdIsexacgeFguTaGlH-5hIaTMoD1BS9Nwcb_NyhJqJg9WLBLPLsKJw9vLCrQR3VwszigrPwf0cuA18NeGEmcZOrbnw_ixSjH1iMDdbjdDF7grnDpzpqoB7OKrCmzECaoQF_SfxVA7ACv31-y-WlUxEzVUBmvY_01AYAXVJppEgbBJgS2-reIVT5pBYdaoaTQ7k0nYJzDSvy_FbuupCCDravZZ6QedKiMQJiCDTcRxq0qYpQ-9Iqu0LVRXb4CLPHKQADC_g_hr-t5cYJmBmkoMKs7vCpnIDcXb_JTJDCzc45PD0d84gC3L39EZz3QEXtY1Q776i8AaKuhF75sq4K8RZhJ8tc9M7pk7LDAcUh8cwq8v9IdpvkJVKMAhKYx_lvV6CSvIcRVoHCvaaGvuVRdbXaB1m3OqAZiZ_BoQXteEcIG4qwuiNXjAQtma65tb0G_fv07BePHE-fnHPgq6lg3S144yssaGqq5P-MBAUS7uCAfsmWO_hTv9lasup2Mu-ZflCHRpxnVYybnPtVWaa08rvDlxoK6KZMo_3fSLGtb9xY7evRz0G4eMN8I7hmHbJAJmRXDqYsANFj0aWmuFQ6d8rSIygwD18r17JrsYzQaunisc92i_gMjZzfdU4821slUPJYwvuEw-H2bBwiLyhaFjBL_hEYzsuKrPFcY1NVkM8jo_DdAZvH2TQPS_SojmlnkDWDtBbvZCSPp_3ZnpT-UQ3FX5RVXXgEBS0QrNmvZ-gcNEPqKo5me0WpUjW6L2h2IwH4pTkE2nUOvmwdPG-9gS949F_gYnzdbitOZC6h98GW7jc7KbGL-2PBAuUJvTTcEq8RgZv1IlpTFt6Sorlkelr2qfZeLVauKFqbh1FFzDm4tBSmeKwzWpksaa9w7lpJuuHv4ia04Vr8JYBaWa3MDdlCQTe-rD3y60-8F6jgd-G12x3nL90Ob2ZPCwREayYbUnpVRHswc-LrYcfN4p90YRox8FkR_5yJrc2lt-bC7kp-McdIQb56FaWXVhuBVCeupsURQX1zuCZSjBz8kGxHhgPjKfaz-JsM_7BGsW_A-V4hUywjafDCxfXPnzV4FcRdncTy8WxzjbQuoh6zgdta3yU-bN6blC_ucAR5veEEjjwRwg-GVERYudJYwlQJmEQ-E0BgJvBUB7WL7S4ZUMEbWJKrT1v4Sl29odypHYLFThwm9npX_m3jYkhm5F35D_j4bx2F_V1cXLlq6s_dZ68CEbwU3k9wrIi5olGw5wGgUYv2YIh2TxwqBl9uGRM1wrQEZxmkuh0bsFi1t8NeSMQZQdZ6yrWsiywPLu48rWbLdhvjm_ZMoR95mna1lQk8zIrxUgUf7rVWBne9n6oRlstrwnWS3iI4bycBbjcYsZm0XSPMIJGR-zC8ggEfUdXAK0qfr8h7BYFXCYavgLPw7uBU0bMecqsQDMYSw66aMOWalFXhN4TS7ZUyb4lKz_5Ba1Yd8hs5E6n92fDFepxV-_VZWLfM3AJBIjwAHirPyq-V9Z_ajXwxtrkbi2pq5x6kiY4xEnwXB8g9r6kmstaDcWfHuFvkYhxR-S7Wf3SsCmgtlr_ib6igGY8cY1iMuddUJXCpy0XPFeKJPlq_jTA3XYIa1NcTuJSQ2ASzfZShyX6OIe5KBdXx6gDcy_tlXmcFIxqaQjxPRoOy3HcKkbzFs6mRZHVQ1AZhEvPYivmOS6PhrLLzlGVf4dRSjKjM8ilhtOkdJhhB5opS1eOY6t8ZRO3Tiph9zD3lVH3LfZ4rPqvG84JucPjGG0s5Hf3l_gu0HQTEOS72jFFDvWpxaffAOvk3NENLUHTuSbUowW0iDwEfdX4aCkYE3AAs8naV93T9dHUlo32onw-qH9Cc287mW1qvruTHe2FSvlDngnc1wZyS1OCazx3P8NV6b9rpHMI8lmA59WOuwI2xvdLMjY3TgzzPbUTfta4rRTUG-JLxYp8RHMPs3SXuZVYXREg8E_-ZCth27k8gfhCyVIo_3qU1ARIIhL9xdBAh6bcIIqX0MDbhfte5-n8g5UgseH0VRr_uM3GIRUXuEK4YuF_GA6pTlth5g-JVJtuqcrCLCQ9jEO1u664EAcjQyW2qJr9oRiIBM2QWipww4QHolbpx5MWT4iBWSlPDEVlCTmThI9jsaUKJS5zXNkH41qiUhIWdvHeklf56dhn4pIjsiesEjOxpGD8_kihuympGWc01ifl_vA6OcbnWAYxNIiaZQoe_NnaTN3ptTj7qZqNRldiElQapCLVDzNSkoOMcLKeM35&cid=CAQSOwBpAlJWW2VjagLIRBN4aJNw55HXc0CUywDKm2KrZ6uWIZndf_qBoYtvnJ13wGmoJMQJ2FSESoqY9isVGAE&dc_exteid=31158688434270079318330334673203248&dc_pubid=4&cbvp=2
Requested by
Host: 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
URL: https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 22:51:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 09D2
0
0
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C07mR7NytZOOZGfKI9u8P7fCw2AbXuuDNcYeAi7PMEc6Focr2ARABIMCygmtglfrwgYwHoAGLseeRKcgBBqkCmehu2UZ3sj6oAwGqBJECT9B5_48Bgi0GEgJj9-e0jNiLeOWstTVJGwOoH56DjJzq37YvuYK2bwH22mUe_O3BiEkeGBCe-N8G6Xj_BRcvGw-MF1XO1kGX8WM7SerinNE5Phm8xKbTQTjl_qX0ZRBzWOrqxD7uv_lAQZ_DKPgj0AqdrL5jy4Fnq44ECuHRR97h2TxWv8UldVQwKAJD8sxHmD_Or7hgo3yXSTVStTHg3AgxQbalMKp1Rt-1DuozqUow7lbz4k0JxJMrjOwJaRKgPe4ST86hWPO6eYVqpEgZQLJoDRD0B5AFs2JmqEsIjO_ETRxWvxrlom0d3dbW4mx0O27EjmdZN_5iIHnfa-42YlUWJ-vLVA_ObAeWGXnx46CAwATI8aD6tATgBAOIBb2ShutLkgUGCAMQARgBkgUGCBsQARgBkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAY3gAeL6bfxA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcKEI3fDhjS_q7wAdIIFgiA4YAQEAEYHTICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTYxNDU3NjA5ODQyODMxMzOACgPICwGwE-CChhTIE5yvnOMD0BMA2BMK2BQB0BUBgBcBshceChwIABIUcHViLTY1OTM1MjMyMTAwMTAxNTQY6sFt6BcB&sigh=yLqz0aZVPco&uach_m=[UACH]&cid=CAQSOwBpAlJWW2VjagLIRBN4aJNw55HXc0CUywDKm2KrZ6uWIZndf_qBoYtvnJ13wGmoJMQJ2FSESoqY9isVGAE&template_id=509&vt=10&cbvp=2&vis=1
Requested by
Host: 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
URL: https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

csi
csi.gstatic.com/ Frame C278
0
54 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~ljyvzi3m&c=7596939883806&slotId=3798469941903&qqid=CNyVi4Lfh4ADFdSh_QcdgVECqQ&fb=outstream-lima&vast_v=3.0&vmfc=12&vhc=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 22:51:25 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame C278
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 07 Jul 2023 17:15:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
365767
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 06 Jul 2024 17:15:18 GMT
file.mp4
r1---sn-4g5ednss.c.2mdn.net/videoplayback/id/f8fd2e94061f0d97/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1720651885/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame C278
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/f8fd2e94061f0d97/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1720651885/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
  • https://r1---sn-4g5ednss.c.2mdn.net/videoplayback/id/f8fd2e94061f0d97/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1720651885/sparams/acao,ctier,expire,id,ip,ipbits,ita...
0
0
Fetch
General
Full URL
https://r1---sn-4g5ednss.c.2mdn.net/videoplayback/id/f8fd2e94061f0d97/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1720651885/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/1A47E32EE2C09EDF53A23C49736E02321F89D9EB.754592A5F564A60B8E05BF64B1C683669516B57B/key/cms1/cms_redirect/yes/mh/xb/mip/2001:1b60:1010:2:1012:39f8:745c:d74/mm/42/mn/sn-4g5ednss/ms/onc/mt/1689115415/mv/u/mvi/1/pl/29/file/file.mp4
Requested by
Host: www.nefisyemektarifleri.com
URL: https://www.nefisyemektarifleri.com/etsiz-nohut-yemegi-248941/
Protocol
HTTP/1.1
Server
2a00:1450:4001:6b::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Tue, 11 Jul 2023 22:51:25 GMT
X-Content-Type-Options
nosniff
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
2220696
Last-Modified
Fri, 07 Jul 2023 14:34:05 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
null
Expires
Tue, 11 Jul 2023 22:51:25 GMT

Redirect headers

date
Tue, 11 Jul 2023 22:51:25 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
665
x-xss-protection
0
pragma
no-cache
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
location
https://r1---sn-4g5ednss.c.2mdn.net/videoplayback/id/f8fd2e94061f0d97/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1720651885/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/1A47E32EE2C09EDF53A23C49736E02321F89D9EB.754592A5F564A60B8E05BF64B1C683669516B57B/key/cms1/cms_redirect/yes/mh/xb/mip/2001:1b60:1010:2:1012:39f8:745c:d74/mm/42/mn/sn-4g5ednss/ms/onc/mt/1689115415/mv/u/mvi/1/pl/29/file/file.mp4
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame AA0E
0
0
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C6ENF7NytZKP5Gena7_UP2_qb8AO6iLSPXJzX7u6pCMCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJ4AIAqAMByAMCqgS1Ak_QOpaVuXTMmVLRk8Uj1amQj8BxYA5ISr40lz9xE8tNbVbAxXtY3GEOhJWQ9jsQdlHTDIbZAtzkQpPNDtoBKGt-doUSgIs90gxl-prr_UoqNECz-bkQzBpkmFwUysL2V-Q8EHFt2w9AbtizbymNNRHWCRoTRWwq4r0vFaKjck_Wv0qN3Tb-jDl1FOjVmP0tzxyy-LDuFEDpMg7Yuxu0LJ923fvOgCstFEpeAcWTITCVXdi6fza-uGyAPhAGF7LuqgDRFToTCbTIVQ0KZq9X7oPvw7yY9mDoTDGyQ0yG8tEhZcYHHONDwmsgA721Bh6SWN6GBQUs-7XtLuHTCbA8z0ahccJU8ARWsA-fkAsMnzAWFPW7rfRK5oJgqGHzB5WAxj-CseQV27kP6c2S0iAfwy3jOnUeseAEAYAGqtCz49CR94-5AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNjE0NTc2MDk4NDI4MzEzM4AKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi03OTgzNjUxMjU3ODM4MjgyGOrBbQ&sigh=s7YLfL0y5bk&uach_m=[UACH]&cid=CAQSOwBpAlJWzEugDOMrEWrLGVGBSxWVsv8mem99UQiXEZvZlPzkG2m2N8uuipFfk8zFv6DdJ2CsyY0KDNJDGAE&cbvp=2&vis=1
Requested by
Host: 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
URL: https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

a.gif
i.w55c.net/ Frame AA0E
42 B
576 B
Image
General
Full URL
https://i.w55c.net/a.gif?t=0&rtbhost=conf01-europe-west1.rtb.roku.com&rts=1&btid=NzgwNDMyM0MxNUI2QTE1ODMzQThGODk0MTNEQTVEODV8R0ZRekJIMWJQSXwxNjg5MTE1ODg0NTAyfDF8WG1FS1o4a2t0eHxYUk9ocXNjZmdSfDE4NzI2NjI2NjVfRVh8NDcwNzJ8fHx8LjBQfFVTRA&ei=GOOGLE&wp_exchange=ZK3c7AAGfKMIu-1pAAb9Wy556NWFNHvR8KXUmQ&ac=WFM2YVdYQTl2bjpYU2YwU29uZW43fDB8MHxFVVI7&psid=NTkzOTA4MTEyNTc&js=0&ob=0&ccw=SUFCMjQjMS4w&ci=Xmwo1n97Q8&fiu=WG1FS1o4a2t0eA&fid=XmEKZ8kktx&sd=nefisyemektarifleri.com&s=https%3A%2F%2Fwww.nefisyemektarifleri.com%2Fetsiz-nohut-yemegi-248941&ts=1689115884505&dvdp=i.w55c.net/dv.jpg&ai=0DaDXCcU00&c=DE&r=G-BE&rnd=8158759786028598&epid=R0wxNTIyMg&ct=b126c92c760c4964ba6058483a07fa14&os=Mm8wMDAy&dc=NzI4NWEyMmNjZmE2NGM1Y2JmMzBmYzExNmQzNGFhNGU&dv=MUxWSXJn&dm=MU1udVZVV21Ndg&l=dHJ8fA&ri=2rxtlU&cip=1&alg=TGcwMDA4&v=0&euid=Q0FFU0VQX1MxYlV3YkhTalNYZHVXWXA2azRV&mt=2cmt0001&mi=d2Vi&dt=2dt0005&tz=RXVyb3BlL0Jlcmxpbg&sg=XuIzuX7-K-InRNw0uKBe_Q&buid=Xdb4DXiaK1Q&hmt=1&hmdp=s.h.w55c.net/2/948461/analytics.gif&hmtiu=9484611643830741015000&uidu=CAESEP_S1bUwbHSjSXduWYp6k4U&spidu=GOOGLE&pidu=15222&hmpvu=f9fc04c2-dc68-4a61-99f9-abca77ee38c5&hmtsu=3&odtu=2&mtfu=1&crdmu=300x250&cridu=XROhqscfgR&naoh=i.w55c.net/na.gif&ndgh=i.w55c.net/ng.gif&cbvp=2
Requested by
Host: 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
URL: https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.62.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-62-209.eu-west-1.compute.amazonaws.com
Software
PixelTracking/v2.0.30-782-g97d928b#rel-ec2-master i-08cd5a4b21ac21a7e@eu-west-1b@dxedge-app-eu-west-1-prod-asg /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 11 Jul 2023 22:51:24 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PixelTracking/v2.0.30-782-g97d928b#rel-ec2-master i-08cd5a4b21ac21a7e@eu-west-1b@dxedge-app-eu-west-1-prod-asg
Content-Type
image/gif
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
42
Expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 276C
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1421145234849&version=m202306200101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 22:51:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 276C
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1421145234849&version=m202306200101&ct=76&x=1&cor=2536823769720020000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 22:51:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 276C
105 KB
40 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DFVGlaLxO4xAN7B3BIv78_h4ORyHSfmMNVE8a4Pt51WNanHxOJW8umlxEBjBzy3NPmCHeDjNwMo4EgpxAutha7u54hjw&cry=1&dbm_d=AKAmf-BEOICdutSJZi2ZphTXlkB28h1D3uG0drn-1OsPRGXlCH8xUlmDv1zQ83C5Ke-FqjvEuosNEnpxB1BUtRXqVq4-getwiN2lcku88vh43e5HrdmbtQPtYiL7hkkXPaLTmjlreUOtaD6fUIJIAJKFb_OJCrmiqlzB3XOBXSr9O_osjayIUvliERKAIAPEqUg3xIPZyL2lJSCsv3QtORxzkaa8Ttu1X19u-muX6bqvo2rIPAfens0I25fI6X_tu4lrKQ0LS5vePfHb5kz1cyaGA-ElXRSFUBzA-_8438nJJvqLJd5YAvi0jFseHl1mk5PNvJ2qlS5bvPyCSQlOq66Wjpa3u9P0wM20DOjmd85ftBBA4vR7DokMdLkwNUsms9FPNc5c5bFkz0QeGOZ7NdlBgQjXvkmvIu9FhhhjdbtQVNVbM-Bh4GQQArTRAmZK7rVyuMM_EMquv060qr3Zsxh1sS2vsIMm2mF_CbelKc1Zcvk0f6j5lCUoATlEtGCRIhW_Jrm9VYtIhcRwjZwDr-RF9TwF8RC7qdIsrV_BGuHcZvCZVdtoEcP9n-3Bvx_XsLk9oamVNK9N4KvtjU3hgaH5RNmSfAW_rc9vKx_y9HtX49uVYuqICCzLsYiipW6ouiu-75vhl1Q6RZgbUOpOWKjoqQ3NtZl-wCkj910yApLrHFiR0fzhRfszPX2-FojWkQqiqD7HUqjUNiyh0KO4r3bMfDvDVgUgXolKhX2Ri-PHHwhSkWcx5QZrKWNNmbpY-gWBxapK198poE2bBrF7RvpUg59rM8vuoTxOQRih0uouSJZcOevgDQKIkKSS6G2aG172XWCyGPUASJ3GyJqsZKhkJVhrawhil-wKS8e99OJczTM0rmyT4t62CBtcVHLFFA-88wiVoIwZH7TYTaiB6lC3Od2ARbC02OYh7lXflfRrS9vQxpg--VUNEyVW4foveat4UhfQ6HzkHvq8l8dqMStOq5f_Oq9ZZoUGYVa1nukkwGPSeyjwq27_lgby9oW4TzOdKRyAJA_9XOVHd4NTwUExx-S6Ja5vVf7kOrnCl51ritMbHnf4cubgeEvqhUKjMuBSHJhD3v3KTAlAiawMFEfC1QU5q9sflGyJKlwG0YBJJWod5fdHuY2_gQQ-LFr6bEl8aH05OF7HG-hIfeNmymRNVtbIz-JrCYXCx43uFbLzfOmfUCLlQ_6iKhFPEk9cvujux1wnDoAYh4HBOKsV4GgwIb0MRI5fvwTKrRmLC72XpuySzNsnt0AqfatwufmBcs_DnIS6xL6o4GvQQovAgZtHWD_bOW_mL3mYcEZ6VjHA6QAu0sgtkOGInj_NDZiDixH5lENozl_cfHfUXyT9lp4Z02lVxQdKTkyc93TlJEMvCT1IGuNsnzXYX_4-63g6eToVWABq6oKKU2YE-XGCtlMkJ-EyGq8U05jtoiWzKIjWxC6URF11cgiq4oKGBY0OAvPz4OfTIIYjkYXqiOgYRZ-12Ch530D3OmbZRBfFLMW7l7VlrRfJ9TJmdwdSoLHKPmvtY6tCDQSgyBmfLTOOtz7pZMp1fhLT3V5bx2-TGfOyOQAsAFRWGaEsV9MKdWE_fQlHCWhqBKpSoxISkac-SsVl3dxhdd8XJ72seXGqll3XUlNrx6oQ7JLbi3N1KTgDUikNuz4H4LWimTkVqwq5moSIT-rcti1CaV8s7YlRVkr-y9U1bBoTNIpiOwNEEhPhEwHc48EA0AnlGwWjVgtCYQl2Vn9SVuTP7hy4Jb5CbUb5Z6mzqnnzRU9X8mJhDQC96Q61DOFKYBoNcOh9aQQLmX3pgMwzsP7uVtgAqVJx5NBJ8okNpDNaWWGhzdfhosQQAm7GJOkbY55YLTzCb2BVTa1DI7ZO4ty0MRAGvZ86COP6qZXrgIvUt5ARRzbdeOotNrk-_Bb7tGXEmGzazfZ0q7nxYABDrYYEkdHwN5LXJUks0PwCf_kbo_FZxPIFZDtd23z7klZfA2hOyp-xI1uooAzmsdyyLjjx7-bUTsz-LXsIq-3wj-DklsgRyEyNrcusA-oypg6H_lxDBK0MM74VWAieHFt4oL7fT5OI2Ob4Z4CJpD4NZBHGvz9-BqpMAdKQMECz3ewXprFaUQC5pWQk1QUz_K2UnjCDqOuG7bZgWO-Gryi8g2SSQuZzJkuFMR7CgPYpYubrSq28p1_pEZ18mDpe_Rw87CKZGBTLCD8XKx2FKAgjy0Dfg-W_tU-42tUkcBdbwQGVVuT05aYb7gw88WrupubHkIt1_300KFOzkAO7fib0ObSJYgm-cemLjULX-RbjDlU11LP31w-OrmKSUVQ97kMfLRFarxJalzpsoHhqeq0Aqg_2BgeIcQNwTXyy6W3LLRhpAnvnbSQvQaksHSZNoKqhPaHCOrQiQ_pq9DBdiPQN2062hXRtfB2LR01-X6TIdFvFiwerzsSS0Miq_3V6uEbSdSz7-uYp3irAuMTOh2pmv0sxdT2RJCGaEXrFPONbOTVShfd9bKxQ8bXtCyva53ag_gvBXOmozJnv2QNZSxltG3mFJRwDbmWw25RQF15vNz5MiQzSl8snFH9U7Mmw_XsQnB-W1b9jf4eBpwrKBJmzg8gKiFHkIKVt9jySmEwneHjMMMLpd8P8VdKItuYQPbxMwRhqQNKNc4BWzXAutp8BDYsW_JoBi2pF0nSENTikkD7dflark-B3oL2Fffec_pAdNiTvy6M6Fm2V6srvtoHQYVu7D1E_DL5mr7aQDtOQvo8LQrDJpO5BWE15JaSBV5ZCDN6UtYH1sjJwjg1OES2lv51MhKNARcWxupKkNReAPHdv8UwSyzxPG7Ai5r5JtQnnEwFMkv4mV3SAEEYgZlEyJ78fxin4ISXDP4rx5OFC7CM85SO4Yf00iIqlJWEntgL3Sk8yEyWkLROwgGUtewctT1whYPrvWr1dhtHOWblyl9t29ppYNE5xK8Drzx99zowCXTSAcv_vVIx4u9ae3OfirGj1CqLGrwGPAx-ZTBFgvns79NcT0tzWkKOUEPZ6hqZIzlvCGS3AYjGAinVMbLBRsC2u_WIzuJWWApgK9z94nGd14K7HZBvp-KhDrV2Y-dLk3Vtzx8Mgojt8ybTWxYaC88oxueNsrZRSzlW8ZVV-ZQc6xaJpXO3eiWZeibvfzcKRHaSHstuSWpCaTkuvQYDM5vlPiBMfLcFOFrJkzV3290PmTdG5oqd9y3wJJCx4RvzO7Er9KP9pKqjQPYvwB9as1ARLa_z_K-uU1dr_4PfnPlXdNMqgfqDoJ8nywPsbOXXlP9xLSaoXw_5ocC4ecLb89RD9VvawRoVncy46k6U54M065_yQkxASZMRMyBtTx96r2DAJp5m6GGm36AuURZtbqYDWmcW08sOwD9lZysVddQ9U-tai25YOLp2iygXi4sZ4lH29fYJXnTaN6cmQEDnxCqhAiw16QXV3LZ6g9zo_TLCYJuK204BvDSDl057Knn64KFno-F5xp-TzPzdXzvL5qILGkhzZmsSbFgROhM5ztmXHD_JEAFmcmiMxCwwJD1UjZxBFN3oVhQ8fC4xdqYJqctGrFMDW2FtDAt23Szs3sGmlBOdRFU_SOLCMRYZb53w7zwy7dESTjZFAM5cauDmkt_Ndr7pcedaxkhHmDvGcxn3XkDxcJWhB_UJtLfL0sP0J_s-_1w&cid=CAQSOwBpAlJWKh_fXRSFD5g-_YJZ7oJXXOcHMpqMvAOjHg--R5qDyuKe1cNiqLHkSkgPiKHaKHXVffOVxdEyGAE&dv3_ver=m202306200101&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=2536823769720020000&adk=3844175693&idt=99&cac=0&dtd=9
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ddc6600d27eef589fc81f168ebaed0fd98c2afd3004935b3f75bb7ccd9aa688
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 22:51:25 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41256
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 63EC
172 KB
60 KB
Script
General
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x67420x0229.html?fbclid=PAAaae-SdJFaTCe2X2Rz0YQJeaF_cmcYz8_lmUJJDaLttsAGULWuQIAYEIFUc_aem_AWqMemsf4qpLbeZbkZhrgOzXLw4pKQpSKaow2V3Sax-iHPbhThvsND2Me74HsU0i7CvE1WRhY0ku0e2hAZgH8ddB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
Origin
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 14:24:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
30400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 12 Jul 2023 14:24:45 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230710/r20110914/elements/html/ Frame 63EC
11 KB
4 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230710/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DbeE3W2OiLHGXeWMeUuo57_GWcGIs-hUmjAVJDexOahovZD_F1u8FhLN_cXX_lm4Byfur3otZsho-45xJHEzk3VAIbyytOeF9kAsKiBpqrZWQ6x08&cry=1&dbm_d=AKAmf-D6GACynMarnSPqdmyww_UtWj2FKcbLVYhEJ-wY98YT2Ha_Clrm-67dJO-xqQdgNuAh0346ZH0bwNUgOdMBMGi_ii7SXXfbj8yIvBKaBVJBuwX-87r2K4gkoa6oMLgAtoC4f0EiMPCkk-bE-a28ePjU0FBjpmlMzEUDpdwuYmQO_fmIQkJ8Um6uOFSWjGVDKVPeulMDZ-XbFpHJKOlOGogeRa1C821HDJuBYqgc1xVdUUQFuAIzCcaKJCLKcgNrVkhETWkYC_pQ8aZqG0uk_01gxefWOIOHFP2SPr4KkU38iDX5KPPibSyIu05GVOGfWzTHy83ab_r7eoEOV4mF65WnkRv4ZF2tDmJvdK0NQwfOrT-syHCHls2oe9OLvF-6EW5sLGjgZzMa_XBPK5e61hLPgQoerSu_D2ggTXiyS8TAfO2PqCEj9sgGICd40at6cJL9ahai-kTkfZpZl8wTWl7MFW0tAdzh4SDY3RmJTEHgC_u2OMvN_gW4ziejkpGE1F_oEy-vr0hkNl48_i02RQuuN3DXZTP-SVmKShPhKOsFz64eoIaoOfl3vtGk2zvFFy7qu9HpIihzdCRtOcAUa-W5xa3FPw4A3sEouslI30LHx6nGIlaHBagxcn-f0aqcySs6LYThemUi3UJyALmrOr9DCPvajEgHE8eXoSlPPV5ybPu_rrm9ssL5bet4Z_iWB8CwuTco_pGs3aOXTJCi2QdOQC8qgLGEQEiwf3wLgRI_IE77Pa4OGp5KE6zGZJ5YXkgxLKUPd79V_V2YowzYNQNHXiH64zHmlLwrtCAC2_oW3lJKVAGKew6yp6eiTBXx_ilV6blfsTZnQ1MA48Q5v-GiQOfUGVcx6kOXcxPbl-DpSYSnlbKYxxn2uBKJq6KUB9_ve51BHHgNqcw7HYboyf6aqfmnEeRqQtOCGsdkyIvVvOi1dmqCEqXOBHrgKvPMFTXeG-hkXxCBmBYW_zFE5KDGFgG-1oaustxFf0-RZCWuX17kxAWRZRTui12BfAuPGqZHyPkT2V0Gp73YMmRJx3KHrB-1PbhocWaBVVp6nV_xKih4ff7qx8-P4thrkVFFgg5L7moVVrg658fUbpyVqi11klVvv_12eJtGN7gpdTWrSmFyZP3a5O8zHbpmmJwYMI09IuyWFFiATH9R9ksLezotqgIVEVb6_V21jB2KcCgTj8o48ZLRWBGmkST0Csu7SoKq5Izm_RTsF1kqBb_pxTblnOfCn5nnMRsGhdb9dRtat0mrkgvKAbnWH4Rg-giRk0J66JgtwbQBy6xDTf8sjq-GUKoGaJl4RJU9Z7M_Mrd46DToeypAAKiCl8FJfvJhKc8yIKqUfW8mkJV-OdxQfNVae2D07lnm4MoWZH_3ESVV_QaIQDsNzFGbyEleCh_DIA50bG_bfe-AM9iyIAXgvCor0offkHY0AC8F7y7Nf-az_Ou0PSQP65Z9KihX97fp3AGo7qa36So3PjoNRHKHWyrd-1okGI4k0kRYSoyBwtLduCbmpm4sWtSl-EFm_BOmGwY4UwHiS8kazRaWEJ7GEmtroUlkzGZFX_8VmKJJCus9dMryz19o30TKIT-VyBzAk3ra5XeVEKSoyNOj5fd-LelroyGVAhd1OQhcwP7usAcG0y8DvDY_9CsH3Z1OQY8wMlF59D7XOBuFXNPd6Vh7RpfupG4flcZZnCbwt4pqqqDWbcBS8DlxCCmcBTSCjdUDw3uUPoqy_wGENfGqL0iJitF_u2Ju2tgX5sfE-LqOWRUHI6hqLFR9SSOOvfP_0fuep-nj86bfnk-IOTH9aKh3_aFpoOsnAkONslR9rHrg1G4H5XPvz-fOl6-slBAoDzxrzbrQEXWfdedFD8gI1KsBUcw_b9SRPvJrzjDvYKgjsQecCSFAdOLuL3tp_IJaTtOivmMaOxc5O1JYxTji470WTzABv6c5YpMVtGxSqi3EV7dhfmvaIhlIIc474ZgM9qba6hs8H9l8BFl6GyGoUPSnHwNdRx0Cqmq36XINQ1HPwLGquTA4SCsETHWRSafW5DmhXm569Jq3rzLuypeGt2Y8K_9YECdxn7J-2K5CFM_yNIxRRCpSWfSD6_IRZsriZbKUY2fkNpb5b797VrVcBRk6a28CBGW75J1AbJz7y5pbSqXsGzSxi9fFfyuqsJA4uPJaZiQNzhkMpiM_zIdSj_PTtz8wYCUir5kUJbpDkR-2shrn9TUDGfGPyzZT4LGTPAshdXn9HRccU_eAA6ybue8YPpEbDJjq7QdzvDx1L7AKddJWszpBUcINWxbW9WU_ETKjucEOiLNEL-4E2LjFsvw2H9wwiRPUUMWJrggFoCI5DOlyFYo67qMGVQW_uyE2J5y2rc1m0DtAp0QjM_qUn-CVLgR-o9ErgmGAZI39n3BCqyeJvT1qXsXObU9uCdrzyhhpBrZjQ7hM0swpfFR1tsXkX61bCBprqwFXoC85Ed8alBGNOfy8rFXA5ULkYVa5A_yOOarPjmdN9SbIIA303QRNR15ke9krzXa4KzXjuJTqaUUeP-REYKhnMyoTkGW4Gvt5Z2TPI29jSS4ulJbo8tZgKAbh5ZoXv2NQ18guMbznzCdIXMDhaMow2DPAJ-5aP_UzCFkfD6e38D3OveS3TYghSjJmSED9f1adcwwi2VKlL91Bx4mW-dmcQknl0t37IbYXAO_QHL1XaAPW5sH01vxw3yCPhX3IlYUIirSEMG8JlT-CCBzCM2A28vb_CpiNRFprkZsL76dLxQP307Ic2h90k4eHDDTrWhdAud4vSSFhyTdkDjAEBh9oSeeDzA2mXhtOC8Wfn4UvwHD_LYCD6tMnl1c36IbykkkHcHFxvq4qQ1ORu24eBGqTJH97hx_fXFerIb0KM8l3GYNIedqiJzlgh0YrSPm3_ExqnVhXWWbIIS064N_1BuXoWkJO2UOUv7nj06SFaW1_wOGUVL2lLbPcfaOOmDaXZI47IgJcYHxV6a3A6IC8wvcwteKsuwhzKWS6OxXbvqBe1naknF_JuBAR_vIKH-1boEIZgmU2_aC40L2PyDrfmNnG5xeB7C9EVhPtyEgayFAOS6xQK1fg5mVBvSz7Kfq5clnJDgz_HmvzAeZ4V3-XKpvJHRGAGj2rawOy-XSL3AI-VocgFEd0i80oyfgumrPT5TsTSA4-78L8rCb6KXImUFo5CcUpd3SiLlJSPOFzxGzYZ8mlGkqY-BwZik3n5HRni7rP258osQhC4xaH-aP9swqwES5kC3PZ9pEiqp-vQpQfhyt-6GZmQ4hOItvgY4EVwS6BnknELYfO35dSAuKo6pise9Dhnc6lNLSTzd8_JC_QFSgTIktXiMJBjpWvYfXXJx6qsb8x80CKE2hS9ROjVEEsPOE0Y60JCtP9XBFH7nZPMhSfw9-mA6yTnO2DwVpJQ9o1wQOJhOXgwo1yy3dD1_3Y_dPZiuzBrZuDQFaHlil5oi7Pw7UAR-s97UQQ1R1DeLpiU0i_rNOXe-3W2UXBIXQoHAY9mLfy3p-N-1rF5RjBW0jZI7RD2pyPG2P1XaH9zU9sZCKR6VlJrB4HrfaqFDZgQh-3ibmHpBlH8xVdvYgmoGr1JBT_m6nqhXyEV-7qLoW6xveyGY0j2084I3vbHG0&cid=CAQSOwBpAlJWGRlRduoLJVDvI4dLCYM0Y0A0xIwDcjzBBK2YD1ZZ6FAmZwORfTb9VycXaVd73wiB1VrZvVq0GAE&dv3_ver=m202306200101&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=1892159041868644400&adk=3563752640&idt=94&cac=0&dtd=16
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 19:59:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
10322
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4172
x-xss-protection
0
server
cafe
etag
16731591232229431525
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 25 Jul 2023 19:59:23 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230710/r20110914/ Frame 63EC
30 KB
11 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230710/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DbeE3W2OiLHGXeWMeUuo57_GWcGIs-hUmjAVJDexOahovZD_F1u8FhLN_cXX_lm4Byfur3otZsho-45xJHEzk3VAIbyytOeF9kAsKiBpqrZWQ6x08&cry=1&dbm_d=AKAmf-D6GACynMarnSPqdmyww_UtWj2FKcbLVYhEJ-wY98YT2Ha_Clrm-67dJO-xqQdgNuAh0346ZH0bwNUgOdMBMGi_ii7SXXfbj8yIvBKaBVJBuwX-87r2K4gkoa6oMLgAtoC4f0EiMPCkk-bE-a28ePjU0FBjpmlMzEUDpdwuYmQO_fmIQkJ8Um6uOFSWjGVDKVPeulMDZ-XbFpHJKOlOGogeRa1C821HDJuBYqgc1xVdUUQFuAIzCcaKJCLKcgNrVkhETWkYC_pQ8aZqG0uk_01gxefWOIOHFP2SPr4KkU38iDX5KPPibSyIu05GVOGfWzTHy83ab_r7eoEOV4mF65WnkRv4ZF2tDmJvdK0NQwfOrT-syHCHls2oe9OLvF-6EW5sLGjgZzMa_XBPK5e61hLPgQoerSu_D2ggTXiyS8TAfO2PqCEj9sgGICd40at6cJL9ahai-kTkfZpZl8wTWl7MFW0tAdzh4SDY3RmJTEHgC_u2OMvN_gW4ziejkpGE1F_oEy-vr0hkNl48_i02RQuuN3DXZTP-SVmKShPhKOsFz64eoIaoOfl3vtGk2zvFFy7qu9HpIihzdCRtOcAUa-W5xa3FPw4A3sEouslI30LHx6nGIlaHBagxcn-f0aqcySs6LYThemUi3UJyALmrOr9DCPvajEgHE8eXoSlPPV5ybPu_rrm9ssL5bet4Z_iWB8CwuTco_pGs3aOXTJCi2QdOQC8qgLGEQEiwf3wLgRI_IE77Pa4OGp5KE6zGZJ5YXkgxLKUPd79V_V2YowzYNQNHXiH64zHmlLwrtCAC2_oW3lJKVAGKew6yp6eiTBXx_ilV6blfsTZnQ1MA48Q5v-GiQOfUGVcx6kOXcxPbl-DpSYSnlbKYxxn2uBKJq6KUB9_ve51BHHgNqcw7HYboyf6aqfmnEeRqQtOCGsdkyIvVvOi1dmqCEqXOBHrgKvPMFTXeG-hkXxCBmBYW_zFE5KDGFgG-1oaustxFf0-RZCWuX17kxAWRZRTui12BfAuPGqZHyPkT2V0Gp73YMmRJx3KHrB-1PbhocWaBVVp6nV_xKih4ff7qx8-P4thrkVFFgg5L7moVVrg658fUbpyVqi11klVvv_12eJtGN7gpdTWrSmFyZP3a5O8zHbpmmJwYMI09IuyWFFiATH9R9ksLezotqgIVEVb6_V21jB2KcCgTj8o48ZLRWBGmkST0Csu7SoKq5Izm_RTsF1kqBb_pxTblnOfCn5nnMRsGhdb9dRtat0mrkgvKAbnWH4Rg-giRk0J66JgtwbQBy6xDTf8sjq-GUKoGaJl4RJU9Z7M_Mrd46DToeypAAKiCl8FJfvJhKc8yIKqUfW8mkJV-OdxQfNVae2D07lnm4MoWZH_3ESVV_QaIQDsNzFGbyEleCh_DIA50bG_bfe-AM9iyIAXgvCor0offkHY0AC8F7y7Nf-az_Ou0PSQP65Z9KihX97fp3AGo7qa36So3PjoNRHKHWyrd-1okGI4k0kRYSoyBwtLduCbmpm4sWtSl-EFm_BOmGwY4UwHiS8kazRaWEJ7GEmtroUlkzGZFX_8VmKJJCus9dMryz19o30TKIT-VyBzAk3ra5XeVEKSoyNOj5fd-LelroyGVAhd1OQhcwP7usAcG0y8DvDY_9CsH3Z1OQY8wMlF59D7XOBuFXNPd6Vh7RpfupG4flcZZnCbwt4pqqqDWbcBS8DlxCCmcBTSCjdUDw3uUPoqy_wGENfGqL0iJitF_u2Ju2tgX5sfE-LqOWRUHI6hqLFR9SSOOvfP_0fuep-nj86bfnk-IOTH9aKh3_aFpoOsnAkONslR9rHrg1G4H5XPvz-fOl6-slBAoDzxrzbrQEXWfdedFD8gI1KsBUcw_b9SRPvJrzjDvYKgjsQecCSFAdOLuL3tp_IJaTtOivmMaOxc5O1JYxTji470WTzABv6c5YpMVtGxSqi3EV7dhfmvaIhlIIc474ZgM9qba6hs8H9l8BFl6GyGoUPSnHwNdRx0Cqmq36XINQ1HPwLGquTA4SCsETHWRSafW5DmhXm569Jq3rzLuypeGt2Y8K_9YECdxn7J-2K5CFM_yNIxRRCpSWfSD6_IRZsriZbKUY2fkNpb5b797VrVcBRk6a28CBGW75J1AbJz7y5pbSqXsGzSxi9fFfyuqsJA4uPJaZiQNzhkMpiM_zIdSj_PTtz8wYCUir5kUJbpDkR-2shrn9TUDGfGPyzZT4LGTPAshdXn9HRccU_eAA6ybue8YPpEbDJjq7QdzvDx1L7AKddJWszpBUcINWxbW9WU_ETKjucEOiLNEL-4E2LjFsvw2H9wwiRPUUMWJrggFoCI5DOlyFYo67qMGVQW_uyE2J5y2rc1m0DtAp0QjM_qUn-CVLgR-o9ErgmGAZI39n3BCqyeJvT1qXsXObU9uCdrzyhhpBrZjQ7hM0swpfFR1tsXkX61bCBprqwFXoC85Ed8alBGNOfy8rFXA5ULkYVa5A_yOOarPjmdN9SbIIA303QRNR15ke9krzXa4KzXjuJTqaUUeP-REYKhnMyoTkGW4Gvt5Z2TPI29jSS4ulJbo8tZgKAbh5ZoXv2NQ18guMbznzCdIXMDhaMow2DPAJ-5aP_UzCFkfD6e38D3OveS3TYghSjJmSED9f1adcwwi2VKlL91Bx4mW-dmcQknl0t37IbYXAO_QHL1XaAPW5sH01vxw3yCPhX3IlYUIirSEMG8JlT-CCBzCM2A28vb_CpiNRFprkZsL76dLxQP307Ic2h90k4eHDDTrWhdAud4vSSFhyTdkDjAEBh9oSeeDzA2mXhtOC8Wfn4UvwHD_LYCD6tMnl1c36IbykkkHcHFxvq4qQ1ORu24eBGqTJH97hx_fXFerIb0KM8l3GYNIedqiJzlgh0YrSPm3_ExqnVhXWWbIIS064N_1BuXoWkJO2UOUv7nj06SFaW1_wOGUVL2lLbPcfaOOmDaXZI47IgJcYHxV6a3A6IC8wvcwteKsuwhzKWS6OxXbvqBe1naknF_JuBAR_vIKH-1boEIZgmU2_aC40L2PyDrfmNnG5xeB7C9EVhPtyEgayFAOS6xQK1fg5mVBvSz7Kfq5clnJDgz_HmvzAeZ4V3-XKpvJHRGAGj2rawOy-XSL3AI-VocgFEd0i80oyfgumrPT5TsTSA4-78L8rCb6KXImUFo5CcUpd3SiLlJSPOFzxGzYZ8mlGkqY-BwZik3n5HRni7rP258osQhC4xaH-aP9swqwES5kC3PZ9pEiqp-vQpQfhyt-6GZmQ4hOItvgY4EVwS6BnknELYfO35dSAuKo6pise9Dhnc6lNLSTzd8_JC_QFSgTIktXiMJBjpWvYfXXJx6qsb8x80CKE2hS9ROjVEEsPOE0Y60JCtP9XBFH7nZPMhSfw9-mA6yTnO2DwVpJQ9o1wQOJhOXgwo1yy3dD1_3Y_dPZiuzBrZuDQFaHlil5oi7Pw7UAR-s97UQQ1R1DeLpiU0i_rNOXe-3W2UXBIXQoHAY9mLfy3p-N-1rF5RjBW0jZI7RD2pyPG2P1XaH9zU9sZCKR6VlJrB4HrfaqFDZgQh-3ibmHpBlH8xVdvYgmoGr1JBT_m6nqhXyEV-7qLoW6xveyGY0j2084I3vbHG0&cid=CAQSOwBpAlJWGRlRduoLJVDvI4dLCYM0Y0A0xIwDcjzBBK2YD1ZZ6FAmZwORfTb9VycXaVd73wiB1VrZvVq0GAE&dv3_ver=m202306200101&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=1892159041868644400&adk=3563752640&idt=94&cac=0&dtd=16
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
484eef6459e8a58c19115f287339366d82a7c2beeb7a35c7e16789b592515aec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 20:05:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
9936
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11545
x-xss-protection
0
server
cafe
etag
12064860844701496540
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 25 Jul 2023 20:05:49 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 63EC
41 KB
13 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x67420x0229.html?fbclid=PAAaae-SdJFaTCe2X2Rz0YQJeaF_cmcYz8_lmUJJDaLttsAGULWuQIAYEIFUc_aem_AWqMemsf4qpLbeZbkZhrgOzXLw4pKQpSKaow2V3Sax-iHPbhThvsND2Me74HsU0i7CvE1WRhY0ku0e2hAZgH8ddB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 13:52:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
32330
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Jul 2024 13:52:35 GMT
i.match
s.tribalfusion.com/z/ Frame 179B
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESECxj97dEpEbQOtd_-hVjwt8&google_cver=1&google_push=AaAOQGFuV8TDkZnJrLba8xEqkhT6Rbxp09FV1BdLv4O8V2wOGk7rC4uth-jP-dtq5QbzlqKUIl34XhaGYgJsUFbI45e9WI2owuHJT...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESECxj97dEpEbQOtd_-hVjwt8&google_cver=1&google_push=AaAOQGFuV8TDkZnJrLba8xEqkhT6Rbxp09FV1BdLv4O8V2wOGk7rC4uth-jP-dtq5QbzlqKUIl34XhaGYgJsUFbI45e9WI2owuH...
43 B
414 B
Image
General
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESECxj97dEpEbQOtd_-hVjwt8&google_cver=1&google_push=AaAOQGFuV8TDkZnJrLba8xEqkhT6Rbxp09FV1BdLv4O8V2wOGk7rC4uth-jP-dtq5QbzlqKUIl34XhaGYgJsUFbI45e9WI2owuHJTw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGFuV8TDkZnJrLba8xEqkhT6Rbxp09FV1BdLv4O8V2wOGk7rC4uth-jP-dtq5QbzlqKUIl34XhaGYgJsUFbI45e9WI2owuHJTw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: www.nefisyemektarifleri.com
URL: https://www.nefisyemektarifleri.com/etsiz-nohut-yemegi-248941/
Protocol
H2
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 22:51:25 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7e549c6c4fdf1903-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 11 Jul 2023 22:51:25 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
351
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESECxj97dEpEbQOtd_-hVjwt8&google_cver=1&google_push=AaAOQGFuV8TDkZnJrLba8xEqkhT6Rbxp09FV1BdLv4O8V2wOGk7rC4uth-jP-dtq5QbzlqKUIl34XhaGYgJsUFbI45e9WI2owuHJTw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGFuV8TDkZnJrLba8xEqkhT6Rbxp09FV1BdLv4O8V2wOGk7rC4uth-jP-dtq5QbzlqKUIl34XhaGYgJsUFbI45e9WI2owuHJTw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7e549c6a9dda1903-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 179B
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESECJsILMId5rW8dsgw4L83jg&google_cver=1&google_push=AaAOQGEqMUY4VR3S_EKQSdzEefO7EGBmfk7Q4UrzzbM5FYaKX1nuq60oc4BxjAlfFsDM9-ABQ-1bnXTq1XR...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AaAOQGEqMUY4VR3S_EKQSdzEefO7EGBmfk7Q4UrzzbM5FYaKX1nuq60oc4BxjAlfFsDM9-ABQ-1bnXTq1XRXmyULoKgZL29ZFcvhSg&google_hm=4QgSJvLfQA6xgyGMiO...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AaAOQGEqMUY4VR3S_EKQSdzEefO7EGBmfk7Q4UrzzbM5FYaKX1nuq60oc4BxjAlfFsDM9-ABQ-1bnXTq1XRXmyULoKgZL29ZFcvhSg&google_hm=4QgSJvLfQA6xgyGMiOtDcbc
Requested by
Host: 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
URL: https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 22:51:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 11 Jul 2023 22:51:24 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AaAOQGEqMUY4VR3S_EKQSdzEefO7EGBmfk7Q4UrzzbM5FYaKX1nuq60oc4BxjAlfFsDM9-ABQ-1bnXTq1XRXmyULoKgZL29ZFcvhSg&google_hm=4QgSJvLfQA6xgyGMiOtDcbc
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 179B
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEMezLPIF41N67ll2BMddKS4&google_cver=1&google_push=AaAOQGGKxUXUqc7gr9QzAVY0NtWhw5wegTMUCb2Hq-7AuMUb3H4F9EXNZFcUMK1qZSyiuU14DnUJ5QOYrzggmD...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI1NDY5NzQ4NTIzMjg5NjE1MQ%3D%3D&google_push=AaAOQGGKxUXUqc7gr9QzAVY0NtWhw5wegTMUCb2Hq-7AuMUb3H4F9EXNZFcUMK1qZSyiuU14DnUJ5QOYrzggmDMWR_...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI1NDY5NzQ4NTIzMjg5NjE1MQ%3D%3D&google_push=AaAOQGGKxUXUqc7gr9QzAVY0NtWhw5wegTMUCb2Hq-7AuMUb3H4F9EXNZFcUMK1qZSyiuU14DnUJ5QOYrzggmDMWR_JxgsanMGU8Xw
Requested by
Host: 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
URL: https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 22:51:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI1NDY5NzQ4NTIzMjg5NjE1MQ%3D%3D&google_push=AaAOQGGKxUXUqc7gr9QzAVY0NtWhw5wegTMUCb2Hq-7AuMUb3H4F9EXNZFcUMK1qZSyiuU14DnUJ5QOYrzggmDMWR_JxgsanMGU8Xw
Date
Tue, 11 Jul 2023 22:51:25 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame 179B
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=GaKNndidRR-jveUq6OgFrA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=GaKNndidRR-jveUq6OgFrA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AaAOQGHaHq6xZmvN-SNBkwP2SKKF5Qxke8dn8bMtZ1To2QQJ-A5sQwsYHCHiQrBLV2R_eBDx7qWpFQ6J4S0MccySlM0Z19YDmIwJ
Requested by
Host: www.nefisyemektarifleri.com
URL: https://www.nefisyemektarifleri.com/etsiz-nohut-yemegi-248941/
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 22:51:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=GaKNndidRR-jveUq6OgFrA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AaAOQGHaHq6xZmvN-SNBkwP2SKKF5Qxke8dn8bMtZ1To2QQJ-A5sQwsYHCHiQrBLV2R_eBDx7qWpFQ6J4S0MccySlM0Z19YDmIwJ
date
Tue, 11 Jul 2023 22:51:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 179B
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEGoBeAkuCV-8nkdNvGGjDt8&google_cver=1&google_push=AaAOQGEm_ezOVfQjQGyFYBIXoDHjMiii0F77dAJOqKFO1v5T7HXIQoDDr8G-JX__Ssc5w50cFF8BvjKvp2NR...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGEm_ezOVfQjQGyFYBIXoDHjMiii0F77dAJOqKFO1v5T7HXIQoDDr8G-JX__Ssc5w50cFF8BvjKvp2NRlGXi0exYKd40xqQkgg
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGEm_ezOVfQjQGyFYBIXoDHjMiii0F77dAJOqKFO1v5T7HXIQoDDr8G-JX__Ssc5w50cFF8BvjKvp2NRlGXi0exYKd40xqQkgg
Requested by
Host: 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
URL: https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 22:51:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGEm_ezOVfQjQGyFYBIXoDHjMiii0F77dAJOqKFO1v5T7HXIQoDDr8G-JX__Ssc5w50cFF8BvjKvp2NRlGXi0exYKd40xqQkgg
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
pixel
cm.g.doubleclick.net/ Frame 179B
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEBmIT6GWn9D83sZQtSa_KwM&google_cver=1&google_push=AaAOQGG3P15tewfWiyYDW5nnztivslyKwI8X1JpyJD3Drt762EkZp6XMXGAiJQSRYcOx41JRkWNfcevBqX91_Q63EQ-dcG...
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEBmIT6GWn9D83sZQtSa_KwM&google_cver=1&google_push=AaAOQGG3P15tewfWiyYDW5nnztivslyKwI8X1JpyJD3Drt762EkZp6XMXGAiJQSRYcOx41JRkWNfcevBqX91_Q63...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=dGMJ18AAQxumdCjJzDMIpQ&google_push=AaAOQGG3P15tewfWiyYDW5nnztivslyKwI8X1JpyJD3Drt762EkZp6XMXGAiJQSRYcOx41JRkWNfcevBqX91_Q6...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=dGMJ18AAQxumdCjJzDMIpQ&google_push=AaAOQGG3P15tewfWiyYDW5nnztivslyKwI8X1JpyJD3Drt762EkZp6XMXGAiJQSRYcOx41JRkWNfcevBqX91_Q63EQ-dcG-z1peFog
Requested by
Host: www.nefisyemektarifleri.com
URL: https://www.nefisyemektarifleri.com/etsiz-nohut-yemegi-248941/
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 22:51:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=dGMJ18AAQxumdCjJzDMIpQ&google_push=AaAOQGG3P15tewfWiyYDW5nnztivslyKwI8X1JpyJD3Drt762EkZp6XMXGAiJQSRYcOx41JRkWNfcevBqX91_Q63EQ-dcG-z1peFog
access-control-allow-origin
*
date
Tue, 11 Jul 2023 22:51:25 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pixel
cm.g.doubleclick.net/ Frame 179B
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEI...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AaAOQGF-14aP1L_FDcTHj5dy11VoPduARQuhVDVp9wAH3CFdW1IQyBCnTOOGX6xigRfA_Gjv3x2ol_mjMmun0DssZoWsiI48tCCO&redir=https%3A%2F%2Fcm.g.doubl...
  • https://sync.targeting.unrulymedia.com/csync/RX-d31a465d-2612-4819-880a-62be39e763be-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAaAOQGF-14aP1L_FDcTHj5dy1...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AaAOQGF-14aP1L_FDcTHj5dy11VoPduARQuhVDVp9wAH3CFdW1IQyBCnTOOGX6xigRfA_Gjv3x2ol_mjMmun0DssZoWsiI48tCCO&google_hm=A9MaRl0mEkgZiApivjnnY74
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AaAOQGF-14aP1L_FDcTHj5dy11VoPduARQuhVDVp9wAH3CFdW1IQyBCnTOOGX6xigRfA_Gjv3x2ol_mjMmun0DssZoWsiI48tCCO&google_hm=A9MaRl0mEkgZiApivjnnY74
Requested by
Host: www.nefisyemektarifleri.com
URL: https://www.nefisyemektarifleri.com/etsiz-nohut-yemegi-248941/
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 22:51:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AaAOQGF-14aP1L_FDcTHj5dy11VoPduARQuhVDVp9wAH3CFdW1IQyBCnTOOGX6xigRfA_Gjv3x2ol_mjMmun0DssZoWsiI48tCCO&google_hm=A9MaRl0mEkgZiApivjnnY74
date
Tue, 11 Jul 2023 22:51:25 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXd31a465d26124819880a62be39e763be003
content-type
text/html
attr
cm.g.doubleclick.net/pixel/ Frame 179B
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LMhIc1YpextWDUgg4uNmjWyPwn1yen33nfkQvEI8dN61MdKrxJYG4i8ctt-YZ-qRZLKYXs
Requested by
Host: 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
URL: https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 22:51:25 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
s
googleads.g.doubleclick.net/pagead/drt/ Frame EA60
143 B
166 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
URL: https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2379
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 11 Jul 2023 22:11:46 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame DEBC
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
URL: https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
21529
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 11 Jul 2023 16:52:36 GMT
etag
48472445140208031
expires
Wed, 12 Jul 2023 16:52:36 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame D5D0
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
53ee5ad93dc23224b5d9ec613e93e7e006bdbea82e880c02be4e948a297edb57

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame B3EF
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
URL: https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
21529
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 11 Jul 2023 16:52:36 GMT
etag
48472445140208031
expires
Wed, 12 Jul 2023 16:52:36 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 63EC
208 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1ad5747edeb5f3e7d0a61b217844a817c7c1d48f0fecdec3d20580230f40c339

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
ad
googleads.g.doubleclick.net/dbm/ Frame D5D0
42 B
63 B
Image
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AK8lJs0cTCr7k7fuDIGAL1TlXTTNxRQlhik3D3EpkmILgLXf_QnlkDHX0SSswfDnkW5W8GjQS3op7M3_6T63w40Qp-kNHQgJwBktq5-2Sc-dYru8FZyMpSbJWF1ssrIP3xHqd_XeQbNnLPcZ-uEZXKMreaFg&dbm_d=AKAmf-Bqm49ytVgPqbmMDe0W5zS1pdJvRnayTfOBK5abOd3U_YNdrVECHj6Pto3B1Vj63DbiZKrUfH0C6l82LXlj0jHs6sB1jMCjDwGPuyAIRLzl8bPbqPEA1a0nqR6COFSDXGnoYhXI_PJAqQ9bj_GaAWI4W5ZZ_cwct0tlm4qCANRT4RtuZ_I_OgMgDlzD9xbrBisY4hxgYpT48cF0w4ynzaZy_6Q4lHQv7hJQrJDRZohPfSXk4nJXNH--pBXwHW3-lwv4mG4eZPbMaNVrdYuRVPq_AzQlBuukQhky4MTY_1VrDumjpsQOfVEaU0F44qDYnhnFb-h0BDK7E9zt40r8BlUkhklqNLllu75YrHykWoZYxD68uLxGJUNE0QWorv8e-guq0-iUSD4SksjWpVsjR7C_dZM4l3T0ZGtDZKUr4CNJLL5puZWxKEKN7gLZPDtZvf4LxA_wE1rwL7dy-G_cQUQQarZ0k0zk52cuXepMjVlaVXhyTk2flA_5NPWJtIUEebPeJEqGDyU4mYTWwhASOX03tZrOcuEHv-x2LDHODdWLD2Bq2jLXtOLxLfTF583gwnInEHuJgqKpxF49Wp1vjHYmFMYWi4Ro1nkW5P2Py3sH4WYEaLHn1YAKvouoes7yJfQW8h1FeawzG0vBsZXULovi7GDCFlXxnri8MyieXmfIXNksmaTLAINls-RiMyYxaiM3R9M0MUQLLnXd5CTwwP4Ang5-00hCV_YBOM8_MESn0vuZ8E8hH1ZrtASiP6afOYw6T1gLlaxndMEDk1i5RGEkUG5f3bd3ONImjMGoLZ73ByO_inZE6MBc1p9-VKwP3Quntg5eq3RzDjpwNAQ_XoMcy8aUK9Uj5CwXQlb3eHCrOSTpPUUvambyARFsK5bsI3IT5komkQT3uIV7zmp53fJiZt63QSHLJf9mEu8W0JojgbD6MLexCOr9Fyu4AfB7FDWGj1M2cJFGocIKUqEAUTHbz0UZg_9wPRi7tgYQBCW-oYGS7CNVheYrZ87t8njYyL7DOPychRlg0L7a5lkhWG6Lvq6gVeaEDwn67ixDowfUjoSUI8U6L_uKMv7Dv4gFXaLkfGetKCajIRKdtvGwyh6-d0lswTYUoTkjoKG69uPrqKyaguU8stiacI_Zk_XB1yQmJbQXqbYJjoWxq9HJjm7Hj7NcHEz0CYGxUpF2g1NScVmafKnN4f5K1sCtP7gcFyVAdsfvhof6vA7in6hdpx5eJZQEbnKibWwsjZrBf4Zyc4zK5BxYtgleU3_4enTWn9QVjWuerYoBKmDHjy5t_Bb9r7P7MaPenNA5XNs27ZTnbs0BqMDHJHGFrWrCBGvu59KupSFHD5NQITZrWAc40r2brFYK8Uvk138xVKdIr08pXJfOosZ931FckY4YooaZc92eRfFW-EhXCo5ZDdopWJ0q52mrm5Y_c-qi7fxS6Z5LkP_uLhvpgHHY_wZlNOokV6cMCQMgV0yz_sagKQ86HUEbWzPHLgB49zyODVcgHtcZGOyjgxZcVKDoBQ3yiq5eLRWHm0VfAie2Jd6khkGlaQKKrcbaDDlsZG9fIJ4FVJuFY5ockGqCSz-oNMZ4JryrSIBZ3BH83cbOINMSQ0VLPUoemkyyQ-UMjek0zOpK-fYlE_CbxhzNg8k5Mx-h1GQNNWn1GLm1PMqXyZCYkrVgBKC-g8dk8tYEyEaJoVmhxKGynB1mNsXGtMzv2kH9RUeZWhSUAft4Dkp98YBRjK2YRNEP-WHslD4cd8n6FlXG_1D1M9EaW59oUMAInzW2YgKDf2mWKeRSc2SEPQ0wKZiXeGTtuTHz3Ql7xCjka5r5NfJl172AMIFyCwRHvgDVetpn7ZnLKds5qSJHK1wWhWcUJk4uFd-tL0bdjtY22dheAPPrxbEYcXKIRHxKUUZVaDxNXHF9s4OSH_2JnlrOHIJivXD5ZqL80W8iN51RSZOSI2ZuNZ3TgJkcFAvS6cpG5-3zPcvynUnir26LpkNIqFFVMh9L_3oLP9nC2bDv2J4wKbQSohiJwul4uX5dUKASxZUHjdPozYKagZ0aF4Tibg6uRo1UMOEOFVwjMGRrLNu6OhX6aRZRz0-IXTStNDXYeb-dyUVu4MWr3TYc2tC-Qh3WpTQ-8jriMGCzJ7Cai92DAznA1ZVZlRAPe78dJCG_II7H7Ny-7UzLlxUjV7Z5ZQKDlMv5jA74uT4Tvg25HN09T5berboMgdPj4xmXjmhIOHS8F0QNDG-Ob5E1ldF6PhzL32_Jopdx5HGwKqKqKBx4UO5gGFdzi7I2zutRNPOaV-YxR0kH8XerufZwABl1TTcXC8aFS6zUL9VfB6S1YWKu-O8tRKR0DMHbHCMbk1VjBvId9tKFsyCo1D1SNUsese1o3EUqh-kUKXptSmgl5Q98--u0EMT3b6-uKG73cHWigSUcd597PCkBys-DFrwTHNxmDx1Pvrq3l4RkzjBRXtBwW5BEmN5Pd0hniy7bwER9gqbeJg3ZChJCQbh8Gg5Yi-lAsCV5tvf_Z1t5DKTWFzT2VIusxlapOQ5GbuL2WavHAGiMyBuCvyBFz_TcLoal8RF1sclJz16kxZKxmYQMdJGeJRZt4nDhXn71rZ_yleM2mVeg1U3lLKD376YS5zthyOF5OEkNWocKQ8q9fHwgHJVnkrhjUUoHMV83h8VbXQtSeddo3-IxIQmg7Zekn_aferzUByRS3dzrRFSEzL8UTqaZmsKS4fbVv2w5cRLIvidCXuEa10tbUFGXyT1FOgDYjmz1E9Lb_tEv3L75Q8p9Aq8HmRU32SB6COXptzCgaYfKzaPwiMs_nyqXIBmBqqoT8LELRrG04r3murJ0Po5Q8COdTDQ7hQGphE7aDd6rOA1AWYxmrSieLisFcjKGIBvHrkL4xvgIFQnkyM8b8HGGEK8KlZ-xdBLUvgcHve-BRMCk2PthoVhmECuvMwvQpMOyc-0JPdnHZZOBcAD_5QSxAdGtj1_niNanymtuvr3ylid22O48wdts5t5GRUF1Jh6DlAAKBD1Tl3EPniJRnsljl6ChZQ2TX7Il7RnnPRZvvPD0_qbNoHss_CiFHk-e58VvNRCQJbNAmuPCnEX54p2Xo3OX55bkLlExTqeI00QlLWvIVSXRpcdbxgPMLBlwapHYtg4sKg8fEEuJmBMpgipSrSYpOZzo-Kyg7m1W5w5hsHTQ42tHvyrWamuZGlTwYwtpi560ykC6vZlka4TMmeTdhQ_qeHQA4iqKEO_vqSfcivGDyYCykxrbt36xGRhXeLxXtKMmOxjQEjoiAFn9G1LHhCCD8nT8Q7Z3gVOuxolxxb6vuW1K5t6dk9O4PInzaQzv8yWEfx5KdAz1ihi7n8k7AdRghZkcBCLWxCKhOQX3vpCLRMQVBP8w3Kww3WkP7-ffzNG-ZIvktBCyW1CcpXKxRJ3FtPyafutwAzaScQ5SRO6lh-eZECzhOlW1y7JQi1o9xTvqd7Iyf9TxDhQGmyhx4E-9s1l8l8FKGGFPnRCEA1NMLK8Y7GFXVpb_LqXFROsc-NSph6LSBzCI_Xdx16Q6H-famfkjXPd8z1TorWvv3gPjGCgSzL9OVR2VgxesCkMeCeGJqXzOlevULZvCtboddBmz7rVsTebDj4RmlYtXKQOc16w7nZLG1qAgswX7q9UC_7gag3baYm0fgA&cid=CAQSOwBpAlJWJccOMhb8z1WCHWysJBzttrarw2mLBFUfKvQrTyUKLhAViRZcQewE2bKPU3ggoxuAjBVFTnCRGAE&dc_exteid=31158688436005216959394372737258285&dc_pubid=4&cbvp=2
Requested by
Host: 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
URL: https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 22:51:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame D5D0
0
0
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CbBlJ7NytZLaeGr2n9u8PzvSOkAXXuuDNcYeAi7PMEc6Focr2ARABIMCygmtglfrwgYwHoAGLseeRKcgBBqkCmehu2UZ3sj6oAwGqBIgCT9AORwv_afw3saTQrovr3eWUFwR2GucfwJrwdFj7LuQdsZkDteGNPB_N17WQnnwoZ6wQpiH-Bo2DAVJQ5mbrCNRvQbneSGJyV22i9wsjtB12-Lpk7LFmm2F0NEdL7dWX42z0TGkjbUPBYdPepGQ3Jp3fS_D3kg4bt0nd-u35Wd9Uu5AXlavdq_C0Yw9X049UFhIa2z9Rg8H8lUz_ZkzuCxf7yh-3yAoSr8agpn5TKwWKmQwM6_ffefZWuZ4ai9dFf6X6RO_v3xlSZ27DjY4pQYDrJGfYGJsL_SGXtFg5A1HpAhY18ymA0lw1UNBaQLFKoorr7Z82GIdaYJDtUx8bUTFxwO1KIr-dwATI8aD6tATgBAOIBb2ShutLkgUGCAMQARgBkgUGCBsQARgBkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAY3gAeL6bfxA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcKEJbXFRjS_q7wAdIIFgiA4YAQEAEYHTICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTYxNDU3NjA5ODQyODMxMzOACgPICwGwE-CChhTIE5yvnOMD0BMA2BMK2BQB0BUBgBcBshceChwIABIUcHViLTY1OTM1MjMyMTAwMTAxNTQY6sFt6BcB&sigh=_JXeLh4GK9Y&uach_m=[UACH]&cid=CAQSOwBpAlJWJccOMhb8z1WCHWysJBzttrarw2mLBFUfKvQrTyUKLhAViRZcQewE2bKPU3ggoxuAjBVFTnCRGAE&template_id=509&vt=10&cbvp=2&vis=1
Requested by
Host: 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
URL: https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

bridge3.580.0_en.html
imasdk.googleapis.com/js/core/ Frame F7FC
713 KB
228 KB
Document
General
Full URL
https://imasdk.googleapis.com/js/core/bridge3.580.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
79c277fbe5ccce5c88a681d39733fba8d6c31f1812f8952ec3a5e35b2b0beab4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nefisyemektarifleri.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
344171
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
233312
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Fri, 07 Jul 2023 23:15:14 GMT
expires
Sat, 06 Jul 2024 23:15:14 GMT
last-modified
Fri, 07 Jul 2023 23:05:23 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame 82A3
44 KB
16 KB
Script
General
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nefisyemektarifleri.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 22:51:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 11 Jul 2023 22:51:25 GMT
10710800
panel.izlesene.com/api/player/npm_nefisyemektarifleri/ Frame 82A3
1 KB
1 KB
XHR
General
Full URL
https://panel.izlesene.com/api/player/npm_nefisyemektarifleri/10710800
Requested by
Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=7/11/2023
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.7.176.4 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
nginx/1.4.4 /
Resource Hash
b3944f49dff08c01aaa04c97cecc55aafe381b05c7af1a8728725458e066c46f

Request headers

Referer
https://www.nefisyemektarifleri.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Tue, 11 Jul 2023 22:51:25 GMT
Content-Encoding
gzip
Server
nginx/1.4.4
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Connection
keep-alive
Expires
Sat, 26 Jul 1997 05:00:00 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 2ADD
39 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3ea555c1e979c28e1d20d729c64ff36b267b83dcabdefe96460d9ae860e4082f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 22:44:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
433
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13681
x-xss-protection
0
last-modified
Wed, 05 Jul 2023 22:37:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 11 Jul 2023 23:44:12 GMT
nyt-logo-duo-200.png
mn.nytcdn.com/wp-content/assets/img/ Frame 82A3
3 KB
4 KB
Image
General
Full URL
https://mn.nytcdn.com/wp-content/assets/img/nyt-logo-duo-200.png
Requested by
Host: www.nefisyemektarifleri.com
URL: https://www.nefisyemektarifleri.com/etsiz-nohut-yemegi-248941/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3002e63c4d3d76bb53d4618f047d2c0a50b692602ea8d6f19ef19bd1dfade34
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nefisyemektarifleri.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 22:51:25 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
3269
x-xss-protection
1; mode=block
last-modified
Thu, 24 Mar 2022 06:41:37 GMT
server
cloudflare
etag
"623c12a1-cc5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8waHEinWwLMYX12WdyJYR9rf9nV6MKLPvGMeUMi5LOmOlc%2BEWPZMS7oD78WMs2PnCU%2BxoW1F3lUKsSbWcTm8%2B3zL3jxwMhF76APe%2FgkVmz6XvBswfcb86VP%2Flg6a3wmZZ3%2F77WMEJOwRkQdg"}],"group":"cf-nel","max_age":604800}
x-varnish
806639393 797977566
content-type
image/png
access-control-allow-origin
*
x-abc
local
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7e549c6aa8fa90d6-FRA
x-nyt-cache
hit cached
dpixel
cms.quantserve.com/ Frame BFAB
35 B
463 B
Image
General
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEPeUx0jQJ-0-i6un55oahIU&google_cver=1&google_push=AaAOQGFvyuKXybLvaW381GPmHpjAkPMKplSnl2n56xaaF5rpUZ1UUElGAwD86HbSu7ZyS5jes0RSL9hsDlSSEEZrFcHw1rqP6thAmA
Requested by
Host: 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
URL: https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 22:51:25 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
i.match
s.tribalfusion.com/z/ Frame BFAB
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESENq0E6ZTNyMf8CcDGzF9Z20&google_cver=1&google_push=AaAOQGGWOs6zze_rTObWH9thpSRamw4xTx8tGkePHzvHJI_AK_IcU8NpgImLSBc1hCbFPTBLTdmtMbWPF2R3Vi8mM8NFL0S7N0wyW...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENq0E6ZTNyMf8CcDGzF9Z20&google_cver=1&google_push=AaAOQGGWOs6zze_rTObWH9thpSRamw4xTx8tGkePHzvHJI_AK_IcU8NpgImLSBc1hCbFPTBLTdmtMbWPF2R3Vi8mM8NFL0S7N0w...
43 B
410 B
Image
General
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENq0E6ZTNyMf8CcDGzF9Z20&google_cver=1&google_push=AaAOQGGWOs6zze_rTObWH9thpSRamw4xTx8tGkePHzvHJI_AK_IcU8NpgImLSBc1hCbFPTBLTdmtMbWPF2R3Vi8mM8NFL0S7N0wyWA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGGWOs6zze_rTObWH9thpSRamw4xTx8tGkePHzvHJI_AK_IcU8NpgImLSBc1hCbFPTBLTdmtMbWPF2R3Vi8mM8NFL0S7N0wyWA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: www.nefisyemektarifleri.com
URL: https://www.nefisyemektarifleri.com/etsiz-nohut-yemegi-248941/
Protocol
H2
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 22:51:25 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7e549c6c5feb1903-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 11 Jul 2023 22:51:25 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
935
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENq0E6ZTNyMf8CcDGzF9Z20&google_cver=1&google_push=AaAOQGGWOs6zze_rTObWH9thpSRamw4xTx8tGkePHzvHJI_AK_IcU8NpgImLSBc1hCbFPTBLTdmtMbWPF2R3Vi8mM8NFL0S7N0wyWA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGGWOs6zze_rTObWH9thpSRamw4xTx8tGkePHzvHJI_AK_IcU8NpgImLSBc1hCbFPTBLTdmtMbWPF2R3Vi8mM8NFL0S7N0wyWA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7e549c6abdfb1903-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame BFAB
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEFeC7lRQDk8aakQfh9C8WmE&google_cver=1&google_push=AaAOQGF8VJty8-BksnGJ4uSzW-FA_IQpV8e5Ojujlz-FrS4o9AyryliNGV7KSglq8behX7P8PjeeLv5F...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEFeC7lRQDk8aakQfh9C8WmE&google_cver=1&google_push=AaAOQGF8VJty8-BksnGJ4uSzW-FA_IQpV8e5Ojujlz-FrS4o9AyryliNGV7KSglq8behX7P8Pje...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTE5MzU5MTgyMjAxNjMzMjk1Nw&google_push=AaAOQGF8VJty8-BksnGJ4uSzW-FA_IQpV8e5Ojujlz-FrS4o9AyryliNGV7KSglq8behX7P8PjeeLv...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTE5MzU5MTgyMjAxNjMzMjk1Nw&google_push=AaAOQGF8VJty8-BksnGJ4uSzW-FA_IQpV8e5Ojujlz-FrS4o9AyryliNGV7KSglq8behX7P8PjeeLv5FBXqHNmiDSmDP6wd8UdP77A
Requested by
Host: www.nefisyemektarifleri.com
URL: https://www.nefisyemektarifleri.com/etsiz-nohut-yemegi-248941/
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 22:51:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 11 Jul 2023 22:51:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTE5MzU5MTgyMjAxNjMzMjk1Nw&google_push=AaAOQGF8VJty8-BksnGJ4uSzW-FA_IQpV8e5Ojujlz-FrS4o9AyryliNGV7KSglq8behX7P8PjeeLv5FBXqHNmiDSmDP6wd8UdP77A
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame BFAB
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=R7dUWa-fRMqnnl7sVCyzPA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=R7dUWa-fRMqnnl7sVCyzPA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AaAOQGHOKE-GH0gYhMra6M3ioGsIVYB3oykqRjTVnDho8CenO41d46S4Mli9iT4zFRRqZLlIbjJWDFlAVYEed9Ck1wUzvxN6QjfL
Requested by
Host: www.nefisyemektarifleri.com
URL: https://www.nefisyemektarifleri.com/etsiz-nohut-yemegi-248941/
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 22:51:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=R7dUWa-fRMqnnl7sVCyzPA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AaAOQGHOKE-GH0gYhMra6M3ioGsIVYB3oykqRjTVnDho8CenO41d46S4Mli9iT4zFRRqZLlIbjJWDFlAVYEed9Ck1wUzvxN6QjfL
date
Tue, 11 Jul 2023 22:51:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame BFAB
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEJ...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AaAOQGHrhDWTsl8u5nOJX8lk1f0Hkprp9-5VToW172XKHFTGiK3m68SEXYCrIPLE4PgcFdmGKCIzUFrqEDm1OolBwS3HC4Mi4oyNpw&redir=https%3A%2F%2Fcm.g.dou...
  • https://sync.targeting.unrulymedia.com/csync/RX-d31a465d-2612-4819-880a-62be39e763be-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAaAOQGHrhDWTsl8u5nOJX8lk1...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AaAOQGHrhDWTsl8u5nOJX8lk1f0Hkprp9-5VToW172XKHFTGiK3m68SEXYCrIPLE4PgcFdmGKCIzUFrqEDm1OolBwS3HC4Mi4oyNpw&google_hm=A9MaRl0mEkgZiApivjnnY74
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AaAOQGHrhDWTsl8u5nOJX8lk1f0Hkprp9-5VToW172XKHFTGiK3m68SEXYCrIPLE4PgcFdmGKCIzUFrqEDm1OolBwS3HC4Mi4oyNpw&google_hm=A9MaRl0mEkgZiApivjnnY74
Requested by
Host: www.nefisyemektarifleri.com
URL: https://www.nefisyemektarifleri.com/etsiz-nohut-yemegi-248941/
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 22:51:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AaAOQGHrhDWTsl8u5nOJX8lk1f0Hkprp9-5VToW172XKHFTGiK3m68SEXYCrIPLE4PgcFdmGKCIzUFrqEDm1OolBwS3HC4Mi4oyNpw&google_hm=A9MaRl0mEkgZiApivjnnY74
date
Tue, 11 Jul 2023 22:51:25 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXd31a465d26124819880a62be39e763be003
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame BFAB
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESELGa0H5TUgVdVrNdosKRLaY&google_cver=1&google_push=AaAOQGHlCamsY-212SA-gt_mUtRb5Khj6oEPe8Iv-owfhxEUfKjElYcNQHDFFqcAqiS_NlGTJg9SdrVn0Qy3dWrFCEBebVWPEC...
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AaAOQGHlCamsY-212SA-gt_mUtRb5Khj6oEPe8Iv-owfhxEUfKjElYcNQHDFFqcAqiS_NlGTJg9SdrVn0Qy3dWrFCEBebVWPECL...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzU1MDE3ODE0NTgzNzA4Njg0NzA4OQ%3D%3D&google_push=AaAOQGHlCamsY-212SA-gt_mUtRb5Khj6oEPe8Iv-owfhxEUfKjElYcN...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzU1MDE3ODE0NTgzNzA4Njg0NzA4OQ%3D%3D&google_push=AaAOQGHlCamsY-212SA-gt_mUtRb5Khj6oEPe8Iv-owfhxEUfKjElYcNQHDFFqcAqiS_NlGTJg9SdrVn0Qy3dWrFCEBebVWPECLMSg
Requested by
Host: www.nefisyemektarifleri.com
URL: https://www.nefisyemektarifleri.com/etsiz-nohut-yemegi-248941/
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 22:51:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzU1MDE3ODE0NTgzNzA4Njg0NzA4OQ%3D%3D&google_push=AaAOQGHlCamsY-212SA-gt_mUtRb5Khj6oEPe8Iv-owfhxEUfKjElYcNQHDFFqcAqiS_NlGTJg9SdrVn0Qy3dWrFCEBebVWPECLMSg
date
Tue, 11 Jul 2023 22:51:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
report
sync.teads.tv/um/ Frame BFAB
Redirect Chain
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEOuH_AIIpPiu...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AaAOQGFKpQzAbm0NKauL_YMKD21u5psX69VpYG57pbJwYWJb49bN6edtjXBg_N2uCa03bLkrck4TVM9UqWLS8HL9s9xIA4hc1_8vtw
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
163 B
Image
General
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by
Host: www.nefisyemektarifleri.com
URL: https://www.nefisyemektarifleri.com/etsiz-nohut-yemegi-248941/
Protocol
H2
Server
23.192.153.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-153-28.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Tue, 11 Jul 2023 22:51:25 GMT
pragma
no-cache
date
Tue, 11 Jul 2023 22:51:25 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 11 Jul 2023 22:51:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame BFAB
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KE8B92JkY6wee_XfKgKkwH7h-7dPgIkMLpyu8a4M82Kb_a9zZEKLXybK5WSV1LTln82grKyg
Requested by
Host: 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
URL: https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 22:51:25 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame 249D
23 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
530741
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
7799
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 05 Jul 2023 19:25:44 GMT
expires
Thu, 04 Jul 2024 19:25:44 GMT
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
skeleton.js
fw.adsafeprotected.com/rjss/st/1534583/72389193/ Frame 276C
47 KB
12 KB
Script
General
Full URL
https://fw.adsafeprotected.com/rjss/st/1534583/72389193/skeleton.js
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x67420x0229.html?fbclid=PAAaae-SdJFaTCe2X2Rz0YQJeaF_cmcYz8_lmUJJDaLttsAGULWuQIAYEIFUc_aem_AWqMemsf4qpLbeZbkZhrgOzXLw4pKQpSKaow2V3Sax-iHPbhThvsND2Me74HsU0i7CvE1WRhY0ku0e2hAZgH8ddB
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.148.89 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-148-89.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
1a756bda29a09d6fb12756106e90cfc9a068244c340f128b19207109d706014b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 22:51:25 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 276C
172 KB
60 KB
Script
General
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x67420x0229.html?fbclid=PAAaae-SdJFaTCe2X2Rz0YQJeaF_cmcYz8_lmUJJDaLttsAGULWuQIAYEIFUc_aem_AWqMemsf4qpLbeZbkZhrgOzXLw4pKQpSKaow2V3Sax-iHPbhThvsND2Me74HsU0i7CvE1WRhY0ku0e2hAZgH8ddB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
Origin
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 14:24:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
30400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 12 Jul 2023 14:24:45 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230710/r20110914/elements/html/ Frame 276C
11 KB
4 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230710/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DFVGlaLxO4xAN7B3BIv78_h4ORyHSfmMNVE8a4Pt51WNanHxOJW8umlxEBjBzy3NPmCHeDjNwMo4EgpxAutha7u54hjw&cry=1&dbm_d=AKAmf-BEOICdutSJZi2ZphTXlkB28h1D3uG0drn-1OsPRGXlCH8xUlmDv1zQ83C5Ke-FqjvEuosNEnpxB1BUtRXqVq4-getwiN2lcku88vh43e5HrdmbtQPtYiL7hkkXPaLTmjlreUOtaD6fUIJIAJKFb_OJCrmiqlzB3XOBXSr9O_osjayIUvliERKAIAPEqUg3xIPZyL2lJSCsv3QtORxzkaa8Ttu1X19u-muX6bqvo2rIPAfens0I25fI6X_tu4lrKQ0LS5vePfHb5kz1cyaGA-ElXRSFUBzA-_8438nJJvqLJd5YAvi0jFseHl1mk5PNvJ2qlS5bvPyCSQlOq66Wjpa3u9P0wM20DOjmd85ftBBA4vR7DokMdLkwNUsms9FPNc5c5bFkz0QeGOZ7NdlBgQjXvkmvIu9FhhhjdbtQVNVbM-Bh4GQQArTRAmZK7rVyuMM_EMquv060qr3Zsxh1sS2vsIMm2mF_CbelKc1Zcvk0f6j5lCUoATlEtGCRIhW_Jrm9VYtIhcRwjZwDr-RF9TwF8RC7qdIsrV_BGuHcZvCZVdtoEcP9n-3Bvx_XsLk9oamVNK9N4KvtjU3hgaH5RNmSfAW_rc9vKx_y9HtX49uVYuqICCzLsYiipW6ouiu-75vhl1Q6RZgbUOpOWKjoqQ3NtZl-wCkj910yApLrHFiR0fzhRfszPX2-FojWkQqiqD7HUqjUNiyh0KO4r3bMfDvDVgUgXolKhX2Ri-PHHwhSkWcx5QZrKWNNmbpY-gWBxapK198poE2bBrF7RvpUg59rM8vuoTxOQRih0uouSJZcOevgDQKIkKSS6G2aG172XWCyGPUASJ3GyJqsZKhkJVhrawhil-wKS8e99OJczTM0rmyT4t62CBtcVHLFFA-88wiVoIwZH7TYTaiB6lC3Od2ARbC02OYh7lXflfRrS9vQxpg--VUNEyVW4foveat4UhfQ6HzkHvq8l8dqMStOq5f_Oq9ZZoUGYVa1nukkwGPSeyjwq27_lgby9oW4TzOdKRyAJA_9XOVHd4NTwUExx-S6Ja5vVf7kOrnCl51ritMbHnf4cubgeEvqhUKjMuBSHJhD3v3KTAlAiawMFEfC1QU5q9sflGyJKlwG0YBJJWod5fdHuY2_gQQ-LFr6bEl8aH05OF7HG-hIfeNmymRNVtbIz-JrCYXCx43uFbLzfOmfUCLlQ_6iKhFPEk9cvujux1wnDoAYh4HBOKsV4GgwIb0MRI5fvwTKrRmLC72XpuySzNsnt0AqfatwufmBcs_DnIS6xL6o4GvQQovAgZtHWD_bOW_mL3mYcEZ6VjHA6QAu0sgtkOGInj_NDZiDixH5lENozl_cfHfUXyT9lp4Z02lVxQdKTkyc93TlJEMvCT1IGuNsnzXYX_4-63g6eToVWABq6oKKU2YE-XGCtlMkJ-EyGq8U05jtoiWzKIjWxC6URF11cgiq4oKGBY0OAvPz4OfTIIYjkYXqiOgYRZ-12Ch530D3OmbZRBfFLMW7l7VlrRfJ9TJmdwdSoLHKPmvtY6tCDQSgyBmfLTOOtz7pZMp1fhLT3V5bx2-TGfOyOQAsAFRWGaEsV9MKdWE_fQlHCWhqBKpSoxISkac-SsVl3dxhdd8XJ72seXGqll3XUlNrx6oQ7JLbi3N1KTgDUikNuz4H4LWimTkVqwq5moSIT-rcti1CaV8s7YlRVkr-y9U1bBoTNIpiOwNEEhPhEwHc48EA0AnlGwWjVgtCYQl2Vn9SVuTP7hy4Jb5CbUb5Z6mzqnnzRU9X8mJhDQC96Q61DOFKYBoNcOh9aQQLmX3pgMwzsP7uVtgAqVJx5NBJ8okNpDNaWWGhzdfhosQQAm7GJOkbY55YLTzCb2BVTa1DI7ZO4ty0MRAGvZ86COP6qZXrgIvUt5ARRzbdeOotNrk-_Bb7tGXEmGzazfZ0q7nxYABDrYYEkdHwN5LXJUks0PwCf_kbo_FZxPIFZDtd23z7klZfA2hOyp-xI1uooAzmsdyyLjjx7-bUTsz-LXsIq-3wj-DklsgRyEyNrcusA-oypg6H_lxDBK0MM74VWAieHFt4oL7fT5OI2Ob4Z4CJpD4NZBHGvz9-BqpMAdKQMECz3ewXprFaUQC5pWQk1QUz_K2UnjCDqOuG7bZgWO-Gryi8g2SSQuZzJkuFMR7CgPYpYubrSq28p1_pEZ18mDpe_Rw87CKZGBTLCD8XKx2FKAgjy0Dfg-W_tU-42tUkcBdbwQGVVuT05aYb7gw88WrupubHkIt1_300KFOzkAO7fib0ObSJYgm-cemLjULX-RbjDlU11LP31w-OrmKSUVQ97kMfLRFarxJalzpsoHhqeq0Aqg_2BgeIcQNwTXyy6W3LLRhpAnvnbSQvQaksHSZNoKqhPaHCOrQiQ_pq9DBdiPQN2062hXRtfB2LR01-X6TIdFvFiwerzsSS0Miq_3V6uEbSdSz7-uYp3irAuMTOh2pmv0sxdT2RJCGaEXrFPONbOTVShfd9bKxQ8bXtCyva53ag_gvBXOmozJnv2QNZSxltG3mFJRwDbmWw25RQF15vNz5MiQzSl8snFH9U7Mmw_XsQnB-W1b9jf4eBpwrKBJmzg8gKiFHkIKVt9jySmEwneHjMMMLpd8P8VdKItuYQPbxMwRhqQNKNc4BWzXAutp8BDYsW_JoBi2pF0nSENTikkD7dflark-B3oL2Fffec_pAdNiTvy6M6Fm2V6srvtoHQYVu7D1E_DL5mr7aQDtOQvo8LQrDJpO5BWE15JaSBV5ZCDN6UtYH1sjJwjg1OES2lv51MhKNARcWxupKkNReAPHdv8UwSyzxPG7Ai5r5JtQnnEwFMkv4mV3SAEEYgZlEyJ78fxin4ISXDP4rx5OFC7CM85SO4Yf00iIqlJWEntgL3Sk8yEyWkLROwgGUtewctT1whYPrvWr1dhtHOWblyl9t29ppYNE5xK8Drzx99zowCXTSAcv_vVIx4u9ae3OfirGj1CqLGrwGPAx-ZTBFgvns79NcT0tzWkKOUEPZ6hqZIzlvCGS3AYjGAinVMbLBRsC2u_WIzuJWWApgK9z94nGd14K7HZBvp-KhDrV2Y-dLk3Vtzx8Mgojt8ybTWxYaC88oxueNsrZRSzlW8ZVV-ZQc6xaJpXO3eiWZeibvfzcKRHaSHstuSWpCaTkuvQYDM5vlPiBMfLcFOFrJkzV3290PmTdG5oqd9y3wJJCx4RvzO7Er9KP9pKqjQPYvwB9as1ARLa_z_K-uU1dr_4PfnPlXdNMqgfqDoJ8nywPsbOXXlP9xLSaoXw_5ocC4ecLb89RD9VvawRoVncy46k6U54M065_yQkxASZMRMyBtTx96r2DAJp5m6GGm36AuURZtbqYDWmcW08sOwD9lZysVddQ9U-tai25YOLp2iygXi4sZ4lH29fYJXnTaN6cmQEDnxCqhAiw16QXV3LZ6g9zo_TLCYJuK204BvDSDl057Knn64KFno-F5xp-TzPzdXzvL5qILGkhzZmsSbFgROhM5ztmXHD_JEAFmcmiMxCwwJD1UjZxBFN3oVhQ8fC4xdqYJqctGrFMDW2FtDAt23Szs3sGmlBOdRFU_SOLCMRYZb53w7zwy7dESTjZFAM5cauDmkt_Ndr7pcedaxkhHmDvGcxn3XkDxcJWhB_UJtLfL0sP0J_s-_1w&cid=CAQSOwBpAlJWKh_fXRSFD5g-_YJZ7oJXXOcHMpqMvAOjHg--R5qDyuKe1cNiqLHkSkgPiKHaKHXVffOVxdEyGAE&dv3_ver=m202306200101&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=2536823769720020000&adk=3844175693&idt=99&cac=0&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 19:59:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
10322
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4172
x-xss-protection
0
server
cafe
etag
16731591232229431525
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 25 Jul 2023 19:59:23 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230710/r20110914/ Frame 276C
30 KB
11 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230710/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DFVGlaLxO4xAN7B3BIv78_h4ORyHSfmMNVE8a4Pt51WNanHxOJW8umlxEBjBzy3NPmCHeDjNwMo4EgpxAutha7u54hjw&cry=1&dbm_d=AKAmf-BEOICdutSJZi2ZphTXlkB28h1D3uG0drn-1OsPRGXlCH8xUlmDv1zQ83C5Ke-FqjvEuosNEnpxB1BUtRXqVq4-getwiN2lcku88vh43e5HrdmbtQPtYiL7hkkXPaLTmjlreUOtaD6fUIJIAJKFb_OJCrmiqlzB3XOBXSr9O_osjayIUvliERKAIAPEqUg3xIPZyL2lJSCsv3QtORxzkaa8Ttu1X19u-muX6bqvo2rIPAfens0I25fI6X_tu4lrKQ0LS5vePfHb5kz1cyaGA-ElXRSFUBzA-_8438nJJvqLJd5YAvi0jFseHl1mk5PNvJ2qlS5bvPyCSQlOq66Wjpa3u9P0wM20DOjmd85ftBBA4vR7DokMdLkwNUsms9FPNc5c5bFkz0QeGOZ7NdlBgQjXvkmvIu9FhhhjdbtQVNVbM-Bh4GQQArTRAmZK7rVyuMM_EMquv060qr3Zsxh1sS2vsIMm2mF_CbelKc1Zcvk0f6j5lCUoATlEtGCRIhW_Jrm9VYtIhcRwjZwDr-RF9TwF8RC7qdIsrV_BGuHcZvCZVdtoEcP9n-3Bvx_XsLk9oamVNK9N4KvtjU3hgaH5RNmSfAW_rc9vKx_y9HtX49uVYuqICCzLsYiipW6ouiu-75vhl1Q6RZgbUOpOWKjoqQ3NtZl-wCkj910yApLrHFiR0fzhRfszPX2-FojWkQqiqD7HUqjUNiyh0KO4r3bMfDvDVgUgXolKhX2Ri-PHHwhSkWcx5QZrKWNNmbpY-gWBxapK198poE2bBrF7RvpUg59rM8vuoTxOQRih0uouSJZcOevgDQKIkKSS6G2aG172XWCyGPUASJ3GyJqsZKhkJVhrawhil-wKS8e99OJczTM0rmyT4t62CBtcVHLFFA-88wiVoIwZH7TYTaiB6lC3Od2ARbC02OYh7lXflfRrS9vQxpg--VUNEyVW4foveat4UhfQ6HzkHvq8l8dqMStOq5f_Oq9ZZoUGYVa1nukkwGPSeyjwq27_lgby9oW4TzOdKRyAJA_9XOVHd4NTwUExx-S6Ja5vVf7kOrnCl51ritMbHnf4cubgeEvqhUKjMuBSHJhD3v3KTAlAiawMFEfC1QU5q9sflGyJKlwG0YBJJWod5fdHuY2_gQQ-LFr6bEl8aH05OF7HG-hIfeNmymRNVtbIz-JrCYXCx43uFbLzfOmfUCLlQ_6iKhFPEk9cvujux1wnDoAYh4HBOKsV4GgwIb0MRI5fvwTKrRmLC72XpuySzNsnt0AqfatwufmBcs_DnIS6xL6o4GvQQovAgZtHWD_bOW_mL3mYcEZ6VjHA6QAu0sgtkOGInj_NDZiDixH5lENozl_cfHfUXyT9lp4Z02lVxQdKTkyc93TlJEMvCT1IGuNsnzXYX_4-63g6eToVWABq6oKKU2YE-XGCtlMkJ-EyGq8U05jtoiWzKIjWxC6URF11cgiq4oKGBY0OAvPz4OfTIIYjkYXqiOgYRZ-12Ch530D3OmbZRBfFLMW7l7VlrRfJ9TJmdwdSoLHKPmvtY6tCDQSgyBmfLTOOtz7pZMp1fhLT3V5bx2-TGfOyOQAsAFRWGaEsV9MKdWE_fQlHCWhqBKpSoxISkac-SsVl3dxhdd8XJ72seXGqll3XUlNrx6oQ7JLbi3N1KTgDUikNuz4H4LWimTkVqwq5moSIT-rcti1CaV8s7YlRVkr-y9U1bBoTNIpiOwNEEhPhEwHc48EA0AnlGwWjVgtCYQl2Vn9SVuTP7hy4Jb5CbUb5Z6mzqnnzRU9X8mJhDQC96Q61DOFKYBoNcOh9aQQLmX3pgMwzsP7uVtgAqVJx5NBJ8okNpDNaWWGhzdfhosQQAm7GJOkbY55YLTzCb2BVTa1DI7ZO4ty0MRAGvZ86COP6qZXrgIvUt5ARRzbdeOotNrk-_Bb7tGXEmGzazfZ0q7nxYABDrYYEkdHwN5LXJUks0PwCf_kbo_FZxPIFZDtd23z7klZfA2hOyp-xI1uooAzmsdyyLjjx7-bUTsz-LXsIq-3wj-DklsgRyEyNrcusA-oypg6H_lxDBK0MM74VWAieHFt4oL7fT5OI2Ob4Z4CJpD4NZBHGvz9-BqpMAdKQMECz3ewXprFaUQC5pWQk1QUz_K2UnjCDqOuG7bZgWO-Gryi8g2SSQuZzJkuFMR7CgPYpYubrSq28p1_pEZ18mDpe_Rw87CKZGBTLCD8XKx2FKAgjy0Dfg-W_tU-42tUkcBdbwQGVVuT05aYb7gw88WrupubHkIt1_300KFOzkAO7fib0ObSJYgm-cemLjULX-RbjDlU11LP31w-OrmKSUVQ97kMfLRFarxJalzpsoHhqeq0Aqg_2BgeIcQNwTXyy6W3LLRhpAnvnbSQvQaksHSZNoKqhPaHCOrQiQ_pq9DBdiPQN2062hXRtfB2LR01-X6TIdFvFiwerzsSS0Miq_3V6uEbSdSz7-uYp3irAuMTOh2pmv0sxdT2RJCGaEXrFPONbOTVShfd9bKxQ8bXtCyva53ag_gvBXOmozJnv2QNZSxltG3mFJRwDbmWw25RQF15vNz5MiQzSl8snFH9U7Mmw_XsQnB-W1b9jf4eBpwrKBJmzg8gKiFHkIKVt9jySmEwneHjMMMLpd8P8VdKItuYQPbxMwRhqQNKNc4BWzXAutp8BDYsW_JoBi2pF0nSENTikkD7dflark-B3oL2Fffec_pAdNiTvy6M6Fm2V6srvtoHQYVu7D1E_DL5mr7aQDtOQvo8LQrDJpO5BWE15JaSBV5ZCDN6UtYH1sjJwjg1OES2lv51MhKNARcWxupKkNReAPHdv8UwSyzxPG7Ai5r5JtQnnEwFMkv4mV3SAEEYgZlEyJ78fxin4ISXDP4rx5OFC7CM85SO4Yf00iIqlJWEntgL3Sk8yEyWkLROwgGUtewctT1whYPrvWr1dhtHOWblyl9t29ppYNE5xK8Drzx99zowCXTSAcv_vVIx4u9ae3OfirGj1CqLGrwGPAx-ZTBFgvns79NcT0tzWkKOUEPZ6hqZIzlvCGS3AYjGAinVMbLBRsC2u_WIzuJWWApgK9z94nGd14K7HZBvp-KhDrV2Y-dLk3Vtzx8Mgojt8ybTWxYaC88oxueNsrZRSzlW8ZVV-ZQc6xaJpXO3eiWZeibvfzcKRHaSHstuSWpCaTkuvQYDM5vlPiBMfLcFOFrJkzV3290PmTdG5oqd9y3wJJCx4RvzO7Er9KP9pKqjQPYvwB9as1ARLa_z_K-uU1dr_4PfnPlXdNMqgfqDoJ8nywPsbOXXlP9xLSaoXw_5ocC4ecLb89RD9VvawRoVncy46k6U54M065_yQkxASZMRMyBtTx96r2DAJp5m6GGm36AuURZtbqYDWmcW08sOwD9lZysVddQ9U-tai25YOLp2iygXi4sZ4lH29fYJXnTaN6cmQEDnxCqhAiw16QXV3LZ6g9zo_TLCYJuK204BvDSDl057Knn64KFno-F5xp-TzPzdXzvL5qILGkhzZmsSbFgROhM5ztmXHD_JEAFmcmiMxCwwJD1UjZxBFN3oVhQ8fC4xdqYJqctGrFMDW2FtDAt23Szs3sGmlBOdRFU_SOLCMRYZb53w7zwy7dESTjZFAM5cauDmkt_Ndr7pcedaxkhHmDvGcxn3XkDxcJWhB_UJtLfL0sP0J_s-_1w&cid=CAQSOwBpAlJWKh_fXRSFD5g-_YJZ7oJXXOcHMpqMvAOjHg--R5qDyuKe1cNiqLHkSkgPiKHaKHXVffOVxdEyGAE&dv3_ver=m202306200101&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=2536823769720020000&adk=3844175693&idt=99&cac=0&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
484eef6459e8a58c19115f287339366d82a7c2beeb7a35c7e16789b592515aec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 20:05:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
9936
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11545
x-xss-protection
0
server
cafe
etag
12064860844701496540
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 25 Jul 2023 20:05:49 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 276C
41 KB
13 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x67420x0229.html?fbclid=PAAaae-SdJFaTCe2X2Rz0YQJeaF_cmcYz8_lmUJJDaLttsAGULWuQIAYEIFUc_aem_AWqMemsf4qpLbeZbkZhrgOzXLw4pKQpSKaow2V3Sax-iHPbhThvsND2Me74HsU0i7CvE1WRhY0ku0e2hAZgH8ddB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 13:52:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
32330
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Jul 2024 13:52:35 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame B492
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
URL: https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 11 Jul 2023 22:51:25 GMT
expires
Tue, 11 Jul 2023 22:51:25 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 11 Jul 2023 22:51:25 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 3772
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
URL: https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
21529
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 11 Jul 2023 16:52:36 GMT
etag
48472445140208031
expires
Wed, 12 Jul 2023 16:52:36 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 276C
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c80365b3d61748da70094a8ea95488ae260e3f6051d830f590a54b82cf795141

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame DEBC
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEDMz-MNS3AGJjQI9nmnikVw&google_cver=1&google_push=AaAOQGHdAlPOa23DNoBq-m4E63abrrYj3AeSVP1w10VyLVMRc1PClQWqBs...
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AaAOQGHdAlPOa23DNoBq-m4E63abrrYj3AeSVP1w10VyLVMRc1PClQWqBs25p-8d8ze9kEAcOA_uL2dt9aU-Yre_aht6CqTQB0A&google_hm=tBAKHyYpbJsqK...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AaAOQGHdAlPOa23DNoBq-m4E63abrrYj3AeSVP1w10VyLVMRc1PClQWqBs25p-8d8ze9kEAcOA_uL2dt9aU-Yre_aht6CqTQB0A&google_hm=tBAKHyYpbJsqK7kcIGuisw
Requested by
Host: www.nefisyemektarifleri.com
URL: https://www.nefisyemektarifleri.com/etsiz-nohut-yemegi-248941/
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 22:51:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AaAOQGHdAlPOa23DNoBq-m4E63abrrYj3AeSVP1w10VyLVMRc1PClQWqBs25p-8d8ze9kEAcOA_uL2dt9aU-Yre_aht6CqTQB0A&google_hm=tBAKHyYpbJsqK7kcIGuisw
date
Tue, 11 Jul 2023 22:51:25 GMT
cache-control
private, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
0
pixel
cm.g.doubleclick.net/ Frame DEBC
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEAdmLEBnn6cWzUI45eJSxFA&google_cver=1&google_push=AaAOQGHIesXo-GD9z4YoEbL6EXXW4WzR2JKUgl2igZesTzMGsR1p3R0T5BpCGXx9CYO0zXeuJq4fwXWat6OVmiSEIbsht9PgBKU
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=EA2ED22C10FA4FF8BBD9D899C80FC3DE&google_push=AaAOQGHIesXo-GD9z4YoEbL6EXXW4WzR2JKUgl2igZesTzMGsR1p3R0T5BpCGXx9CYO0zXeuJq4fwXWat6OVmiS...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=EA2ED22C10FA4FF8BBD9D899C80FC3DE&google_push=AaAOQGHIesXo-GD9z4YoEbL6EXXW4WzR2JKUgl2igZesTzMGsR1p3R0T5BpCGXx9CYO0zXeuJq4fwXWat6OVmiSEIbsht9PgBKU
Requested by
Host: www.nefisyemektarifleri.com
URL: https://www.nefisyemektarifleri.com/etsiz-nohut-yemegi-248941/
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 22:51:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 11 Jul 2023 22:51:25 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=EA2ED22C10FA4FF8BBD9D899C80FC3DE&google_push=AaAOQGHIesXo-GD9z4YoEbL6EXXW4WzR2JKUgl2igZesTzMGsR1p3R0T5BpCGXx9CYO0zXeuJq4fwXWat6OVmiSEIbsht9PgBKU
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 10 Jul 2023 22:51:25 GMT
pixel
cm.g.doubleclick.net/ Frame DEBC
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=R7dUWa-fRMqnnl7sVCyzPA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=R7dUWa-fRMqnnl7sVCyzPA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AaAOQGH162mLOVNu8PoajR4FME0WsZNX7-TVFGwyG5BUbJraf5v7Yeng-cZu2hd3_cENOWGhG3yOcwYfkn3DKG6J0SXjvnQlqfc
Requested by
Host: www.nefisyemektarifleri.com
URL: https://www.nefisyemektarifleri.com/etsiz-nohut-yemegi-248941/
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 22:51:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=R7dUWa-fRMqnnl7sVCyzPA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AaAOQGH162mLOVNu8PoajR4FME0WsZNX7-TVFGwyG5BUbJraf5v7Yeng-cZu2hd3_cENOWGhG3yOcwYfkn3DKG6J0SXjvnQlqfc
date
Tue, 11 Jul 2023 22:51:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame DEBC
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMO7eI6_BdAYwVdH_S4b8fU&google_cver=1&google_push=AaAOQGHq7b0dtAAyttvEWTcA6BRvS2tgSpYC3CfKqIhqeIy-HSiGX_95y7Fbr3Gr_nlRmo4Glyz...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEpZVlpJSjktMVotMk9GNw==&google_push=AaAOQGHq7b0dtAAyttvEWTcA6BRvS2tgSpYC3CfKqIhqeIy-HSiGX_95y7Fbr3Gr_nlRmo4GlyzfiA-Ez5p8D9XcFCckyiFjIA0
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEpZVlpJSjktMVotMk9GNw==&google_push=AaAOQGHq7b0dtAAyttvEWTcA6BRvS2tgSpYC3CfKqIhqeIy-HSiGX_95y7Fbr3Gr_nlRmo4GlyzfiA-Ez5p8D9XcFCckyiFjIA0
Requested by
Host: www.nefisyemektarifleri.com
URL: https://www.nefisyemektarifleri.com/etsiz-nohut-yemegi-248941/
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 22:51:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEpZVlpJSjktMVotMk9GNw==&google_push=AaAOQGHq7b0dtAAyttvEWTcA6BRvS2tgSpYC3CfKqIhqeIy-HSiGX_95y7Fbr3Gr_nlRmo4GlyzfiA-Ez5p8D9XcFCckyiFjIA0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Expires
0
pixel
cm.g.doubleclick.net/ Frame DEBC
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEEZ9X6br7v5jCVMm1OprUN4&google_cver=1&google_push=AaAOQGHbIzQwsjvg84u5C_j3MgpHi3nSxLVEuVc1UeldwhXuAP68Olk5T8CEsBjUbqQwITEUQYWuw2AqKuviqe64AtnIhO...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=dGMJ18AAQxumdCjJzDMIpQ&google_push=AaAOQGHbIzQwsjvg84u5C_j3MgpHi3nSxLVEuVc1UeldwhXuAP68Olk5T8CEsBjUbqQwITEUQYWuw2AqKuviqe6...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=dGMJ18AAQxumdCjJzDMIpQ&google_push=AaAOQGHbIzQwsjvg84u5C_j3MgpHi3nSxLVEuVc1UeldwhXuAP68Olk5T8CEsBjUbqQwITEUQYWuw2AqKuviqe64AtnIhOuzTug
Requested by
Host: www.nefisyemektarifleri.com
URL: https://www.nefisyemektarifleri.com/etsiz-nohut-yemegi-248941/
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 22:51:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=dGMJ18AAQxumdCjJzDMIpQ&google_push=AaAOQGHbIzQwsjvg84u5C_j3MgpHi3nSxLVEuVc1UeldwhXuAP68Olk5T8CEsBjUbqQwITEUQYWuw2AqKuviqe64AtnIhOuzTug
access-control-allow-origin
*
date
Tue, 11 Jul 2023 22:51:25 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pixel
cm.g.doubleclick.net/ Frame DEBC
Redirect Chain
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEPUuu4aI_skni67xljB62LY&google_cver=1&google_push=AaAOQGF-AOy-86RMi...
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NDk0MjM1OTA0NDEzMDE5MjMwOQ%3D%3D&google_gid=CAESEPUuu4aI_skni67xljB62LY&google_cver=1&google_push=AaAOQGF-AOy-86RMiAymEMrzdIFDyWLxrf...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NDk0MjM1OTA0NDEzMDE5MjMwOQ%3D%3D&google_gid=CAESEPUuu4aI_skni67xljB62LY&google_cver=1&google_push=AaAOQGF-AOy-86RMiAymEMrzdIFDyWLxrfFqJ3MjcgxuWIR8z7KpNJ2tLoS2StbExI7c79tfFiDMc7-wE1OjmdBvZCaPAi7CD765
Requested by
Host: www.nefisyemektarifleri.com
URL: https://www.nefisyemektarifleri.com/etsiz-nohut-yemegi-248941/
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 22:51:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 11 Jul 2023 22:51:25 GMT
an-x-request-uuid
9d7036ad-67bd-4b76-8640-ac684c9b811b
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NDk0MjM1OTA0NDEzMDE5MjMwOQ%3D%3D&google_gid=CAESEPUuu4aI_skni67xljB62LY&google_cver=1&google_push=AaAOQGF-AOy-86RMiAymEMrzdIFDyWLxrfFqJ3MjcgxuWIR8z7KpNJ2tLoS2StbExI7c79tfFiDMc7-wE1OjmdBvZCaPAi7CD765
x-proxy-origin
84.19.175.183; 84.19.175.183; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame DEBC
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESENCljyD2J...
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESENC...
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=2c904e7c-1719-4cc0-a134-5aa114d71e23&%%GOOGLE_PUSH_PAIR%%
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=2c904e7c-1719-4cc0-a134-5aa114d71e23&%%GOOGLE_PUSH_PAIR%%
Requested by
Host: www.nefisyemektarifleri.com
URL: https://www.nefisyemektarifleri.com/etsiz-nohut-yemegi-248941/
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 22:51:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=2c904e7c-1719-4cc0-a134-5aa114d71e23&%%GOOGLE_PUSH_PAIR%%
date
Tue, 11 Jul 2023 22:51:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame DEBC
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KwrS-vOUXyvA40amiYNxQzpYH-yu7wOUiqo4-PARqV_-FkFIovPMbOuOMhBBbOltAxCGbmPTo
Requested by
Host: 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
URL: https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 22:51:25 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame B3EF
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEO6zwXUX5mLLtSbjpXeRFtI&google_cver=1&google_push=AaAOQGHgbQvwvrR1lVtANIwjxqF7k4ncsmzH5ij_5rsmjnUnjCh-xXxaYEdYd9vpIy9rBS6YyOsj_fEi71UTr4AJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGHgbQvwvrR1lVtANIwjxqF7k4ncsmzH5ij_5rsmjnUnjCh-xXxaYEdYd9vpIy9rBS6YyOsj_fEi71UTr4AJleUQg4I4kfqr
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGHgbQvwvrR1lVtANIwjxqF7k4ncsmzH5ij_5rsmjnUnjCh-xXxaYEdYd9vpIy9rBS6YyOsj_fEi71UTr4AJleUQg4I4kfqr
Requested by
Host: 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
URL: https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 22:51:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 11 Jul 2023 22:51:25 GMT
Server
MT3 1031 59fd23a master zrh zrh-pixel-x13 config_version:"1524"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGHgbQvwvrR1lVtANIwjxqF7k4ncsmzH5ij_5rsmjnUnjCh-xXxaYEdYd9vpIy9rBS6YyOsj_fEi71UTr4AJleUQg4I4kfqr
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 11 Jul 2023 22:51:24 GMT
i.match
s.tribalfusion.com/z/ Frame B3EF
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEMnjClYZAOOYbGi_FzIvrq0&google_cver=1&google_push=AaAOQGEVKVwDQuu--u7OfbGXHQ8u83fwZr0LELAY5cJuSAW5QYiJLDpWAfnO6CpU1R6i-lLEjqelO6hmUbM9v80wDSSRAJN9YAk&r...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMnjClYZAOOYbGi_FzIvrq0&google_cver=1&google_push=AaAOQGEVKVwDQuu--u7OfbGXHQ8u83fwZr0LELAY5cJuSAW5QYiJLDpWAfnO6CpU1R6i-lLEjqelO6hmUbM9v80wDSSRAJN9YAk...
43 B
389 B
Image
General
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMnjClYZAOOYbGi_FzIvrq0&google_cver=1&google_push=AaAOQGEVKVwDQuu--u7OfbGXHQ8u83fwZr0LELAY5cJuSAW5QYiJLDpWAfnO6CpU1R6i-lLEjqelO6hmUbM9v80wDSSRAJN9YAk&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGEVKVwDQuu--u7OfbGXHQ8u83fwZr0LELAY5cJuSAW5QYiJLDpWAfnO6CpU1R6i-lLEjqelO6hmUbM9v80wDSSRAJN9YAk%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
URL: https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 22:51:25 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7e549c6cc85a1903-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 11 Jul 2023 22:51:25 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
325
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMnjClYZAOOYbGi_FzIvrq0&google_cver=1&google_push=AaAOQGEVKVwDQuu--u7OfbGXHQ8u83fwZr0LELAY5cJuSAW5QYiJLDpWAfnO6CpU1R6i-lLEjqelO6hmUbM9v80wDSSRAJN9YAk&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGEVKVwDQuu--u7OfbGXHQ8u83fwZr0LELAY5cJuSAW5QYiJLDpWAfnO6CpU1R6i-lLEjqelO6hmUbM9v80wDSSRAJN9YAk%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7e549c6b8f391903-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B3EF
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEMGXCrHGiTsssr72tCqNB24&google_cver=1&google_push=AaAOQGEjw7-QdjrPDlIcIUmMkM788vfeGf0gOPkqSUy8iYl_--oOw0IzrmJK902rJL_vhfPCg3Hal28BJfEWD9CEZg4rX8J...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGEjw7-QdjrPDlIcIUmMkM788vfeGf0gOPkqSUy8iYl_--oOw0IzrmJK902rJL_vhfPCg3Hal28BJfEWD9CEZg4rX8JVZG9G&google_hm=eS1paTBWWXY5RTJwRzhxUG...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGEjw7-QdjrPDlIcIUmMkM788vfeGf0gOPkqSUy8iYl_--oOw0IzrmJK902rJL_vhfPCg3Hal28BJfEWD9CEZg4rX8JVZG9G&google_hm=eS1paTBWWXY5RTJwRzhxUGZyeGZaVXJNcVlUODVWODF1T35B
Requested by
Host: 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
URL: https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 22:51:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 11 Jul 2023 22:51:25 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGEjw7-QdjrPDlIcIUmMkM788vfeGf0gOPkqSUy8iYl_--oOw0IzrmJK902rJL_vhfPCg3Hal28BJfEWD9CEZg4rX8JVZG9G&google_hm=eS1paTBWWXY5RTJwRzhxUGZyeGZaVXJNcVlUODVWODF1T35B
content-length
0
pixel
cm.g.doubleclick.net/ Frame B3EF
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESELJEf1NPBthlHXrU5y-wWXc&google_cver=1&google_push=AaAOQGEWn0JBvaNH_G7AkhBlSRVWsHT4k395L_6e2aHF0k7k_7UtIlphYM_bN7Xrq9ca6IXR3Sn98AM-1MHz4mh7C9l1din...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESELJEf1NPBthlHXrU5y-wWXc&google_cver=1&google_push=AaAOQGEWn0JBvaNH_G7AkhBlSRVWsHT4k395L_6e2aHF0k7k_7UtIlphYM_bN7Xrq9ca6IXR3Sn98AM-1MHz4mh7C9l1d...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AaAOQGEWn0JBvaNH_G7AkhBlSRVWsHT4k395L_6e2aHF0k7k_7UtIlphYM_bN7Xrq9ca6IXR3Sn98AM-1MHz4mh7C9l1dinJnEWH
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AaAOQGEWn0JBvaNH_G7AkhBlSRVWsHT4k395L_6e2aHF0k7k_7UtIlphYM_bN7Xrq9ca6IXR3Sn98AM-1MHz4mh7C9l1dinJnEWH
Requested by
Host: 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
URL: https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 22:51:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AaAOQGEWn0JBvaNH_G7AkhBlSRVWsHT4k395L_6e2aHF0k7k_7UtIlphYM_bN7Xrq9ca6IXR3Sn98AM-1MHz4mh7C9l1dinJnEWH
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
dds
rtb.openx.net/sync/ Frame B3EF
43 B
245 B
Image
General
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESELXpK21fBpzGAbTk0Fhxch0&google_cver=1&google_push=AaAOQGHDpHmpwMSjB0vnVgG1YEBZIwPii1j_dHdA-mev1s2YOFJfxBZW5uO3QP3iNNuGgz9PjAZ8DX0FHerwaaVD1X5RqHbvqRk
Requested by
Host: 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
URL: https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 22:51:25 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
sync
ssbsync.smartadserver.com/api/ Frame B3EF
0
45 B
Image
General
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEBnbr7VnBBq79HUuoWFnJf0&google_cver=1&google_push=AaAOQGHsGUTIi4xCuQSAuG-7dwsh0fEZodSYGTWqnfO4i6CSCYUkkCGecMzdUfth7tyXp39ivfArRU0sPHMwzh1i_UGX3arSM_Y
Requested by
Host: 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
URL: https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.102 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 22:51:25 GMT
content-length
0
/
onetag-sys.com/match/ Frame B3EF
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEC2lCEslld4rWCdZ1QSWUX0&google_cver=1&google_push=AaAOQGGrcBAOPL77-YvOLkLWq-f4yXdzfKpsdtONlwdtqRrMlasGjiPKf38zrMMSKWh-BgUsb63U0RaBRXw...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGGrcBAOPL77-YvOLkLWq-f4yXdzfKpsdtONlwdtqRrMlasGjiPKf38zrMMSKWh-BgUsb63U0RaBRXwtngGq6gTr9QeHdlm60Q
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B
Image
General
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
URL: https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Tue, 11 Jul 2023 22:51:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame B3EF
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LYSWQKo5nMtQTJuBb0xbeY2Qe41wJ7_Gidu_Lu0ynOCq_ojCZr2Y55rnAOmVMlXgVqHg0-Tg
Requested by
Host: 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
URL: https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 22:51:25 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
index.html
s0.2mdn.net/sadbundle/10776139036581716392/ Frame 942D
1 KB
766 B
Document
General
Full URL
https://s0.2mdn.net/sadbundle/10776139036581716392/index.html?e=69&leftOffset=0&topOffset=0&c=WldR1jgurf&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4b7d8e9e3fcf576554fb627441842f75490a7ad42fb89bbc00aed6e9c208d189
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
738
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Tue, 11 Jul 2023 22:51:25 GMT
expires
Wed, 10 Jul 2024 22:51:25 GMT
last-modified
Sun, 23 Oct 2022 18:55:22 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 63EC
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstNCyeR1VF3cxJL96XmsEBu5zexnT-nlZN8xr8360fgW4_ybt94OxyrRgHA4OoR7YPA9AfLo15A2F0wB-0Dq5pc4Rsb9_omyLlAJyTfGy6S06tHeFoqEkrdTZfrlAywQmxTxuDXYnOBH4DG3tKBE_mQDji3pkHBzXhfXDn7uZF6WqavqbAw2iBBKwUUmD_L8liOBp2154mLCGnsTBI1KhQClNg6ubWHr46pEnL_shrGdrQHvOJ4o5VPHZSredMZVSZ-ET3PtNT-tFEO3vU6bkFJHpoKBiC31KcxwPxMpKi7PJwl_qRAuWcjkxrokmWUffG23IlSBnlcM5tCPmHBxRj8oux41FnnqHX77_bNS6uU-hJOX7TAPfKpkEn6cbGr0H3eq4zFjH2KB9g2WjbQ3PAQPF6Sj-w8XvjDERsyY3Y_Ge7KOw1MUOOKbot0quGWSj0Rv3Sxvr4V5o3LGFGS8Ebs5_geYNYFzmury8LeepJLvNOi73Su8D1cxoXkcQ3dYEUneJoZsKC-MRW4iV-iaK0rYigUGtKhjfLV0T-EhGLgS8CHZwtH8dRMnOzS05vFLxnBteDwNS-isa7uMS0O1oPNi0LKySjcQ3c8jh7cE-B9VFTIjpUDItPCsU0U8u4JhTpa2y39ysG3h5tSpz0DPhJ0L-p2l7nu1HPV3-8mI3u32ImuuqOQkE2fWGQinRh8fEe6zJCh2iO1i-yzPBLljK-rFzMwN4vaSDuPxvum4SKEKeDuyf7fUxetjxsfRV5eMZc4jTRraOCcQ4-RM6Ss8r18HPdJHbsyPWw75Elxxlbh3bJqad5BZ-aZAZxJ1OYIOGp1Xv4Y_zil6EWNMl1E79ypn1UpALeiiBqk1kTTrxIRY76JjkzySDSTxjVrrg_SkD9zg8u32_R_8MZSh696wRGTwAJc5zXCzd0yX_1vqRdKPPlhuX2swgBERVxXR-LmpN_nSM3eJIvQ35ohZjzBVip21r2UcCJd9dNUX0MyQIb-QWFpwoQqfelfCoyIB2dbTSi8DkKLU5xsG4Zcx_rNwkAxfBmLx0avf_W-y3iVMVheihQXwQTwsdNRowCcUwzHk-Hzr8nHbGYOuSobR4foy595vvkwmckOMHlUg6q4c1B2B_hcPMoF9hRcRIBcs0DHYXhvICTimVetA142kDwgcY4UYkULRUrhxqLOBN12MrrgzYUHuPV24xZcDSZq5GDGgtUnPxgANI88wEFV-MGeR4X3TaUOHVDX-EZ1qdc7Vgtz1xndzL_iHL0OyP3VAEvD5B-fWjrZ5Xa2C53jGZydJ1lSRGyzW2QS84WkhbWV7x_k-UIVD_eNaYygZhxs1VQz_Omd5_P0RnvCRRrP_Ea5qU2T7tQAilUhzkBycH-DS13Nt4V1JBjKytOxlkkV5D0hcEM2oTUoGQ2iFw&sai=AMfl-YQqCnbQnutHFYJjrxc5WaGF8SiS5xif8bSUsq5qiLzllBy2dAkGlLoLztHaSbNeN4dwqbETe05KZUAzcAN6hOFP89Q2_661bY0yFwaFN-LNDEHKNDW7Y7BJ9hBlsJACDIgsNJu-S0jdJMGP5TwLkbsuaR7geMhA8nYRoNk6u-36-UJ-dq1g7AJXYg_NYoNtvVTG-KLoJoozet8iH9_nlUZTO0-_H5uMOIs-2uQUFwoX0C5Okejh0XBk_K0em7RSQ9V2&sig=Cg0ArKJSzJiHY_u4E6qFEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=294&cbvp=1&cstd=286&cisv=r20230710.25472&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x67420x0229.html?fbclid=PAAaae-SdJFaTCe2X2Rz0YQJeaF_cmcYz8_lmUJJDaLttsAGULWuQIAYEIFUc_aem_AWqMemsf4qpLbeZbkZhrgOzXLw4pKQpSKaow2V3Sax-iHPbhThvsND2Me74HsU0i7CvE1WRhY0ku0e2hAZgH8ddB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 11 Jul 2023 22:51:25 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Tue, 11 Jul 2023 22:51:25 GMT
ai.aspx
m.exactag.com/ Frame 63EC
60 B
60 B
Image
General
Full URL
https://m.exactag.com/ai.aspx?extProvId=63&extPu=lx-mindshare&extProvApi=lx_de&extLi=29013028&extCr=180885357&extPm=354328380&gdpr_consent=&gdpr=
Requested by
Host: 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
URL: https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
213.202.235.9 Grenzach-Wyhlen, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Tue, 11 Jul 2023 22:51:24 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
P3P
policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy
cross-origin
Connection
close
X-ET-Monitoring
1
X-Xss-Protection
0
Pragma
no-cache
Last-Modified
Di, 11 Jul 2023 10:51:25 GMT
X-ET-Code
0
Content-Type
image/gif
Cache-Control
max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-ET-Camp
1894
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame B69B
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
458315
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 06 Jul 2023 15:32:50 GMT
expires
Fri, 05 Jul 2024 15:32:50 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame EA60
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
URL: https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 11 Jul 2023 22:51:25 GMT
expires
Tue, 11 Jul 2023 22:51:25 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 11 Jul 2023 22:51:25 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
file.mp4
r1---sn-4g5ednss.c.2mdn.net/videoplayback/id/f8fd2e94061f0d97/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1720651885/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame C278
2 MB
2 MB
Media
General
Full URL
https://r1---sn-4g5ednss.c.2mdn.net/videoplayback/id/f8fd2e94061f0d97/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1720651885/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/1A47E32EE2C09EDF53A23C49736E02321F89D9EB.754592A5F564A60B8E05BF64B1C683669516B57B/key/cms1/cms_redirect/yes/mh/xb/mip/2001:1b60:1010:2:1012:39f8:745c:d74/mm/42/mn/sn-4g5ednss/ms/onc/mt/1689115415/mv/u/mvi/1/pl/29/file/file.mp4
Requested by
Host: www.nefisyemektarifleri.com
URL: https://www.nefisyemektarifleri.com/etsiz-nohut-yemegi-248941/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:6b::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
9b279f62d8ab632481b6d6fda4c49c8b9ee7fd77988c13e4b8baa7007d37b10c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Range
bytes=0-

Response headers

expires
Tue, 11 Jul 2023 22:51:25 GMT
date
Tue, 11 Jul 2023 22:51:25 GMT
x-content-type-options
nosniff
Content-Range
bytes 0-2220695/2220696
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
2220696
last-modified
Fri, 07 Jul 2023 14:34:05 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
client-protocol
quic
tweenmax_2.0.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 942D
113 KB
38 KB
Script
General
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.0.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10776139036581716392/index.html?e=69&leftOffset=0&topOffset=0&c=WldR1jgurf&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10776139036581716392/index.html?e=69&leftOffset=0&topOffset=0&c=WldR1jgurf&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 22:51:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38915
x-xss-protection
0
last-modified
Tue, 19 Jun 2018 18:02:41 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 11 Jul 2023 22:51:25 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 942D
118 KB
40 KB
Script
General
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10776139036581716392/index.html?e=69&leftOffset=0&topOffset=0&c=WldR1jgurf&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10776139036581716392/index.html?e=69&leftOffset=0&topOffset=0&c=WldR1jgurf&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 13:52:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
32329
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 12 Jul 2023 13:52:36 GMT
pixel
cm.g.doubleclick.net/ Frame 3772
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEKp4HQ6eLMzon9v8xsrwxEU&google_cver=1&google_push=AaAOQGFx-xjpF-TWZ0Rd031Z7rReAgquqKbfYhrO2FAyLGhYiOJcHgdLHdTBGlclEEs8vtrehgdUU-6Y9XMzvzZdcuaBeacRS7Mu
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=EA2ED22C10FA4FF8BBD9D899C80FC3DE&google_push=AaAOQGFx-xjpF-TWZ0Rd031Z7rReAgquqKbfYhrO2FAyLGhYiOJcHgdLHdTBGlclEEs8vtrehgdUU-6Y9XMzvzZ...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=EA2ED22C10FA4FF8BBD9D899C80FC3DE&google_push=AaAOQGFx-xjpF-TWZ0Rd031Z7rReAgquqKbfYhrO2FAyLGhYiOJcHgdLHdTBGlclEEs8vtrehgdUU-6Y9XMzvzZdcuaBeacRS7Mu
Requested by
Host: 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
URL: https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 22:51:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 11 Jul 2023 22:51:25 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=EA2ED22C10FA4FF8BBD9D899C80FC3DE&google_push=AaAOQGFx-xjpF-TWZ0Rd031Z7rReAgquqKbfYhrO2FAyLGhYiOJcHgdLHdTBGlclEEs8vtrehgdUU-6Y9XMzvzZdcuaBeacRS7Mu
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 10 Jul 2023 22:51:25 GMT
pixel
cm.g.doubleclick.net/ Frame 3772
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELU0-tf6_lKD0XoJXv6K35U&google_cver=1&google_push=AaAOQGEz-VCnf2KgORbf2ds1Q8lgEtWD23OHb6LvAklJFQe8G7smiZjN5pge1wdXkv1rCqkQcR_-eoKTLb9vqMi8BY2o5UB...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGEz-VCnf2KgORbf2ds1Q8lgEtWD23OHb6LvAklJFQe8G7smiZjN5pge1wdXkv1rCqkQcR_-eoKTLb9vqMi8BY2o5UBuBnJQag&google_hm=eS1paTBWWXY5RTJwRzhx...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGEz-VCnf2KgORbf2ds1Q8lgEtWD23OHb6LvAklJFQe8G7smiZjN5pge1wdXkv1rCqkQcR_-eoKTLb9vqMi8BY2o5UBuBnJQag&google_hm=eS1paTBWWXY5RTJwRzhxUGZyeGZaVXJNcVlUODVWODF1T35B
Requested by
Host: 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
URL: https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 22:51:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 11 Jul 2023 22:51:25 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGEz-VCnf2KgORbf2ds1Q8lgEtWD23OHb6LvAklJFQe8G7smiZjN5pge1wdXkv1rCqkQcR_-eoKTLb9vqMi8BY2o5UBuBnJQag&google_hm=eS1paTBWWXY5RTJwRzhxUGZyeGZaVXJNcVlUODVWODF1T35B
content-length
0
usersync.aspx
dis.criteo.com/dis/ Frame 3772
43 B
363 B
Image
General
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&google_gid=CAESEIoqgM4nCYWVXuBWZO2c3Cw&google_cver=1&google_push=AaAOQGFoGF7z35GDNfobI1AtGe3iZABh2sr_1oF_Jyrxq-cZkridcC0EEtxVsOKo2gUE20H_REINjhssAhHi84Bd3uO2ZELt4gMe
Requested by
Host: 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
URL: https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 22:51:25 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
176942
expires
Tue, 11 Jul 2023 00:00:00 GMT
dds
rtb.openx.net/sync/ Frame 3772
43 B
103 B
Image
General
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEFjt5vC56cZRKeYLTHWPlaM&google_cver=1&google_push=AaAOQGFjvVgjGTqlrj011-rcD7TTh8kYExf78b43NRujsMnWrKJiFlbEWrlwLy_MO9zfdJAA0Sn_Ft33HTabtQX5wDPk_5RV9Gjmhg
Requested by
Host: 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
URL: https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 22:51:25 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
pixel
cm.g.doubleclick.net/ Frame 3772
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEF9evX3cJU0tuowrRXwdpbY&google_cver=1&google_push=AaAOQGFhP43jTJ938QJXNzOZTXdsXAEdwjTjPq-WTeUKHYn5EZKZ8p9rXqkhzuCZl_AJCkrasjMdyWmVbq1q...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGFhP43jTJ938QJXNzOZTXdsXAEdwjTjPq-WTeUKHYn5EZKZ8p9rXqkhzuCZl_AJCkrasjMdyWmVbq1q4BYh4sBIXnQ6HER6
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGFhP43jTJ938QJXNzOZTXdsXAEdwjTjPq-WTeUKHYn5EZKZ8p9rXqkhzuCZl_AJCkrasjMdyWmVbq1q4BYh4sBIXnQ6HER6
Requested by
Host: 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
URL: https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 22:51:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGFhP43jTJ938QJXNzOZTXdsXAEdwjTjPq-WTeUKHYn5EZKZ8p9rXqkhzuCZl_AJCkrasjMdyWmVbq1q4BYh4sBIXnQ6HER6
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
sync
ups.analytics.yahoo.com/ups/58281/ Frame 3772
0
125 B
Image
General
Full URL
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEK7cEINhAjAoSbWtiVdj-wo&google_cver=1&google_push=AaAOQGFTZMremAwt4rCPHmVrm3ZjqqKIFu8hrZsmxXCIZeb7gwKr3BxYPt1fEe0OyAEBTJMrRL9TOO5R7nMUiRygrblJGSz0MBoCDQI
Requested by
Host: 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
URL: https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 22:51:25 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 3772
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESENnErwH9A...
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=2c904e7c-1719-4cc0-a134-5aa114d71e23&%%GOOGLE_PUSH_PAIR%%
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=2c904e7c-1719-4cc0-a134-5aa114d71e23&%%GOOGLE_PUSH_PAIR%%
Requested by
Host: 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
URL: https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 22:51:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=2c904e7c-1719-4cc0-a134-5aa114d71e23&%%GOOGLE_PUSH_PAIR%%
date
Tue, 11 Jul 2023 22:51:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 3772
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I8Rq9MzNoXFGnOye_B67dlsUnBq64TD4n4IxlHJN9A6I2j1hXnJCT4x8p_zqb7npJcMEHOF9o
Requested by
Host: 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
URL: https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 22:51:25 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js
pagead2.googlesyndication.com/bg/ Frame 249D
38 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
00e8a28586e393b1b23d23dec44dcfa2b38a457a287d33c5f0d8ef9008257387
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 09:49:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
46902
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14768
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 15:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 10 Jul 2024 09:49:43 GMT
main.19.8.427.js
static.adsafeprotected.com/ Frame 276C
204 KB
64 KB
Script
General
Full URL
https://static.adsafeprotected.com/main.19.8.427.js
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rjss/st/1534583/72389193/skeleton.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26da:fe00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b445986c019347798ad617e4f430afca3618c8284e21bb0af67e57c349610fb8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 17:18:30 GMT
x-amz-version-id
viAUynJgAIn66dlitVD8ck8iSZOBHuBj
content-encoding
gzip
via
1.1 7949f2957c23173b6f2b16db26ab42f6.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P4
age
19976
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 10 Jul 2023 20:47:49 GMT
server
AmazonS3
etag
W/"506c4292d1b190f254067aa99ecfa709"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
YKYBzllvyMuTpXHmGiPQQmFZqsU1dmlGtZzsGXjHl5Lw5NNNUNzHkg==
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 5ADD
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
458315
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 06 Jul 2023 15:32:50 GMT
expires
Fri, 05 Jul 2024 15:32:50 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/12339641061559367785/ Frame 9B2A
14 KB
3 KB
Document
General
Full URL
https://s0.2mdn.net/sadbundle/12339641061559367785/index.html?e=69&leftOffset=0&topOffset=0&c=rlPKL8Z2GL&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc63e14bc579599e80c325c723a80ade67a77f614e1376c769a44d1f43d7f840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2951
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Tue, 11 Jul 2023 22:51:25 GMT
expires
Wed, 10 Jul 2024 22:51:25 GMT
last-modified
Fri, 12 May 2023 09:19:47 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 276C
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsshMQtCOvH0oK5sHd9HlhOJHuCR2R3Dlu8wqSY_qVcbIXxgAcZOM285cCKORE1oSnQFy6Gim9_Hxis30ErsEvrGegGYhSq_5hOE_j6leK6jj398_KQN4LHgaeizRbSLd1sj_mP1E7hJAuc2uDDkkXTEvotCv95B6q1-zJYIcBeQo8NYpHXlNow9vOR2U_RMJZUghBC-5M8U6Z2jBHbF1qJSrzePiPCT7QVwLVdp8gvdfgA1VR3LcxU4867fPEMBvqPhH7dgJLghhQa5bIKLj1kR-ZKJTUfDXgyLenqq1FMfym08cjj7YLlHdDALDgJs9wVSt0RZZ5MK-dyMrLYsLw1gZI9am-KCgJ4cWUwB8wJqw7zWg-WDuTMR69sAzRVS5tLE2cAX6yFMdJWn_3atxy1SJ1W3RNV_TBIrU0QMSJOS_GmKFq63q0F1dvO8JeN3Oxwg6Ew2NAvQzvIjXqLenm02buQ2wOEPrMj5orwax4CGqgp7Gl9Ap6FJlqT-awoGcdPU3iAK5SaTgmi7fGsGKPA5AKltHJXZcdiMYbSqMh91zWlRDI33f9MCqS2zPapps5Sfq7i0emmtozluV82xj_JGO96ec5UsQHi8wBpd5W1Xr0XMXn2rdFg1xZSHBuh-pVzIGGnP85a2wLTVnb60SUDU5qsrcqwSeVDkSunaR7pghnPyzdyxWloxdUMsu5zQb1QooS-b19Pz9iNo5BbWqp-O6bU_BJBvsvSIopth5xIZZbYDOplfW6PrYmsClC6UWb6inBPWdw2ro6WXogxFQzaNw1Q62ERa64xaoit40_ILQ7_tY40YlH8IMMDA2scPEiyFZ6jDHxflDf2DLGFpinC1xePSDUcKbcLLHOIawYJShNUJr6-UIEfG1IS2JaIk7rVU8EKmcx5rqnRaWh9KfJCYTa4MUJITd4Tbfe9XpSXXw7vb2qmpAFJby-zbCkVRFQXSFfxiuev_YzY8JCB7E0rN5-s12qiZtJWiFMZAFyh9Sz49HGOW0TDvju-DbNP0xGok3DgmGI3Zv_dFAd1nGmDhi1uNY-msasaGxdCJc-Q1gkN1p7MlPzccS_2_Pq24mduMuSSBrhlGS6P789IWzXaYVv2Aez1eNhOFBCoTiYbVYpA9c4uBB21s4VMJajRvH4ToPOLEKcWrkcJtbA-Xh_tPq77_hEVj8lPDgyLseViX_WMv_bPK9Yd2VIWwZKvNJ92qfybBm7k0dFElXi5cw3d8XCuz_51DJB5mnknLf6vWLceJp0pnyRdIhsHz4QRSE_O_jFxplU1vIkQSuzDVc7777KwSuv52hXitznvwsxeRV7Q7QyLnXrAgKMn5ZTdVcJcepoHIsnvSdKyRJ12P7vV6HohtGwiAkT8HvyE6hfCHanLfg18ylPsRP2DccPcy2KO7KyKF_9muoqhu6egjOqCmxI9AffyoM-3c1f0MkIjT1Ty-RNkpt0kUf_uXNw&sai=AMfl-YSCqb6ccL0oDuhaZpiTV02Iix7qDBc7Z6nE9Q5L3XWpngZcNRcZruLoI58Z_jDc36L1G3qdKaCGBFum6Z2xWSC1K-ZEAjQ9flYdlrpU2M-PGB-EzY5MXRR7jMuOd6ON8QlSxnsmq71sRQqMOsfockjzwINKgGZvAhgzkK4Y6EavQyBOTeMR66QwDJhOzGkXKtiSbSiXNJsB4GIftFBe6x5cYs2p2--JMpmzZAT846uyAJ6la72PFMWP83lIMtyRfCY0zOwcLmZ7bOdHwWdzoHIgPaDAC68&sig=Cg0ArKJSzC_LnabLZvX4EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=264&cbvp=1&cstd=258&cisv=r20230710.23124&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x67420x0229.html?fbclid=PAAaae-SdJFaTCe2X2Rz0YQJeaF_cmcYz8_lmUJJDaLttsAGULWuQIAYEIFUc_aem_AWqMemsf4qpLbeZbkZhrgOzXLw4pKQpSKaow2V3Sax-iHPbhThvsND2Me74HsU0i7CvE1WRhY0ku0e2hAZgH8ddB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 11 Jul 2023 22:51:25 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Tue, 11 Jul 2023 22:51:25 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 82A3
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ima_sdk_v&pvsid=413980555089297&v=h.3.580.0
Requested by
Host: www.nefisyemektarifleri.com
URL: https://www.nefisyemektarifleri.com/etsiz-nohut-yemegi-248941/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nefisyemektarifleri.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 22:51:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
JuxDZWINa7otHwaisCqyMSq7iwQyCfHq_LhnNSU0b2U.js
pagead2.googlesyndication.com/bg/ Frame B69B
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/JuxDZWINa7otHwaisCqyMSq7iwQyCfHq_LhnNSU0b2U.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
26ec4365620d6bba2d1f06a2b02ab2312abb8b043209f1eafcb8673525346f65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 11:40:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
126649
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14572
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 15:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 09 Jul 2024 11:40:36 GMT
styles.css
s0.2mdn.net/sadbundle/12339641061559367785/css/ Frame 9B2A
6 KB
2 KB
Stylesheet
General
Full URL
https://s0.2mdn.net/sadbundle/12339641061559367785/css/styles.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12339641061559367785/index.html?e=69&leftOffset=0&topOffset=0&c=rlPKL8Z2GL&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435205911189c1d7f16109a127f2dc4f3c0dbab6d8d226088216bd5c6c3ef9ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12339641061559367785/index.html?e=69&leftOffset=0&topOffset=0&c=rlPKL8Z2GL&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 16:13:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
23862
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1585
x-xss-protection
0
last-modified
Fri, 12 May 2023 09:19:47 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 10 Jul 2024 16:13:43 GMT
Enabler_01_250.js
s0.2mdn.net/879366/ Frame 9B2A
120 KB
41 KB
Script
General
Full URL
https://s0.2mdn.net/879366/Enabler_01_250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12339641061559367785/index.html?e=69&leftOffset=0&topOffset=0&c=rlPKL8Z2GL&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12339641061559367785/index.html?e=69&leftOffset=0&topOffset=0&c=rlPKL8Z2GL&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 13:53:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
32302
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42247
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 21:28:42 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 12 Jul 2023 13:53:03 GMT
overlay.png
s0.2mdn.net/sadbundle/12339641061559367785/img/ Frame 9B2A
95 B
122 B
Image
General
Full URL
https://s0.2mdn.net/sadbundle/12339641061559367785/img/overlay.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12339641061559367785/index.html?e=69&leftOffset=0&topOffset=0&c=rlPKL8Z2GL&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12339641061559367785/index.html?e=69&leftOffset=0&topOffset=0&c=rlPKL8Z2GL&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 16:13:43 GMT
x-content-type-options
nosniff
age
23862
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
x-xss-protection
0
last-modified
Fri, 12 May 2023 09:19:47 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 10 Jul 2024 16:13:43 GMT
logo.svg
s0.2mdn.net/sadbundle/12339641061559367785/img/ Frame 9B2A
5 KB
2 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/12339641061559367785/img/logo.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12339641061559367785/index.html?e=69&leftOffset=0&topOffset=0&c=rlPKL8Z2GL&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
312ea37c961106b2df0601ca18d37f89c74ec7b28932d79c012c0864169a11ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12339641061559367785/index.html?e=69&leftOffset=0&topOffset=0&c=rlPKL8Z2GL&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 16:13:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
23862
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2331
x-xss-protection
0
last-modified
Fri, 12 May 2023 09:19:47 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 10 Jul 2024 16:13:43 GMT
gsap_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 9B2A
60 KB
24 KB
Script
General
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12339641061559367785/index.html?e=69&leftOffset=0&topOffset=0&c=rlPKL8Z2GL&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12339641061559367785/index.html?e=69&leftOffset=0&topOffset=0&c=rlPKL8Z2GL&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 22:51:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24155
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:23:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 11 Jul 2023 22:51:25 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 63EC
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstNCyeR1VF3cxJL96XmsEBu5zexnT-nlZN8xr8360fgW4_ybt94OxyrRgHA4OoR7YPA9AfLo15A2F0wB-0Dq5pc4Rsb9_omyLlAJyTfGy6S06tHeFoqEkrdTZfrlAywQmxTxuDXYnOBH4DG3tKBE_mQDji3pkHBzXhfXDn7uZF6WqavqbAw2iBBKwUUmD_L8liOBp2154mLCGnsTBI1KhQClNg6ubWHr46pEnL_shrGdrQHvOJ4o5VPHZSredMZVSZ-ET3PtNT-tFEO3vU6bkFJHpoKBiC31KcxwPxMpKi7PJwl_qRAuWcjkxrokmWUffG23IlSBnlcM5tCPmHBxRj8oux41FnnqHX77_bNS6uU-hJOX7TAPfKpkEn6cbGr0H3eq4zFjH2KB9g2WjbQ3PAQPF6Sj-w8XvjDERsyY3Y_Ge7KOw1MUOOKbot0quGWSj0Rv3Sxvr4V5o3LGFGS8Ebs5_geYNYFzmury8LeepJLvNOi73Su8D1cxoXkcQ3dYEUneJoZsKC-MRW4iV-iaK0rYigUGtKhjfLV0T-EhGLgS8CHZwtH8dRMnOzS05vFLxnBteDwNS-isa7uMS0O1oPNi0LKySjcQ3c8jh7cE-B9VFTIjpUDItPCsU0U8u4JhTpa2y39ysG3h5tSpz0DPhJ0L-p2l7nu1HPV3-8mI3u32ImuuqOQkE2fWGQinRh8fEe6zJCh2iO1i-yzPBLljK-rFzMwN4vaSDuPxvum4SKEKeDuyf7fUxetjxsfRV5eMZc4jTRraOCcQ4-RM6Ss8r18HPdJHbsyPWw75Elxxlbh3bJqad5BZ-aZAZxJ1OYIOGp1Xv4Y_zil6EWNMl1E79ypn1UpALeiiBqk1kTTrxIRY76JjkzySDSTxjVrrg_SkD9zg8u32_R_8MZSh696wRGTwAJc5zXCzd0yX_1vqRdKPPlhuX2swgBERVxXR-LmpN_nSM3eJIvQ35ohZjzBVip21r2UcCJd9dNUX0MyQIb-QWFpwoQqfelfCoyIB2dbTSi8DkKLU5xsG4Zcx_rNwkAxfBmLx0avf_W-y3iVMVheihQXwQTwsdNRowCcUwzHk-Hzr8nHbGYOuSobR4foy595vvkwmckOMHlUg6q4c1B2B_hcPMoF9hRcRIBcs0DHYXhvICTimVetA142kDwgcY4UYkULRUrhxqLOBN12MrrgzYUHuPV24xZcDSZq5GDGgtUnPxgANI88wEFV-MGeR4X3TaUOHVDX-EZ1qdc7Vgtz1xndzL_iHL0OyP3VAEvD5B-fWjrZ5Xa2C53jGZydJ1lSRGyzW2QS84WkhbWV7x_k-UIVD_eNaYygZhxs1VQz_Omd5_P0RnvCRRrP_Ea5qU2T7tQAilUhzkBycH-DS13Nt4V1JBjKytOxlkkV5D0hcEM2oTUoGQ2iFw&sai=AMfl-YQqCnbQnutHFYJjrxc5WaGF8SiS5xif8bSUsq5qiLzllBy2dAkGlLoLztHaSbNeN4dwqbETe05KZUAzcAN6hOFP89Q2_661bY0yFwaFN-LNDEHKNDW7Y7BJ9hBlsJACDIgsNJu-S0jdJMGP5TwLkbsuaR7geMhA8nYRoNk6u-36-UJ-dq1g7AJXYg_NYoNtvVTG-KLoJoozet8iH9_nlUZTO0-_H5uMOIs-2uQUFwoX0C5Okejh0XBk_K0em7RSQ9V2&sig=Cg0ArKJSzJiHY_u4E6qFEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=487&vt=11&dtpt=193&dett=3&cstd=286&cisv=r20230710.25472&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x67420x0229.html?fbclid=PAAaae-SdJFaTCe2X2Rz0YQJeaF_cmcYz8_lmUJJDaLttsAGULWuQIAYEIFUc_aem_AWqMemsf4qpLbeZbkZhrgOzXLw4pKQpSKaow2V3Sax-iHPbhThvsND2Me74HsU0i7CvE1WRhY0ku0e2hAZgH8ddB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 22:51:25 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 11 Jul 2023 22:51:25 GMT
JuxDZWINa7otHwaisCqyMSq7iwQyCfHq_LhnNSU0b2U.js
pagead2.googlesyndication.com/bg/ Frame 5ADD
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/JuxDZWINa7otHwaisCqyMSq7iwQyCfHq_LhnNSU0b2U.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
26ec4365620d6bba2d1f06a2b02ab2312abb8b043209f1eafcb8673525346f65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 11:40:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
126649
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14572
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 15:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 09 Jul 2024 11:40:36 GMT
count
logger.virgul.com/ Frame 82A3
0
116 B
Ping
General
Full URL
https://logger.virgul.com/count?m=infoLoad&g=m&r=npm_nefisyemektarifleri:13::10710800&o=400-500&iv=&wVID=&info=10710800@117240@117240@13:30@@&os=windows&dt=desktop
Requested by
Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=7/11/2023
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nefisyemektarifleri.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 11 Jul 2023 22:51:25 GMT
server
openresty/1.15.8.3
content-length
0
access-control-allow-methods
GET, POST
content-type
image/jpeg
FordAntennaCondMedium.subline.woff
s0.2mdn.net/sadbundle/12339641061559367785/fonts/ Frame 9B2A
13 KB
13 KB
Font
General
Full URL
https://s0.2mdn.net/sadbundle/12339641061559367785/fonts/FordAntennaCondMedium.subline.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12339641061559367785/css/styles.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e83314d333416d003a14ff991793feefefe12184980a4f081c0465cda5dc8da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/12339641061559367785/css/styles.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 16:13:43 GMT
x-content-type-options
nosniff
age
23862
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13336
x-xss-protection
0
last-modified
Fri, 12 May 2023 09:19:47 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 10 Jul 2024 16:13:43 GMT
FordAntennaBlack.headline.woff
s0.2mdn.net/sadbundle/12339641061559367785/fonts/ Frame 9B2A
12 KB
12 KB
Font
General
Full URL
https://s0.2mdn.net/sadbundle/12339641061559367785/fonts/FordAntennaBlack.headline.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12339641061559367785/css/styles.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d97d2f204c48ceadcc2f5b86ba6bf25987c6f7c43c8dd7fee7a2847e6a71f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/12339641061559367785/css/styles.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 16:13:43 GMT
x-content-type-options
nosniff
age
23862
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11876
x-xss-protection
0
last-modified
Fri, 12 May 2023 09:19:47 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 10 Jul 2024 16:13:43 GMT
FordAntennaRegular.legal.woff
s0.2mdn.net/sadbundle/12339641061559367785/fonts/ Frame 9B2A
14 KB
14 KB
Font
General
Full URL
https://s0.2mdn.net/sadbundle/12339641061559367785/fonts/FordAntennaRegular.legal.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12339641061559367785/css/styles.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff1ea82759f4df729f7ee24dac62805f05a2fc79c7ca4cb518a072a11835e884
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/12339641061559367785/css/styles.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 16:13:43 GMT
x-content-type-options
nosniff
age
23862
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14468
x-xss-protection
0
last-modified
Fri, 12 May 2023 09:19:47 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 10 Jul 2024 16:13:43 GMT
main.js
s0.2mdn.net/creatives/assets/4672102/ Frame 942D
4 KB
2 KB
Script
General
Full URL
https://s0.2mdn.net/creatives/assets/4672102/main.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10776139036581716392/index.html?e=69&leftOffset=0&topOffset=0&c=WldR1jgurf&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
decfbe8c158a2cba02ca73b8bdf79f27b58757217a01cf6a492feb29d25d9458
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10776139036581716392/index.html?e=69&leftOffset=0&topOffset=0&c=WldR1jgurf&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 22:40:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
654
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1793
x-xss-protection
0
last-modified
Mon, 15 May 2023 11:48:29 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 11 Jul 2023 22:55:31 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 942D
7 KB
6 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0ba9d330b78f248ea27a859a13a86a8d65e737a6f79f1370f0a52cb7a06e292a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 22:51:25 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5733
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 9B2A
8 KB
6 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c8da45626edae55c76cee4eaf4867a8301ca7980ade6751502f20bbf0b27a22f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 22:51:25 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5810
x-xss-protection
0
skeleton.js
static.adsafeprotected.com/ Frame 276C
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/1534583/72389193/skeleton.js?adsafe_url=https%3A%2F%2Fpcloak.blob.core.windows.net&adsafe_type=g&adsafe_url=https%3A%2F%2Fwww.nefisyemektarifleri.com%2F&adsafe...
  • https://static.adsafeprotected.com/skeleton.js
17 B
466 B
Script
General
Full URL
https://static.adsafeprotected.com/skeleton.js
Requested by
Host: 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
URL: https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Server
2600:9000:26da:fe00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 09 May 2023 06:47:57 GMT
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via
1.1 7949f2957c23173b6f2b16db26ab42f6.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P4
age
5501009
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
cMK1c4Pd0G7UXqAZbe5XNHs6jVTLHPnJeHIvLfH6k5Z0WhoXNz8XzQ==

Redirect headers

pragma
no-cache
date
Tue, 11 Jul 2023 22:51:25 GMT
server
nginx
x-server-name
app14.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/skeleton.js
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame 9B6C
91 KB
23 KB
Script
General
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
URL: https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26da:fe00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 21:19:49 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 7949f2957c23173b6f2b16db26ab42f6.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P4
age
2856697
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
hh1Ku2sReYjQNsvHlbfjJHo3W96OpiTRX_iu_9AvDlLm8kEACJWvSg==
160x600_js.png
s0.2mdn.net/creatives/assets/4672102/ Frame 942D
71 KB
71 KB
Image
General
Full URL
https://s0.2mdn.net/creatives/assets/4672102/160x600_js.png
Requested by
Host: www.nefisyemektarifleri.com
URL: https://www.nefisyemektarifleri.com/etsiz-nohut-yemegi-248941/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7a275065d1843e7068685f13f7a0374b5a2756e41293faaaedc5cfa360014824
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/10776139036581716392/index.html?e=69&leftOffset=0&topOffset=0&c=WldR1jgurf&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 22:39:58 GMT
x-content-type-options
nosniff
age
687
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73107
x-xss-protection
0
last-modified
Wed, 19 Apr 2023 09:53:11 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 11 Jul 2023 22:54:58 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 942D
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 22:51:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 11 Jul 2023 22:51:25 GMT
count
logger.virgul.com/ Frame 82A3
0
116 B
Ping
General
Full URL
https://logger.virgul.com/count?m=adDataLoad&g=m&r=npm_nefisyemektarifleri:preroll:100&o=&iv=&wVID=&info=10710800@117240@117240@13:30@@&os=windows&dt=desktop
Requested by
Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=7/11/2023
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nefisyemektarifleri.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 11 Jul 2023 22:51:25 GMT
server
openresty/1.15.8.3
content-length
0
access-control-allow-methods
GET, POST
content-type
image/jpeg
zoneview
ng.virgul.com/ Frame 82A3
0
222 B
Image
General
Full URL
https://ng.virgul.com/zoneview?c=&mt=1689115885868&v=https%3A%2F%2Fwww.nefisyemektarifleri.com%2Fetsiz-nohut-yemegi-248941%2F%26vi%3D10710800%40&r=153182:nefisyemektarifleri&userId=vnetb9cf87df-44c8-4da2-82a0-503c8f3b7d9a&tp=&os=&call=&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc1,hf1,vv1,gpnyt%3D1%26video%3D1%26rec%3Dbakliyat-yemekleri%26rec_ing%3Ddomates%20sal%C3%A7as%C4%B1%40karabiber%40kuru%20so%C4%9Fan%40nohut%40pul%20biber%40s%C4%B1v%C4%B1%20ya%C4%9F%40sivri%20biber%40su%40tuz%26nyt_cat%3Dpost&info=&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&rdmt=0.31025898645104855
Requested by
Host: www.nefisyemektarifleri.com
URL: https://www.nefisyemektarifleri.com/etsiz-nohut-yemegi-248941/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nefisyemektarifleri.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin
https://www.nefisyemektarifleri.com
date
Tue, 11 Jul 2023 22:51:25 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
count
logger.virgul.com/ Frame 82A3
0
116 B
Ping
General
Full URL
https://logger.virgul.com/count?m=videoActivateError&g=m&r=npm_nefisyemektarifleri:windows:Chrome_114.0.5735.198&o=&iv=&wVID=&info=10710800@117240@117240@13:30@@&os=windows&dt=desktop
Requested by
Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=7/11/2023
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nefisyemektarifleri.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 11 Jul 2023 22:51:25 GMT
server
openresty/1.15.8.3
content-length
0
access-control-allow-methods
GET, POST
content-type
image/jpeg
truncated
/ Frame 82A3
1016 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6823cdc5c5bc297bd4ac06187687fecb2a5c110658ebd5efba820132571fe6a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
dt
dt.adsafeprotected.com/ Frame 276C
43 B
216 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1534583&asId=2dffbaa2-f741-71db-eb2d-2a6ebf9195ae&tv=%7Bc:i6nEpt,pingTime:-3,time:332,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:251%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:332,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:251,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B102~0%5D,as:%5B102~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tJKe7jy+111%7C112%7C113%7C114%7C115%7C116%7C117%7C118%7C119%7C11a1%7C11b11%7C11c1%7C11d1%7C11d2%7C11e1%7C11e2%7C11e3%7C11e41%7C11f1%7C11f2%7C11g*.1534583-72389193%7C11g1%7C11g2%7C11g3%7C11g4%7C11h%7C11i1%7C11j,idMap:11g*,rmeas:1,rend:0,renddet:na,siq:252%7D&br=c
Requested by
Host: 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
URL: https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:137e:246c:f226:35e4 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 22:51:26 GMT
server
nginx
x-server-name
dt06.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 276C
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1534583&asId=2dffbaa2-f741-71db-eb2d-2a6ebf9195ae&tv=%7Bc:i6nEpv,pingTime:-6,time:333,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:333,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:251,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B103~0%5D,as:%5B103~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tJKe7jy+111%7C112%7C113%7C114%7C115%7C116%7C117%7C118%7C119%7C11a1%7C11b11%7C11c1%7C11d1%7C11d2%7C11e1%7C11e2%7C11e3%7C11e41%7C11f1%7C11f2%7C11g*.1534583-72389193%7C11g1%7C11g2%7C11g3%7C11g4%7C11h%7C11i1%7C11j,idMap:11g*,rmeas:1,rend:0,renddet:na,siq:252%7D&tpiLookup=ao:pcloak.blob.core.windows.net*%2Cwww.nefisyemektarifleri.com*&br=c
Requested by
Host: 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
URL: https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:137e:246c:f226:35e4 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 22:51:26 GMT
server
nginx
x-server-name
dt08.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
5e2588ac6f82ad050a013a34
ng2.virgul.com/tck/imp/ Frame 82A3
0
222 B
Image
General
Full URL
https://ng2.virgul.com/tck/imp/5e2588ac6f82ad050a013a34?g=1&t=gb&r=153193@site_geneli@nefisyemektarifleri:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgpnyt%3D1%26video%3D1%26rec%3Dbakliyat-yemekleri%26rec_ing%3Ddomates+sal%C3%A7as%C4%B1%40karabiber%40kuru+so%C4%9Fan%40nohut%40pul+biber%40s%C4%B1v%C4%B1+ya%C4%9F%40sivri+biber%40su%40tuz%26nyt_cat%3Dpost&info=&mt=1689115883758&userId=vnetb9cf87df-44c8-4da2-82a0-503c8f3b7d9a
Requested by
Host: www.nefisyemektarifleri.com
URL: https://www.nefisyemektarifleri.com/etsiz-nohut-yemegi-248941/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nefisyemektarifleri.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin
https://www.nefisyemektarifleri.com
date
Tue, 11 Jul 2023 22:51:25 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 9B2A
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 22:51:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 11 Jul 2023 22:51:25 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 276C
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsshMQtCOvH0oK5sHd9HlhOJHuCR2R3Dlu8wqSY_qVcbIXxgAcZOM285cCKORE1oSnQFy6Gim9_Hxis30ErsEvrGegGYhSq_5hOE_j6leK6jj398_KQN4LHgaeizRbSLd1sj_mP1E7hJAuc2uDDkkXTEvotCv95B6q1-zJYIcBeQo8NYpHXlNow9vOR2U_RMJZUghBC-5M8U6Z2jBHbF1qJSrzePiPCT7QVwLVdp8gvdfgA1VR3LcxU4867fPEMBvqPhH7dgJLghhQa5bIKLj1kR-ZKJTUfDXgyLenqq1FMfym08cjj7YLlHdDALDgJs9wVSt0RZZ5MK-dyMrLYsLw1gZI9am-KCgJ4cWUwB8wJqw7zWg-WDuTMR69sAzRVS5tLE2cAX6yFMdJWn_3atxy1SJ1W3RNV_TBIrU0QMSJOS_GmKFq63q0F1dvO8JeN3Oxwg6Ew2NAvQzvIjXqLenm02buQ2wOEPrMj5orwax4CGqgp7Gl9Ap6FJlqT-awoGcdPU3iAK5SaTgmi7fGsGKPA5AKltHJXZcdiMYbSqMh91zWlRDI33f9MCqS2zPapps5Sfq7i0emmtozluV82xj_JGO96ec5UsQHi8wBpd5W1Xr0XMXn2rdFg1xZSHBuh-pVzIGGnP85a2wLTVnb60SUDU5qsrcqwSeVDkSunaR7pghnPyzdyxWloxdUMsu5zQb1QooS-b19Pz9iNo5BbWqp-O6bU_BJBvsvSIopth5xIZZbYDOplfW6PrYmsClC6UWb6inBPWdw2ro6WXogxFQzaNw1Q62ERa64xaoit40_ILQ7_tY40YlH8IMMDA2scPEiyFZ6jDHxflDf2DLGFpinC1xePSDUcKbcLLHOIawYJShNUJr6-UIEfG1IS2JaIk7rVU8EKmcx5rqnRaWh9KfJCYTa4MUJITd4Tbfe9XpSXXw7vb2qmpAFJby-zbCkVRFQXSFfxiuev_YzY8JCB7E0rN5-s12qiZtJWiFMZAFyh9Sz49HGOW0TDvju-DbNP0xGok3DgmGI3Zv_dFAd1nGmDhi1uNY-msasaGxdCJc-Q1gkN1p7MlPzccS_2_Pq24mduMuSSBrhlGS6P789IWzXaYVv2Aez1eNhOFBCoTiYbVYpA9c4uBB21s4VMJajRvH4ToPOLEKcWrkcJtbA-Xh_tPq77_hEVj8lPDgyLseViX_WMv_bPK9Yd2VIWwZKvNJ92qfybBm7k0dFElXi5cw3d8XCuz_51DJB5mnknLf6vWLceJp0pnyRdIhsHz4QRSE_O_jFxplU1vIkQSuzDVc7777KwSuv52hXitznvwsxeRV7Q7QyLnXrAgKMn5ZTdVcJcepoHIsnvSdKyRJ12P7vV6HohtGwiAkT8HvyE6hfCHanLfg18ylPsRP2DccPcy2KO7KyKF_9muoqhu6egjOqCmxI9AffyoM-3c1f0MkIjT1Ty-RNkpt0kUf_uXNw&sai=AMfl-YSCqb6ccL0oDuhaZpiTV02Iix7qDBc7Z6nE9Q5L3XWpngZcNRcZruLoI58Z_jDc36L1G3qdKaCGBFum6Z2xWSC1K-ZEAjQ9flYdlrpU2M-PGB-EzY5MXRR7jMuOd6ON8QlSxnsmq71sRQqMOsfockjzwINKgGZvAhgzkK4Y6EavQyBOTeMR66QwDJhOzGkXKtiSbSiXNJsB4GIftFBe6x5cYs2p2--JMpmzZAT846uyAJ6la72PFMWP83lIMtyRfCY0zOwcLmZ7bOdHwWdzoHIgPaDAC68&sig=Cg0ArKJSzC_LnabLZvX4EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=597&vt=11&dtpt=333&dett=3&cstd=258&cisv=r20230710.23124&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x67420x0229.html?fbclid=PAAaae-SdJFaTCe2X2Rz0YQJeaF_cmcYz8_lmUJJDaLttsAGULWuQIAYEIFUc_aem_AWqMemsf4qpLbeZbkZhrgOzXLw4pKQpSKaow2V3Sax-iHPbhThvsND2Me74HsU0i7CvE1WRhY0ku0e2hAZgH8ddB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 22:51:25 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 11 Jul 2023 22:51:25 GMT
10710800-480_2-170k.mp4
istr-n23.nktcdn.com/data/videos/10710/ Frame 82A3
Redirect Chain
  • https://istr.izlesene.com/data/videos/10710/10710800-480_2-170k.mp4?token=ghJqF0FTY48xkzVo1nmRhA&ts=1689205885&playername=npm_nefisyemektarifleri
  • https://istr-n23.nktcdn.com/data/videos/10710/10710800-480_2-170k.mp4?playername=npm_nefisyemektarifleri&token=BSSx8LbI3Jtom91JaiPM2g&ts=1689202286
400 KB
0
Media
General
Full URL
https://istr-n23.nktcdn.com/data/videos/10710/10710800-480_2-170k.mp4?playername=npm_nefisyemektarifleri&token=BSSx8LbI3Jtom91JaiPM2g&ts=1689202286
Requested by
Host: www.nefisyemektarifleri.com
URL: https://www.nefisyemektarifleri.com/etsiz-nohut-yemegi-248941/
Protocol
H2
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nefisyemektarifleri.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin
*
Content-Range
bytes 0-22366387/22366388
date
Tue, 11 Jul 2023 22:51:26 GMT
last-modified
Tue, 06 Sep 2022 14:04:31 GMT
server
openresty/1.15.8.3
Content-Length
22366388
content-type
video/mp4

Redirect headers

date
Tue, 11 Jul 2023 22:51:26 GMT
server
openresty/1.15.8.3
content-type
text/html
location
https://istr-n23.nktcdn.com/data/videos/10710/10710800-480_2-170k.mp4?playername=npm_nefisyemektarifleri&token=BSSx8LbI3Jtom91JaiPM2g&ts=1689202286
access-control-allow-origin
*
cache-control
max-age=0
content-length
151
expires
Tue, 11 Jul 2023 22:51:26 GMT
dt
dt.adsafeprotected.com/ Frame 276C
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1534583&asId=2dffbaa2-f741-71db-eb2d-2a6ebf9195ae&tv=%7Bc:i6nEq5,pingTime:-2,time:369,type:a,im:%7Bsf:0,pci:%7Btdr:97%7D,pom:1,prf:%7BbdA:460,bdZ:616,beA:718,beZ:719,mfA:945,cmA:946,inA:946,inZ:950,prA:950,prZ:965,si:970,poA:971,poZ:984,cmZ:984,mfZ:984,loA:1051,loZ:1053,ltA:1087,ltZ:1087,mdA:719,mdZ:864%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:160.600,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:251%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:369,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:251,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B139~0%5D,as:%5B139~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tJKe7jy+111%7C112%7C113%7C114%7C115%7C116%7C117%7C118%7C119%7C11a1%7C11b11%7C11c1%7C11d1%7C11d2%7C11e1%7C11e2%7C11e3%7C11e41%7C11f1%7C11f2%7C11g*.1534583-72389193%7C11g1%7C11g2%7C11g3%7C11g4%7C11h%7C11i1%7C11j,idMap:11g*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:252,sinceFw:116,readyFired:true%7D&br=c
Requested by
Host: 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
URL: https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:137e:246c:f226:35e4 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 22:51:26 GMT
server
nginx
x-server-name
dt10.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 276C
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1534583&asId=2dffbaa2-f741-71db-eb2d-2a6ebf9195ae&tv=%7Bc:i6nEq9,pingTime:0,time:373,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:251%7D,%7Bpiv:100,vs:i,r:,t:373%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:373,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:251,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B143~0%5D,as:%5B143~160.600%5D%7D%7D,%7Bsl:i,t:373,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B0~100%5D,as:%5B0~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tJKe7jy+111%7C112%7C113%7C114%7C115%7C116%7C117%7C118%7C119%7C11a1%7C11b11%7C11c1%7C11d1%7C11d2%7C11e1%7C11e2%7C11e3%7C11e41%7C11f1%7C11f2%7C11g*.1534583-72389193%7C11g1%7C11g2%7C11g3%7C11g4%7C11h%7C11i1%7C11j,idMap:11g*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:252%7D&br=c
Requested by
Host: 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
URL: https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:137e:246c:f226:35e4 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 22:51:26 GMT
server
nginx
x-server-name
dt09.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
truncated
/ Frame 942D
25 KB
25 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3be09dc0c3a62f0a8397706bf1d6fc53d4dbcadf38863aaf6b87ceb0f1eb3d18

Request headers

Referer
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
truncated
/ Frame 942D
25 KB
25 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
32ee695fc5354fb6448cbc5453ec1d15f01c7d5f74539da5f93126188b9fda22

Request headers

Referer
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
star_alliance.svg
s0.2mdn.net/creatives/assets/4669666/ Frame 942D
4 KB
2 KB
XHR
General
Full URL
https://s0.2mdn.net/creatives/assets/4669666/star_alliance.svg
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x67420x0229.html?fbclid=PAAaae-SdJFaTCe2X2Rz0YQJeaF_cmcYz8_lmUJJDaLttsAGULWuQIAYEIFUc_aem_AWqMemsf4qpLbeZbkZhrgOzXLw4pKQpSKaow2V3Sax-iHPbhThvsND2Me74HsU0i7CvE1WRhY0ku0e2hAZgH8ddB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3117435f29e0de48ea6ed19bbe21500a39ac0901bb4962f6b65a938162f54b8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10776139036581716392/index.html?e=69&leftOffset=0&topOffset=0&c=WldR1jgurf&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 22:44:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
426
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1838
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:06:43 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 11 Jul 2023 22:59:19 GMT
MadeOfSwitzerland.svg
s0.2mdn.net/creatives/assets/4669666/ Frame 942D
9 KB
3 KB
XHR
General
Full URL
https://s0.2mdn.net/creatives/assets/4669666/MadeOfSwitzerland.svg
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x67420x0229.html?fbclid=PAAaae-SdJFaTCe2X2Rz0YQJeaF_cmcYz8_lmUJJDaLttsAGULWuQIAYEIFUc_aem_AWqMemsf4qpLbeZbkZhrgOzXLw4pKQpSKaow2V3Sax-iHPbhThvsND2Me74HsU0i7CvE1WRhY0ku0e2hAZgH8ddB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33db53c59f86658a2a1c5a8515a4332b2837162b2ec8c13af379f32f122ea18b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10776139036581716392/index.html?e=69&leftOffset=0&topOffset=0&c=WldR1jgurf&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 22:44:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
426
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2792
x-xss-protection
0
last-modified
Tue, 04 Oct 2022 10:19:40 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 11 Jul 2023 22:59:19 GMT
de_swiss_rgb.svg
s0.2mdn.net/creatives/assets/4669666/ Frame 942D
2 KB
881 B
Image
General
Full URL
https://s0.2mdn.net/creatives/assets/4669666/de_swiss_rgb.svg
Requested by
Host: www.nefisyemektarifleri.com
URL: https://www.nefisyemektarifleri.com/etsiz-nohut-yemegi-248941/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
354a25f44878b2935ae4bb47c8c285c749b3d439526c270e69a0404d01050399
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10776139036581716392/index.html?e=69&leftOffset=0&topOffset=0&c=WldR1jgurf&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 22:42:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
549
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
849
x-xss-protection
0
last-modified
Thu, 15 Sep 2022 15:45:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 11 Jul 2023 22:57:16 GMT
Abendstimmung_Offer_160x600.jpg
s0.2mdn.net/creatives/assets/4669663/ Frame 942D
16 KB
16 KB
Image
General
Full URL
https://s0.2mdn.net/creatives/assets/4669663/Abendstimmung_Offer_160x600.jpg
Requested by
Host: www.nefisyemektarifleri.com
URL: https://www.nefisyemektarifleri.com/etsiz-nohut-yemegi-248941/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6fac11484c63257da7052d00d2d2f8dffd6c68b748a1bf83027684514edad4c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10776139036581716392/index.html?e=69&leftOffset=0&topOffset=0&c=WldR1jgurf&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 22:51:05 GMT
x-content-type-options
nosniff
age
20
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16216
x-xss-protection
0
last-modified
Wed, 16 Nov 2022 16:53:24 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 11 Jul 2023 23:06:05 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 249D
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=Becp07dytZNgWlJD1-A_2gau4AwAAAAA4AeAEAg&bg=!nJ-ln8vNAAb90kgr3dI7ADkAdvg8WiJGDoSvluGLU8bu_U5murHCN7Tb6DHtVKniTY7WW2Pb5XsgsBpWzePaPi0MWT8eQVoTjQUCAAABBFIAAAAHaAEHmQMjxDJn5x9wkgPriWScrNhgA3O4uU7-RZf1oOdkAtd6qV2nyUKh05ahsTvTkpX0f_FUN5VutnUBpec-0_J8tqBSfJsX20OPEekl8Hysd47AxQxKoqxCns1WbUZTTwFXcCvRar_Glz8Zm6Mv8X1FtwxlNaz-SPxaggSwizmsXtx5kSRj2Q1_YPeyjWKvT9cb18XMvQg8zSbalW23wGao76HzpHZC8VFQ2R8ONAfz6rkwFyXkxVfrOgTVFawH5j2F2xKfS29MdUjDNEVOLLO2zEbbcEpUMoFc9QJ4jN6H2th9MEnE_q06hQifgbQ2iGRJwTysEaJse0LAB5dG5eaNwFZe4BY8FkoMCsa2y__1I5LC5CuELixsayT6cRz1m0Hg6bA0twr_BDDJ919LKEvdy5tHi1qCCHZ4ycdn5g1G7Uaes4AUanAHYe1TAmfCfAFpMFLi0ro5d7S7yR2XLMcKIDnH55ZAZ_Q1wmEtQBatIznNHX-38uD6vLvnMJ_h9Mslvyc5r9YA2WqoWWeBVua5XWKySxMyhNtUXWK53VeqSq3E6T5POHdsrR25tPWYHpgwglP2l6Bk6ZWpWgFBB9LQRkJ6-YP-vvGgsIE7j-oiDhMqMWGxXNBJG5NgkesDfRep9F5FX8PcUvctxxGztk1gnKwcOz29mwvWaiC51cWQCPw_TXGCMTtI5sFNYdMURVO9Htycv7ieaAKDbMOjChnsjMLDv93w7a0bAGbhKP4IkZ8zCGqiTEAg-O7OaqE12LiRRulqVg-nzNZHwuvqZADG8csCieC80Yw-AgoIMVq3CO99tuZw2jPfUuT7InhgFdkOCqZE37yIMWrkr2ObIvjFPtgNj6LTn138Tp-q00KU6rNuKd0KpM-B0fYwxyEJjhKDcAj0_r5dHLP_5r15f3TYAaFWsh56Tmfi1XI-3cI8EUnS7dNkz4oIxfg05Cf9SKPFDf3o7mtDMfg-Q7ho66JqtEZwDeo8mHMDReK0Ib2nD_Z28jdpBJuhEdW_elrOQlF7ME-PytOoY5s4-NxJwMqA4WvmQTr0In9iUP-mpqDvaz4krxC9IjE
Requested by
Host: www.nefisyemektarifleri.com
URL: https://www.nefisyemektarifleri.com/etsiz-nohut-yemegi-248941/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 22:51:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B69B
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B3QW27NytZN-PPMHB9u8Pys6SkAwAAAAAOAHgBAI&bg=!AgGlAVXNAAb90kgr3dI7ADkAdvg8Wj_xT78Kf0jjVk0uRP0yjzGBXBxBJQBb9mqhH8XXTCpDMWfqOrwR9tLpeLpmHAbQ2Q7Osq8CAAAA7FIAAAAIaAEHmQMh2GvWIEYMqX-l8ENgH5pOuxMLJoBo-yvPNM5w9YPsH-wIo687KfaqrE2U8ItBAuZNc-OzYcQ8HG1-OXHJb75G_8xYOVdqaBqr1xC83tB-MQ3Jb3W-t16g1gZeVWcToUzoD3uJ5iQUv_xhB3gDfkFgYPzSYscufqbmemNbZ1lgI_hYoAurZrjelj8RSYgVBrqSZeF_3Z8VNl52AAOPLUsTUHdBMB0d-8HddFazgI79Uwaj01tHF03gCHt0ZQHhUEiRxIDd0z3lJYOxxWKBxFG2DnBB6NfZ-lwT6LZZJmZ4EJJG--kJpo8Wh8yKtiaHDTzgul4k6M_fVVl1-ycRWFPEtUNaUqxbuskslB-Oi-qilIpaaeW_1T8DwrMDGmPvoC78JSjIpBQEq7lCC4mh332pQSZ1O-LmoR1nsmb0wwy84to6guZpj2bu7NSNHEYcm112KNyaBkTddTvCHB_UzOb2ZCuhiLlzJbzQ_6MRt6PYlWtpFrFczXFO_4uLJcHuuWrlF3FBf8gUX7nydpOGDC8dF41jtoKZTLc1f0tN_c_ld9Ty0rq1kdZL4vBGKqt941hfU6Ijb29407DhCLeKjM9ltUx-bPFt_UGpXGnugEi-TQMIv0CQCK_CWjP4fJv3aQZPi1i4kfEFhjy8oYsGVIBhmY4tPUWA07X8sim_vBUue-ISqzoYxmEipqFNGTB1Gb3LMBAumPnSiHa2_mHNSxUmMfiPf7F-UYPvQJAxVZXKRaKsTvc68FWQeDIFihWkLJmpz0ftiBcoK91M37pWqun531WgGL6saO4VN54yq4r-8cXvIWfFuZ6Y9vjxOzYoj3tkcf_5Qcg2E-cCgU-X8cgwTpktUvW3aYu8R8czE78d6OnBKiW6IPVliAHsV6Tc7pVyzlZvXgM2dCbqaWt_ghpJE2MZAgYakmzxDgA4xEU5FgaYzlWv5vVv82E4hcJnS1MHQEi5iG_OVjtBc2d4vn1FLQJVk8ZWPMQb9zQwr7WcNe6BD59ADEkVayHXVyfFYwaQQFK4f_umFyGMJ7NFJAD2noenHIAjpgDZNLg2vSiU8KTH
Requested by
Host: www.nefisyemektarifleri.com
URL: https://www.nefisyemektarifleri.com/etsiz-nohut-yemegi-248941/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 22:51:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
JuxDZWINa7otHwaisCqyMSq7iwQyCfHq_LhnNSU0b2U.js
pagead2.googlesyndication.com/bg/ Frame 8AE3
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/JuxDZWINa7otHwaisCqyMSq7iwQyCfHq_LhnNSU0b2U.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
26ec4365620d6bba2d1f06a2b02ab2312abb8b043209f1eafcb8673525346f65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 11:40:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
126649
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14572
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 15:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 09 Jul 2024 11:40:36 GMT
JuxDZWINa7otHwaisCqyMSq7iwQyCfHq_LhnNSU0b2U.js
pagead2.googlesyndication.com/bg/ Frame 4C62
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/JuxDZWINa7otHwaisCqyMSq7iwQyCfHq_LhnNSU0b2U.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
26ec4365620d6bba2d1f06a2b02ab2312abb8b043209f1eafcb8673525346f65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 11:40:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
126650
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14572
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 15:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 09 Jul 2024 11:40:36 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame E183
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvZlECrOhqjsyxciPM4rz4uZqfAGZmCgSQR7yFkWipjdI1PW4YNSkg4PN6z6aWmy4wzWzzowwiv20dEBYXEG4FDFEmySa7mGmosy-mWMcub2-Z5QQkGpYwhMuSS1DIP6GYVMId0rwp6vunx&sai=AMfl-YTGwEcEhoWr3P2PqFUYsdbn2gQeqTHAQ1TLSbOk_R74_v6GmE3He7fAkvJ32Lzp0I6FTrtrF425GrU7&sig=Cg0ArKJSzL4qcbsW6aKqEAE&cid=CAQSGwBpAlJW-kw_mC-yGQ0bPaks-1JyHyfIGRLQmxgB&id=lidar2&mcvt=1023&p=0,0,280,970&mtos=1023,1023,1023,1023,1023&tos=1023,0,0,0,0&v=20230710&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=4082077109&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1689115884196&rpt=845&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 22:51:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 276C
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1534583&asId=2dffbaa2-f741-71db-eb2d-2a6ebf9195ae&tv=%7Bc:i6nEtE,time:590,type:e,im:%7Bimprf:%7Bttecl:717,ecd:140,tsecr:66%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:217,o:373,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:251,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B143~0%5D,as:%5B143~160.600%5D%7D%7D,%7Bsl:i,t:373,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B217~100%5D,as:%5B217~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tJKe7jy+111%7C112%7C113%7C114%7C115%7C116%7C117%7C118%7C119%7C11a1%7C11b11%7C11c1%7C11d1%7C11d2%7C11e1%7C11e2%7C11e3%7C11e41%7C11f1%7C11f2%7C11g*.1534583-72389193%7C11g1%7C11g2%7C11g3%7C11g4%7C11h%7C11i1%7C11j,idMap:11g*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:252,sis:459%7D&br=c
Requested by
Host: 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
URL: https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:137e:246c:f226:35e4 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 22:51:26 GMT
server
nginx
x-server-name
dt07.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5ADD
0
22 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BO7bb7dytZP_2BsHB9u8Pys6SkAwAAAAAOAHgBAI&bg=!fH-lfyvNAAb90kgr3dI7ADkAdvg8WodU_3GZkQN3sWuAY5fFmKxtrtcQmWPNquLRDOyvdkYF13Xoa-t_tv6_ZE73eVBnei1Iz4QCAAABFFIAAAAFaAEHCgBWdvZ4QOrKfJ2rBhh2Ol1aNxrXJsGOXPeKRiomEY7u-TFlVOfzHjYjdIHw8EVapwzBwEvYx3IcYQSPLLU5hjJcHjNgXglF0amU0fo-I3uPxwMogcU3ySCZAy86zbddXkJ7BSflX8pdf1PckJu4YJ9dBDifrrWbkY9jFF70F70ziL_Yeqd0YaF5K36kZpq4wmdZmrMJeQl0Dxmkk9Den6a1yortiUHcR_aA4729-2sx_RdRCY0HQacBzZZ08rjPsFhd9KoBZ0zCPFH6Qla-dIMQfg876-EBXlONdivKJ9Vn6fL1hLIwY-bbCaxty7wHg4B6oJ1KQloE-BHWe3Uv-ccyEDAB-xu1x1BdzcPW0faY-u3zM4VbdJkaFfN863SuUxobG_TlyS_Gexiy3FzRR2iGhNan1_mv_Ji_0b5GHpumabzwd0R-avcdnREXVgAm8ro_t2kuoSbXMbgsG84Sd1zUE7K8TijEKWVzlF2FRy-OA0ucA6Blc03rAZAumO1bIxcs42-MXUIJTUgAxojc2FDhsKBRzO4ldKOF-VcXWb_rjjZH5NrqkWaLNc_5jIEdUrGXbWkZ5jONSe15Hs2ZJ6SJSEUZYoD9E1GoPXkpQryv0qYgQzntrSLw1EzE1_DI-bJX3l-sHm2gz6q_O5Baz2OF8wQeJ1rWalhbDUFgnbXFi3eHxtzDxJ-gWVFo1fvvXc2pGhKlY0aq-VrY_fCr8duBZOiBHeHpxyoRkPzaqCqLBNEGNgNoOrV5fXhyapSZrhD6ZsHcCjB5s-Aze2INp9AH5TuRgBK7yeJojIYcO6BbSv0s-Du1iSWZ3CpuZFDgneY68JF9bcBnxQhn0Lx8bXx2U4Hvp1KmGQTyQTzJlmoRYUBNUBbE2DUSzm8zz0Kx7ao_VpvHFfDuZjLlNLf11U_sOv4XtiARA4v0SQlls8mVZJWhCKyFaWqdn1ihmna54sR39jblBNBvEUan68odR1BqvjOj6-wofKs7vg9fP0uHwgyLKEHfLa7jOTuCvnTq0xTUBTmkuKW2pxBRNTGj8iZ4yRAVNUp2PoEVWYvTO2kyqFHOlvgtz9Y6hOdqITTaQ1YUXnvfdOy5_WYXn615tRK2oecbGYHTFngvGk0jC71h2Hm0L4leCAmS2P8vLCv6siSR4IvQmr0tbiqVxiRNNNmVXEe7Qk37p1Sa0dLsaZfQgDwtkeUD5VDRTw
Requested by
Host: 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
URL: https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 22:51:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame C278
0
17 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~ljyvzi8h&c=7596939883806&slotId=3798469941903&qqid=CNyVi4Lfh4ADFdSh_QcdgVECqQ&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=988&mt=video%2Fmp4&vs=640x360&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.r5&ape=1&ple=1&umsem=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 22:51:26 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 276C
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1534583&asId=2dffbaa2-f741-71db-eb2d-2a6ebf9195ae&tv=%7Bc:i6nEvq,pingTime:-10,time:700,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE0LjAuNTczNS4xOTggU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1689115886244%7C%7Cd43fb5355064665bba67eed6ba6a28b0%7C%7Cdc0a08e416cd7f8471c71ad711523ca3%7C%7Ca5d9c9ea5d772d00e5233e398745cfb3%7C%7C57f0e490bc97099223143a8785c6ee14%7C%7C5f84d895ee31aa227ab9508e340e7242%7C%7C4e18099fd29c509b11446147fcf54620%7C%7Cd806df2e20c1b595893c491bfe666d5a%7C%7C1663701684%7D
Requested by
Host: 2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
URL: https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:137e:246c:f226:35e4 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 22:51:26 GMT
server
nginx
x-server-name
dt11.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
visual.jpg
s0.2mdn.net/sadbundle/12339641061559367785/img/ Frame 9B2A
32 KB
32 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/12339641061559367785/img/visual.jpg
Requested by
Host: www.nefisyemektarifleri.com
URL: https://www.nefisyemektarifleri.com/etsiz-nohut-yemegi-248941/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c881e61f8152dfbd87f6db22ca3d8252455b569c6f72bdad8f5da96dad0ef74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12339641061559367785/index.html?e=69&leftOffset=0&topOffset=0&c=rlPKL8Z2GL&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 16:13:43 GMT
x-content-type-options
nosniff
age
23863
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32368
x-xss-protection
0
last-modified
Fri, 12 May 2023 09:19:47 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 10 Jul 2024 16:13:43 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 63EC
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstTga0sVoiULS3-qSQMCluFgRjzHr4B3O_PUPCtzAKhk-kR-GItNZ15W2uZQZEb8uQQOYrZIW5kIK9_Ya0uWkj5R8ZIcJYKodOMT5YcOfuKaPEXt0FJn6pcc86QMgCvUA1Ty93yLFy03hNp&sai=AMfl-YSJs3YNdTFp8ZSyRK3bFACKW7pZ2hDhPfkTgO6liuQt77Dz-QGhmvfpnTy3g89NiRmILfY4UywNVllihAYBfudBhPCGPcVZG7sXfswkFLYCznA3MogSgBTtuXI&sig=Cg0ArKJSzFFRr8ebMQTXEAE&cid=CAQSOwBpAlJWGRlRduoLJVDvI4dLCYM0Y0A0xIwDcjzBBK2YD1ZZ6FAmZwORfTb9VycXaVd73wiB1VrZvVq0GAE&id=lidar2&mcvt=1000&p=0,119,40,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230710&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4169634498&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1689115884701&rpt=475&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 22:51:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 276C
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstdYxc4zv4q36KAYqfy1N8EZKVRZUV91077Pl_f84tpWGMCxjub4Z4462bm13AVRlRNG-U097ARxp2Tb5ZSHSTU5xJ9T0IUhtkQUNbsqLxq4_jNBD2kvnhsQYnOQ44IHlbMJZRqwnMG8Ua2&sai=AMfl-YT69JczceR_sdRn8xnFilmH9Y209SHFFmVlHNtc8rnDXFoQZrkMsk7BXO8XV-xY9gw0mdo7006ir7HWq7DOKc4_NDxZ6dcFUcBsddtQW-ckXbqoiyMcBXF67fE&sig=Cg0ArKJSzHidHQnk3Ds4EAE&cid=CAQSOwBpAlJWKh_fXRSFD5g-_YJZ7oJXXOcHMpqMvAOjHg--R5qDyuKe1cNiqLHkSkgPiKHaKHXVffOVxdEyGAE&id=lidar2&mcvt=1000&p=0,119,40,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230710&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1855900369&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1689115884826&rpt=518&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 22:51:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 63EC
0
22 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2753371522020&version=m202306200101&ct=76&x=1&cor=1892159041868644400
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 22:51:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
5e2588d56f82ad050a013c2a
ng2.virgul.com/tck/imp/ Frame 82A3
0
222 B
Image
General
Full URL
https://ng2.virgul.com/tck/imp/5e2588d56f82ad050a013c2a?g=1&t=dfpcode&r=153204@site_geneli@nefisyemektarifleri:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgpnyt%3D1%26video%3D1%26rec%3Dbakliyat-yemekleri%26rec_ing%3Ddomates+sal%C3%A7as%C4%B1%40karabiber%40kuru+so%C4%9Fan%40nohut%40pul+biber%40s%C4%B1v%C4%B1+ya%C4%9F%40sivri+biber%40su%40tuz%26nyt_cat%3Dpost&info=&mt=1689115883758&userId=vnetb9cf87df-44c8-4da2-82a0-503c8f3b7d9a
Requested by
Host: www.nefisyemektarifleri.com
URL: https://www.nefisyemektarifleri.com/etsiz-nohut-yemegi-248941/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nefisyemektarifleri.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin
https://www.nefisyemektarifleri.com
date
Tue, 11 Jul 2023 22:51:26 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
print.css
mn.nytcdn.com/wp-content/themes/nytheme/ Frame 82A3
1 KB
1021 B
Stylesheet
General
Full URL
https://mn.nytcdn.com/wp-content/themes/nytheme/print.css?1680961699
Requested by
Host: www.nefisyemektarifleri.com
URL: https://www.nefisyemektarifleri.com/etsiz-nohut-yemegi-248941/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47d8199865dfcfbad460b752d8a5ce4b85dfdf3f46d2d1bc3ef1715909caed5e
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nefisyemektarifleri.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 22:51:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2878
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 24 Mar 2022 06:41:39 GMT
server
cloudflare
etag
W/"623c12a3-58e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zQu1jHuH0cwicr%2FZt2XF9Wi%2BKyP%2BvozL1jWLhmtf0bahtObg0QH2S7LEtIbyfW0c6MxspNaw6BKKYD298vxixBlFjDrZR95Nzq9vDsfWmsJur8%2FdiH3oNMErctFpXSsDIqw1wyCSGGBsB7Wf"}],"group":"cf-nel","max_age":604800}
x-varnish
908092582 908289460
content-type
text/css
access-control-allow-origin
*
x-abc
s3
cache-control
max-age=14400
cf-ray
7e549c750f2490d6-FRA
x-nyt-cache
hit cached
NoktaNpmPlayerApi.js
c1.imgiz.com/player_others/html5/ Frame 82A3
7 KB
3 KB
Script
General
Full URL
https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=19549
Requested by
Host: www.nefisyemektarifleri.com
URL: https://www.nefisyemektarifleri.com/etsiz-nohut-yemegi-248941/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
0b29697868cd68cfd1b5650054cc96ea755016b3242bd26469cdbd4e4f6fc18a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nefisyemektarifleri.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 22:51:26 GMT
content-encoding
gzip
last-modified
Wed, 13 Oct 2021 11:58:21 GMT
server
openresty/1.15.8.3
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
expires
Tue, 18 Jul 2023 22:51:26 GMT
wp-emoji-release.min.js
mn.nytcdn.com/wp-includes/js/ Frame 82A3
18 KB
5 KB
Script
General
Full URL
https://mn.nytcdn.com/wp-includes/js/wp-emoji-release.min.js?ver=6.2.2
Requested by
Host: www.nefisyemektarifleri.com
URL: https://www.nefisyemektarifleri.com/etsiz-nohut-yemegi-248941/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nefisyemektarifleri.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 22:51:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5843
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 18 May 2023 13:12:05 GMT
server
cloudflare
etag
W/"64662425-4904"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1ZUa9QKM5LADbyWSqYNdoGXnBQKf%2Fa9itPUEEAIIzGNxvyTwcBuBWeoosb7CkEEG0y%2F9i9GND1i9cj1bkA0ohvkoyihU2KP%2FQ05%2FjrBcxlSvqRVVHk9%2FUrYBv83Ufyv3yV1u1noJM3I3R7sp"}],"group":"cf-nel","max_age":604800}
x-varnish
102338829 101907530
content-type
application/javascript
access-control-allow-origin
*
x-abc
s3
cache-control
max-age=14400
cf-ray
7e549c751f2c90d6-FRA
x-nyt-cache
hit cached
sodar
pagead2.googlesyndication.com/getconfig/ Frame 82A3
15 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202307060101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1195a2e0e487e8151d66029c2cb2c54d0872fb6020d7d6bb43058cab35b995be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nefisyemektarifleri.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 22:51:26 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11700
x-xss-protection
0
dt
dt.adsafeprotected.com/ Frame 276C
0
0

dt
dt.adsafeprotected.com/ Frame 276C
0
0

sodar2.js
tpc.googlesyndication.com/sodar/ Frame 82A3
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nefisyemektarifleri.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 22:51:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 11 Jul 2023 22:51:26 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 82A3
345 KB
119 KB
Script
General
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=19549
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cbcb528af7c43cf9a3bad6ba2c2539e89722848b62ea05d11be29ea1949eafd5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nefisyemektarifleri.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 22:51:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
121723
x-xss-protection
0
expires
Tue, 11 Jul 2023 22:51:26 GMT
NoktaPlayer.js
c1.imgiz.com/player_others/html5/ Frame 82A3
30 KB
0
Script
General
Full URL
https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=7/11/2023
Requested by
Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=19549
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nefisyemektarifleri.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 22:51:27 GMT
content-encoding
gzip
last-modified
Mon, 29 May 2023 18:51:56 GMT
server
openresty/1.15.8.3
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
expires
Tue, 18 Jul 2023 22:51:27 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FF36
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nefisyemektarifleri.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
32851
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 11 Jul 2023 13:43:56 GMT
expires
Wed, 10 Jul 2024 13:43:56 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame F55F
783 B
535 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-khD8rIWLlbbwQ02mi6q4ig' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nefisyemektarifleri.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-khD8rIWLlbbwQ02mi6q4ig' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 11 Jul 2023 22:51:27 GMT
expires
Tue, 11 Jul 2023 22:51:27 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
64072230e4b01f2c7579523a
ng.virgul.com/tck/i_vb2/ Frame 82A3
0
0

5e2588ae6f82ad050a013a58
ng.virgul.com/tck/i_vb2/ Frame 82A3
0
0

5e2588ae6f82ad050a013a56
ng.virgul.com/tck/i_vb2/ Frame 82A3
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
dt.adsafeprotected.com
URL
https://dt.adsafeprotected.com/dt?advEntityId=1534583&asId=2dffbaa2-f741-71db-eb2d-2a6ebf9195ae&tv=%7Bc:i6nEGi,pingTime:1,time:1374,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:251%7D,%7Bpiv:100,vs:i,r:,t:373%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:1001,o:373,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:251,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B143~0%5D,as:%5B143~160.600%5D%7D%7D,%7Bsl:i,t:373,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:179,fm:tJKe7jy+111%7C112%7C113%7C114%7C115%7C116%7C117%7C118%7C119%7C11a1%7C11b11%7C11c1%7C11d1%7C11d2%7C11e1%7C11e2%7C11e3%7C11e41%7C11f1%7C11f2%7C11g*.1534583-72389193%7C11g1%7C11g2%7C11g3%7C11g4%7C11h%7C11i1%7C11j,idMap:11g*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:252,sis:459%7D&br=c
Domain
dt.adsafeprotected.com
URL
https://dt.adsafeprotected.com/dt?advEntityId=1534583&asId=2dffbaa2-f741-71db-eb2d-2a6ebf9195ae&tv=%7Bc:i6nEGj,pingTime:1,time:1375,type:c,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:251%7D,%7Bpiv:100,vs:i,r:,t:373%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:1002,o:373,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:251,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B143~0%5D,as:%5B143~160.600%5D%7D%7D,%7Bsl:i,t:373,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1002~100%5D,as:%5B1002~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:179,fm:tJKe7jy+111%7C112%7C113%7C114%7C115%7C116%7C117%7C118%7C119%7C11a1%7C11b11%7C11c1%7C11d1%7C11d2%7C11e1%7C11e2%7C11e3%7C11e41%7C11f1%7C11f2%7C11g*.1534583-72389193%7C11g1%7C11g2%7C11g3%7C11g4%7C11h%7C11i1%7C11j,idMap:11g*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:252,sis:459,metricId:grpm1,cmr:t%7D&br=c
Domain
ng.virgul.com
URL
https://ng.virgul.com/tck/i_vb2/64072230e4b01f2c7579523a?l=&r=153183@site_geneli@nefisyemektarifleri:site_geneli&cs=1689115887024&userId=vnetb9cf87df-44c8-4da2-82a0-503c8f3b7d9a
Domain
ng.virgul.com
URL
https://ng.virgul.com/tck/i_vb2/5e2588ae6f82ad050a013a58?l=&r=153184@site_geneli@nefisyemektarifleri:site_geneli&cs=1689115887024&userId=vnetb9cf87df-44c8-4da2-82a0-503c8f3b7d9a
Domain
ng.virgul.com
URL
https://ng.virgul.com/tck/i_vb2/5e2588ae6f82ad050a013a56?l=&r=153185@site_geneli@nefisyemektarifleri:site_geneli&cs=1689115887025&userId=vnetb9cf87df-44c8-4da2-82a0-503c8f3b7d9a

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| onbeforetoggle object| onscrollend function| cloakan string| data object| xmlHttp number| data2 string| hash object| ifrm

37 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: IDE
Value: AHWqTUlkTeqy770ERCMyWbtQwr0xsK-IEQLy-SUUbKXQ7R4nlOoO1Sqa09RKANpTxbY
.hspvst.com/ Name: VI2677
Value: %7B%22time%22%3A1689115884%2C%22utid%22%3A%2260e44280cb21f65c6c1bc3d976d41f52%22%2C%22t%22%3A%22P%22%2C%22s%22%3A%22%22%7D
.hspvst.com/ Name: VIP2677
Value: 1
.casalemedia.com/ Name: CMID
Value: ZK3c7JItjehVWzs..FW3SAAA
.casalemedia.com/ Name: CMPS
Value: 5189
.casalemedia.com/ Name: CMPRO
Value: 5189
.adnxs.com/ Name: uuid2
Value: 4942359044130192309
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2E?htAMue!]tbPl1M>e)ZlrFUfJ+tGXxp6DH$-BLzTC_ZSP*nKhNR(V]<QFOyzL9lV$6?3If)y3KL9D3I?--4Hfl/
.doubleclick.net/ Name: APC
Value: Aa3gxNohZd2W-GUNMG7bOqnqmXedaaPo0gYophpTvrzMjxyUiiGQbQ
.ctnsnet.com/ Name: cid_e1081226f2df400eb183218c88eb4371
Value: 1
.ctnsnet.com/ Name: gid_CAESECJsILMId5rW8dsgw4L83jg
Value: 1
.adfarm1.adition.com/ Name: UserID1
Value: 7254697485232896151
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.w55c.net/ Name: wfivefivec
Value: rNYocAs91QjmcB5
.3lift.com/ Name: tluid
Value: 3550178145837086847089
.quantserve.com/ Name: d
Value: EAkBCQG4KYEA
.quantserve.com/ Name: mc
Value: 64addced-473bb-4ad87-16ecd
.360yield.com/ Name: tuuid
Value: 746309d7-c000-431b-a674-28c9cc3308a5
.360yield.com/ Name: tuuid_lu
Value: 1689115885
.adform.net/ Name: C
Value: 1
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 47B75459-AF9F-44CA-A79E-5EEC542CB33C
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-d31a465d-2612-4819-880a-62be39e763be-003%22%7D
.doubleclick.net/ Name: DSID
Value: NO_DATA
.quantserve.com/ Name: sp
Value: CgsI2WUSBgjtubelBg==
.bidswitch.net/ Name: tuuid
Value: 2c904e7c-1719-4cc0-a134-5aa114d71e23
.bidswitch.net/ Name: c
Value: 1689115885
.bidswitch.net/ Name: tuuid_lu
Value: 1689115885
.simpli.fi/ Name: suid
Value: EA2ED22C10FA4FF8BBD9D899C80FC3DE
.mathtag.com/ Name: mt_mop
Value: 4:1689115886
.adform.net/ Name: uid
Value: 1193591822016332957
.de17a.com/ Name: guid
Value: 1.8562915577072696682
.yahoo.com/ Name: A3
Value: d=AQABBO3crWQCENDUAMtLJW-u2zHzf2IcRf4FEgEBAQEur2S3ZAAAAAAA_eMAAA&S=AQAAAmwPo4Jn2KwbClMKuruQyxU
m.exactag.com/ Name: exactag_new_gk
Value: 98227831e3b84c008032fbc21f7d1b65%7C09.09.2023%2022%3A51%3A25
m.exactag.com/ Name: exactag_new_uk
Value: 98b7a8a8eb0341ba8f5ac7ae90fc3ca1%7C
m.exactag.com/ Name: session_session
Value: fa645cabfb17487db5af3774
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-d31a465d-2612-4819-880a-62be39e763be-003%22%7D
.tribalfusion.com/ Name: ANON_ID
Value: aWnseFujieEo7YxU36h42cjZdMcSUdXOGDV5bZbVYajLkhFTOZdppwFt2ZcxhYaAwpTFXW2AJg1a52P3aA9S3rWt

2 Console Messages

Source Level URL
Text
network error URL: https://pcloak.blob.core.windows.net/web/jquery.min.js
Message:
Failed to load resource: the server responded with a status of 404 (The specified blob does not exist.)
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3279755397&plat=1%3A512%2C2%3A512%2C3%3A512%2C4%3A512%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1081856%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689115883954&bpp=4&bdt=683&idt=219&shv=r20230710&mjsv=m202306290101&ptt=9&saldr=aa&nras=1&correlator=3311523031480&frm=24&ife=1&pv=2&ga_vid=1596421245.1689115884&ga_sid=1689115884&ga_hid=71987472&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1843544316&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759875%2C44759926%2C31075758%2C31075881%2C44788442%2C21065724&oid=2&pvsid=413980555089297&tmod=845280809&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.i0yur3un8s5j&fsb=1&dtd=232
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2c2d8e643e1d178926aa1c2ea8e50a45.safeframe.googlesyndication.com
a.tribalfusion.com
aax.amazon-adsystem.com
ads.w55c.net
adservice.google.com
ampcid.google.com
ampcid.google.de
bid.g.doubleclick.net
bitbeat7.com
c.amazon-adsystem.com
c.nefisyemektarifleri.com
c1.adform.net
c1.imgiz.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
csi.gstatic.com
cti.w55c.net
d5p.de17a.com
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
eb2.3lift.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
feed.pghub.io
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
gcdn.2mdn.net
gcm.ctnsnet.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
i.nefisyemektarifleri.com
i.w55c.net
i2.nefisyemektarifleri.com
ib.adnxs.com
image6.pubmatic.com
imasdk.googleapis.com
istr-n23.nktcdn.com
istr.izlesene.com
logger.virgul.com
m.exactag.com
match.360yield.com
mn.nytcdn.com
ng.virgul.com
ng2.virgul.com
onetag-sys.com
pagead2.googlesyndication.com
panel.izlesene.com
pcloak.blob.core.windows.net
pghub.io
pixel.rubiconproject.com
placehold.jp
pr-bh.ybp.yahoo.com
r1---sn-4g5ednss.c.2mdn.net
rtb.openx.net
s.tribalfusion.com
s0.2mdn.net
secure.adnxs.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
static.adsafeprotected.com
static.virgul.com
sync.1rx.io
sync.mathtag.com
sync.targeting.unrulymedia.com
sync.teads.tv
t.hspvst.com
tpc.googlesyndication.com
um.simpli.fi
ups.analytics.yahoo.com
www.cloakan.co
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.nefisyemektarifleri.com
x.bidswitch.net
dt.adsafeprotected.com
ng.virgul.com
108.138.37.209
13.248.245.213
142.250.13.154
142.250.185.130
154.58.197.185
160.16.238.49
172.217.18.2
178.250.1.9
18.173.159.32
18.192.77.207
18.203.168.4
185.29.132.245
185.7.176.221
185.7.176.222
185.7.176.223
185.7.176.4
185.80.39.216
185.86.139.102
185.89.210.90
198.47.127.19
20.60.220.36
2001:4860:4802:32::3
213.155.156.168
213.202.235.9
23.192.153.28
2600:1f13:800:7781:137e:246c:f226:35e4
2600:9000:20c3:bc00:3:4706:a6c0:93a1
2600:9000:26da:1800:1b:f040:3600:93a1
2600:9000:26da:fe00:8:48e:53c0:93a1
2606:4700:10::6814:e66f
2606:4700::6812:18ad
2620:116:800d:21:ef75:8280:f209:5ba1
2a00:1450:4001:6b::6
2a00:1450:4001:800::2002
2a00:1450:4001:808::2008
2a00:1450:4001:809::2002
2a00:1450:4001:809::2003
2a00:1450:4001:80b::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::200e
2a00:1450:4001:811::2002
2a00:1450:4001:811::200e
2a00:1450:4001:812::2001
2a00:1450:4001:827::2004
2a00:1450:4001:828::200e
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2006
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::200e
2a00:1450:4001:830::200e
2a00:1450:4001:831::200a
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a05:d018:d29:3601:40e6:3444:17d5:43eb
2a06:98c1:3120::3
3.75.62.37
31.3.2.72
34.102.243.38
34.248.62.209
35.186.193.173
35.204.74.118
35.227.252.103
35.241.45.217
37.157.6.237
46.228.174.117
51.89.9.252
52.212.148.89
69.173.144.165
77.245.159.14
85.114.159.93
99.84.88.66
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
00e8a28586e393b1b23d23dec44dcfa2b38a457a287d33c5f0d8ef9008257387
01809882be6214883d2ace81489261074e4f535c00b81fef0a8e740a62bbdc21
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
08530601e844dcb94572748ea68fbf5b050c163d578ed8a20c2891e6c64fc064
0b29697868cd68cfd1b5650054cc96ea755016b3242bd26469cdbd4e4f6fc18a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ba9d330b78f248ea27a859a13a86a8d65e737a6f79f1370f0a52cb7a06e292a
0d6a32dfb02fde613154a6937354aced12a0180e4c1fe6dec9e2cf4073b723bd
0fd0e821ef47075614e9500f81f2077fef9be630b5a63bd40a10b7922026aed7
1150d8dd179e6cfc48aba67d1c483f57bc897e4bfb20aa1603366b666c9e0adf
1195a2e0e487e8151d66029c2cb2c54d0872fb6020d7d6bb43058cab35b995be
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
175c106d387520c55fa4e30c138847d3da86b2ab8f70f2a3168801fc48b0e5f0
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
18e7f3232e16c5af1b4d3192ed6be46c39b4902ecef8717b7a1dc69da6b8fe34
19876dc14b687dbd36c0a9fe05bc73a9ddfc34da771137be8d2ed93ab2585644
1a756bda29a09d6fb12756106e90cfc9a068244c340f128b19207109d706014b
1ad5747edeb5f3e7d0a61b217844a817c7c1d48f0fecdec3d20580230f40c339
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
1f8d3780b783aec3093ff0950023e2f3da6ba5ff68297dd00b9c9ff0bdcdbda7
201cf00ac07e77740f495f99ec55a485cab9215bf093f0139e731bc5d7595082
26ec4365620d6bba2d1f06a2b02ab2312abb8b043209f1eafcb8673525346f65
27961ab8c37cddad89230364167c048c6377a80e38542a5ffbca600faf4098ea
2af1b8e91e1ea0f27fab2f6bac1dd1d81867b7a2a8d7cef1084fa39309e0ac6f
2c0b4cb7dced20c65ea2309b62a78e048f299549d8084e4eeadad4efdf1766a9
2da988427b34614d705adbf808e2e61d91f67bf147db9049e34c99b3624171e8
2ef84904ec7747868537822254d1191370aabad9d95ac86536390eb827fc0908
3117435f29e0de48ea6ed19bbe21500a39ac0901bb4962f6b65a938162f54b8f
312ea37c961106b2df0601ca18d37f89c74ec7b28932d79c012c0864169a11ed
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
31fcf70b02f21d93a4b8d8fd817c7e0eff63c12c3665098f44a342f5bffe9a96
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32ee695fc5354fb6448cbc5453ec1d15f01c7d5f74539da5f93126188b9fda22
33db53c59f86658a2a1c5a8515a4332b2837162b2ec8c13af379f32f122ea18b
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
354a25f44878b2935ae4bb47c8c285c749b3d439526c270e69a0404d01050399
38312b284a104dfa32e4ecfe73f542a66e04fb259e9bcd5e581e45bdeb677487
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3ac22a80a1517c4b3751f554c5ea17e9906473d3fff568baa668e37588ba753d
3b9166033e13e81c852194510ca321d03a0f3e0f8196cc84858c874a32a0adf4
3be09dc0c3a62f0a8397706bf1d6fc53d4dbcadf38863aaf6b87ceb0f1eb3d18
3c881e61f8152dfbd87f6db22ca3d8252455b569c6f72bdad8f5da96dad0ef74
3da90bde27fee4f5ade69c8712a93955fa6f00fe97577a7f26a0496b9d51b121
3e9569df702eb478e6e7699775a0f555b64ef9e89d89a81742bc97c7803dba96
3ea555c1e979c28e1d20d729c64ff36b267b83dcabdefe96460d9ae860e4082f
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f2a26d864ec17d1dddb16b99a884abfb77c315ee0c49522de958b06c0c3ee6d
435205911189c1d7f16109a127f2dc4f3c0dbab6d8d226088216bd5c6c3ef9ab
4621960c2ce01b405da6b6652f322bd8904f3e0d867daf7db9dd5d5ad6cc6491
464be521d749b2ba1c7e8c1f87223b56a03ee0bd05484baa0e9067ce9eb9d2be
4651fd93f167c3620b534c30bc23ae2a2e7cf742621d8e6d12553c09c388284a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
47d8199865dfcfbad460b752d8a5ce4b85dfdf3f46d2d1bc3ef1715909caed5e
484eef6459e8a58c19115f287339366d82a7c2beeb7a35c7e16789b592515aec
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b5c05892bdce212e19d0503253b600faaeedca47fa2db97964d412c8c11934e
4b7d8e9e3fcf576554fb627441842f75490a7ad42fb89bbc00aed6e9c208d189
4cd8527ea46e45c657ae0a65f4b2cef4e3fd6a5acd68f436a6ceaf7ad12eebed
4cdcad98da3ff05ec728754dabdeaeaf5031bb1530f8cc418c820581e97b26f4
4d79af9825f1664a8d0a014d047a1b0c98e89648edd655de1f66143c9bbba534
4d97d2f204c48ceadcc2f5b86ba6bf25987c6f7c43c8dd7fee7a2847e6a71f4f
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
53ee5ad93dc23224b5d9ec613e93e7e006bdbea82e880c02be4e948a297edb57
53fe8422ed4742589fa5494ec2615bc58525c89a62a54755f77778dd8661630f
597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf
5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b
64bba7358df0b70cff3572ee3e5a2eee51ae741c86167cd529bc7af0e15682a6
66413d92e3b48b21f37de7968a4c6ee6dafb956f4963d0557959a3d10db2c492
6823cdc5c5bc297bd4ac06187687fecb2a5c110658ebd5efba820132571fe6a2
6fac11484c63257da7052d00d2d2f8dffd6c68b748a1bf83027684514edad4c3
7031af00729209abd53f8e19a20c8b5970439a80d48990de31c8685ffe564fbd
70b9f9cb8f1feda701490e7fa560a0a2e0309ef259f9d74b301c9712e56efa56
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7876391f25f26ccf3297d78d34a1922dcc16c54fcaa51e8622e90bbc6fc96e80
79c277fbe5ccce5c88a681d39733fba8d6c31f1812f8952ec3a5e35b2b0beab4
79cbf9d3dc9d8df1616dd585c95022e1104e8b2700974ba07a9c1a26187bf3e3
7a275065d1843e7068685f13f7a0374b5a2756e41293faaaedc5cfa360014824
7b6ad08a66b7925e557e069b9c9fcab676f04fbc22535b7b12c0d8eca8d48803
7cc53b9adf139d3c48666f76e1d316281c5e9065f7eeaa3fb329057c397f83e5
7d4095ea226f3f80d6d4fc62e3737dd5107fd9d4aa4a443cac11378b102f64b6
7ef7148f577d4b8db5481c0c82ec42fc53e2b2d3c7f83b2662977759f58477ea
82ee1e40c5621a84f4cd861d9d7212c7bb94ffde5bdf1bc8cb1f4e32dff9c4e0
831c363d3e741b5551ee5bea6d427cdefb6303d735ff547ebcc7a1a5ffccff99
886a2ff3ff2a76e50d8387582d03539c71d06dbd4314cd8cc955ea08b5cf752f
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b279f62d8ab632481b6d6fda4c49c8b9ee7fd77988c13e4b8baa7007d37b10c
9ddc6600d27eef589fc81f168ebaed0fd98c2afd3004935b3f75bb7ccd9aa688
9e83314d333416d003a14ff991793feefefe12184980a4f081c0465cda5dc8da
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a2c2dc02f807ed24b4676773299c7934e0e1b746bb37b41a088902abecfdcb34
a2ff6717bd218c66ffde415472bdaf58a1384725840a862a466317727eaaab1b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a774d6d69744d8d30c9c2e5139e5bc2dc55ebe47d5adc0c2a77d9ddebaae6370
a883e74d2f7c31294beaf47eb691d0fa07414cc3ef857e53b768960c94f23a31
a9f55a9e4658a9960455f9485c446ea9874f2590ae283801311d84e908536cc2
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
add347e23d6d68d50f456f663e081078bf03026f868ca4aa31e6b0f8f5354e01
aeac4ebed11cf054b58fc877bbde0d561e61c2cc80f7ed01df60fa884c0dd13d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b29ef90ab1c7c70fc47d2d1806b5526c84d81a4053c41789fd0bd7842018038c
b3944f49dff08c01aaa04c97cecc55aafe381b05c7af1a8728725458e066c46f
b445986c019347798ad617e4f430afca3618c8284e21bb0af67e57c349610fb8
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
bac1442ad76b8ed33d4a4a61e05f8ea6284a31f65ca1fa9cb2a7ba8cb0c93c5b
bc63e14bc579599e80c325c723a80ade67a77f614e1376c769a44d1f43d7f840
bd4d8b7f56b06140ad3542041b66f635d9cbd4e0da6cc7d17a0e16d014aa2498
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
bea17c8870ba8dae9515993b5c55b65437f03f0e2672e1c3d3dbe7872dd74e5c
c37e721a803d1e37439533716bd2ae47c0369fe38a511b0eff753fcbd11ed973
c4f393315ffc75417c9c350e709bbcca2d2e9d5640fa0925b32088ff1ed6c84f
c7992f89295dc516db9548282b34c7b6e8cfa345ce86f1ed4a6420389bd77bb0
c80365b3d61748da70094a8ea95488ae260e3f6051d830f590a54b82cf795141
c8da45626edae55c76cee4eaf4867a8301ca7980ade6751502f20bbf0b27a22f
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cbcb528af7c43cf9a3bad6ba2c2539e89722848b62ea05d11be29ea1949eafd5
cde2d86c6323204b3e715d09b58ab41ecf370b5a10cb1d61fa76b77e0a0a75c0
cf906196a7c1414e11983955e101a051d55a864f2bc9fd52a453d952d92fd9b5
cff57bb539a961e5816127eb4b662175d6a1c92917effe0f943de85c35911101
d076633408bf78e086b9125a46176d2fdeaf3a5d5b52bb9b3a9d562cea646006
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d22d46c8634370ea3db9cef192614da0f698628dd8625fda01ee205d74c2cddb
d3002e63c4d3d76bb53d4618f047d2c0a50b692602ea8d6f19ef19bd1dfade34
d9fd0aeda423bd39a36871759ef7b17dab3d51e5981cd5839103f990b8b9ef60
dbc211260f3fb81e545fbebe8be8c367ebe670a585e60e1ec58524c06723ecbc
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
decfbe8c158a2cba02ca73b8bdf79f27b58757217a01cf6a492feb29d25d9458
e0757fc98355b7ff4d0bdc506c1ef2aa69aac074686194c2e7690ffdc913035a
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e8090651b52c256938df2fb0582f24521fe0476939aab81d01b7f31a7ac75beb
ec71b67d2791201d5d8b71b62df5b5d299636fe9d721a818d4712139dd19d63b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6da869b814fa204f7109593d8e47387126a282befa031432539fbae24e81cd3
f86c74a7863cd1fa2343f0371ccbac47085bdb301f0df1785c5a4337bd044d24
f91e084516b5705858547aee3a7d3659a15c5af7fe56cb0c604d96838b4de112
fed4ec348a9d1021f19419fe3ffee35e4aaca192ba7cb78571f5222265f0437d
ff1ea82759f4df729f7ee24dac62805f05a2fc79c7ca4cb518a072a11835e884